| |
| |||||||
Log-Analyse und Auswertung: Telekom Rechnung November 2014Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
12.11.2014, 09:40
| #1 |
| |  Telekom Rechnung November 2014 Leider handelt es sich nicht um meinen eigenen Rechner. Eine Bekannte hat am 07.11.2014 eine Mail erhalten, Absender Telekom. Sie hat den Download durchgeführt, zu dem sie in der Mail aufgefordert wurde und jetzt merkwürdige Effekte, wenn sie Onlinebanking aufruft. Ich selbst habe erst morgen Zeit an den Rechner zu kommen, sie aber gebeten schon mal das Tool FSRT64.exe auszuführen. Vielen Dank für Eure Mühe FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by PC_Schoch_1 (administrator) on ANDREA on 11-11-2014 20:55:20
Running from C:\Users\PC_Schoch_1\Desktop
Loaded Profile: PC_Schoch_1 (Available profiles: PC_Schoch_1)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSPortMonitorCommunicator.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Nemetschek Vectorworks, Inc.) C:\Program Files (x86)\Vectorworks2012\Vectorworks2012.exe
(Nemetschek Vectorworks, Inc.) C:\Program Files (x86)\Vectorworks2012\Vectorworks2012.exe
(Nemetschek Vectorworks, Inc.) C:\Program Files (x86)\Vectorworks2012\Vectorworks2012.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [357936 2009-08-28] (Acronis)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-24] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-08-30] (EasyBits Software AS)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5078416 2009-08-28] (Acronis)
HKLM-x32\...\Run: [ROC_ROC_NT] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ItalusUploader] => C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe [398336 2013-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1727187631-800357886-643226720-1000\...\Run: [qwmyejuk.exe] => C:\Users\PC_Schoch_1\AppData\Roaming\Identities\qwmyejuk.exe [286208 2009-07-14] (Music)
HKU\S-1-5-21-1727187631-800357886-643226720-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1727187631-800357886-643226720-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\PC_Schoch_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1727187631-800357886-643226720-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-23] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\PC_Schoch_1\AppData\Roaming\Mozilla\Firefox\Profiles\jdolthy0.default
FF SelectedSearchEngine: AVG Secure Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\PC_Schoch_1\AppData\Roaming\Mozilla\Firefox\Profiles\jdolthy0.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-10-16]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aejpijcgafgphijcoplgdcpoaoalgcje] - C:\ProgramData\SaveByclick\aejpijcgafgphijcoplgdcpoaoalgcje.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [804144 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [993584 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4970384 2013-03-28] (CANON INC.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2012-01-13] (Acronis)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-11 20:53 - 2014-11-11 20:53 - 00033240 _____ () C:\Users\PC_Schoch_1\Desktop\Addition.txt
2014-11-11 20:51 - 2014-11-11 20:55 - 00017590 _____ () C:\Users\PC_Schoch_1\Desktop\FRST.txt
2014-11-11 20:50 - 2014-11-11 20:55 - 00000000 ____D () C:\FRST
2014-11-11 20:49 - 2014-11-11 20:49 - 02116096 _____ (Farbar) C:\Users\PC_Schoch_1\Desktop\FRST64.exe
2014-11-11 09:07 - 2014-11-11 09:07 - 00001886 _____ () C:\Windows\SysWOW64\hs_err_pid4656.log
2014-11-10 18:58 - 2014-11-10 18:58 - 00000000 __SHD () C:\Users\PC_Schoch_1\AppData\Local\EmieUserList
2014-11-10 18:58 - 2014-11-10 18:58 - 00000000 __SHD () C:\Users\PC_Schoch_1\AppData\Local\EmieSiteList
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-20 16:16 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-20 16:16 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-17 10:00 - 2014-10-17 10:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-17 10:00 - 2014-10-17 10:00 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-17 09:38 - 2014-11-07 12:06 - 00000287 _____ () C:\Users\PC_Schoch_1\AppData\Local\VersionChecker_19.xml
2014-10-17 09:38 - 2014-10-17 09:38 - 00000026 _____ () C:\Users\PC_Schoch_1\AppData\Local\getnuserver.php
2014-10-17 09:38 - 2014-10-17 09:38 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Local\SafeNet Sentinel
2014-10-17 09:38 - 2014-10-17 09:38 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-10-17 09:37 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-10-17 09:37 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-17 09:34 - 2014-10-17 10:16 - 00000145 _____ () C:\Users\PC_Schoch_1\Desktop\Info-Vectorworks.txt
2014-10-17 09:26 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-17 09:26 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-10-17 09:26 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-17 09:26 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-17 09:26 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-17 09:26 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-17 09:26 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-10-17 09:26 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-10-17 09:24 - 2014-10-17 09:24 - 00001097 _____ () C:\Users\PC_Schoch_1\Desktop\Vectorworks2014.lnk
2014-10-17 09:22 - 2014-10-17 09:23 - 00000000 ____D () C:\Program Files (x86)\Vectorworks 2014 Hilfe
2014-10-17 09:17 - 2014-10-17 09:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-17 09:16 - 2014-10-17 09:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks2014
2014-10-17 09:10 - 2014-10-17 09:59 - 00000000 ____D () C:\Program Files (x86)\Vectorworks2014
2014-10-16 08:19 - 2014-10-16 08:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-16 07:46 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 07:46 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 07:46 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 07:46 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 07:46 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 07:46 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 07:46 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 07:46 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 07:46 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 07:46 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 07:46 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 07:46 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 07:46 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 07:46 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 07:46 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 07:46 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 07:46 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 07:46 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 07:46 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 07:46 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 07:46 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 07:46 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 07:46 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 07:46 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 07:46 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 07:46 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 07:46 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 07:46 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 07:46 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 07:46 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 07:46 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 07:46 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 07:46 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 07:46 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 07:46 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 07:46 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 07:46 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 07:46 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 07:46 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 07:46 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 07:46 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 07:46 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 07:46 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 07:46 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 07:46 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 07:46 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 07:46 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 07:46 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 07:46 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 07:46 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 07:46 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 07:46 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 07:46 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 07:46 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 07:46 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 07:46 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 07:46 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 07:46 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 07:46 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 07:46 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 07:46 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 07:46 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 07:46 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 07:46 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 07:46 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 07:46 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 07:46 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-16 07:46 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-16 07:46 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-16 07:46 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-16 07:46 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-10-16 07:45 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 07:45 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 07:45 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 07:45 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 07:45 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 07:45 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 07:45 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 07:45 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 07:45 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-16 07:45 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-16 07:45 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-10-16 07:45 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-16 07:45 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-10-13 13:28 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-13 13:28 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-13 13:28 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-13 13:28 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-11 20:51 - 2011-11-18 12:18 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Local\CrashDumps
2014-11-11 20:47 - 2011-11-14 10:30 - 00000000 ____D () C:\Users\PC_Schoch_1\Documents\Outlook-Dateien
2014-11-11 20:03 - 2013-02-12 17:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-11 10:43 - 2011-04-23 00:44 - 01340450 _____ () C:\Windows\WindowsUpdate.log
2014-11-11 09:10 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-11 09:10 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-11 09:06 - 2011-04-23 01:22 - 11573022 _____ () C:\Windows\system32\perfh007.dat
2014-11-11 09:06 - 2011-04-23 01:22 - 03559510 _____ () C:\Windows\system32\perfc007.dat
2014-11-11 09:06 - 2009-07-14 06:13 - 00006504 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-11 09:02 - 2012-09-20 18:41 - 00034272 _____ () C:\Windows\setupact.log
2014-11-11 09:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 22:07 - 2012-02-10 14:31 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-11-10 22:06 - 2011-11-13 19:30 - 00000000 ____D () C:\Users\PC_Schoch_1
2014-11-10 15:22 - 2012-02-07 09:19 - 00000356 _____ () C:\Windows\Tasks\HPCeeScheduleForPC_Schoch_1.job
2014-11-10 11:04 - 2012-02-07 09:19 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPC_Schoch_1
2014-11-10 11:04 - 2011-11-28 14:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-10 11:04 - 2011-11-14 18:16 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-11-04 12:23 - 2011-11-14 12:18 - 00000287 _____ () C:\Users\PC_Schoch_1\AppData\Local\VersionChecker_17.xml
2014-10-28 08:57 - 2009-07-14 05:45 - 00420416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 05:34 - 2011-11-13 19:48 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-17 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 10:11 - 2011-11-14 12:00 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Local\Adobe
2014-10-17 10:10 - 2013-02-12 17:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 10:10 - 2012-04-12 08:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 10:10 - 2011-12-07 09:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-17 10:06 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 10:04 - 2012-11-02 09:17 - 00164712 _____ () C:\Windows\PFRO.log
2014-10-17 10:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-17 10:00 - 2011-11-18 18:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-17 10:00 - 2011-11-14 12:02 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-17 09:56 - 2011-11-13 19:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 09:37 - 2013-08-14 17:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 09:36 - 2013-03-05 15:25 - 00000287 _____ () C:\Users\PC_Schoch_1\AppData\Local\VersionChecker_18.xml
2014-10-17 09:36 - 2013-03-05 15:11 - 00000000 ____D () C:\Program Files (x86)\Vectorworks2013
2014-10-17 09:19 - 2013-03-05 15:18 - 00014611 _____ () C:\Windows\aksdrvsetup.log
2014-10-17 09:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-10-17 08:10 - 2012-09-18 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-14 15:24 - 2011-11-18 18:27 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Roaming\TeamViewer
2014-10-14 10:40 - 2013-08-05 13:42 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 10:40 - 2013-08-05 13:41 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 10:40 - 2013-08-05 13:41 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-13 13:18 - 2011-12-15 08:18 - 00003214 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForANDREA$
2014-10-13 13:18 - 2011-12-15 08:18 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForANDREA$.job
Some content of TEMP:
====================
C:\Users\PC_Schoch_1\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 10:16
==================== End Of Log ============================
[/CODE] Addition.txt FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by PC_Schoch_1 at 2014-11-11 20:53:04
Running from C:\Users\PC_Schoch_1\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
8600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8600_Readme (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Acronis*True*Image*Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5029 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Connect Add-in (HKU\S-1-5-21-1727187631-800357886-643226720-1000\...\Adobe Connect Add-in) (Version: - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{3001791D-2CA6-6FE3-BE0F-8EA7522B32D4}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}) (Version: 2.2.0.0 - ATI Technologies Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (x32 Version: 2010.1123.1002.17926 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Color Network ScanGear Ver.2.71 (HKLM-x32\...\{4E5CA273-5771-450A-AFDD-C58DAD9205DC}) (Version: 2.71.0000 - CANON INC.)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deinstallationspr. Druckertr. PCL (HKLM\...\PCL Printer Driver) (Version: 6, 0, 1, 0 - Canon Inc.)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular 13.0.0.8086k) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FieryRemoteScan 4.4.15.6 (HKLM-x32\...\{A2F6E9AB-86D8-11D5-A06C-00E081105A80}) (Version: - )
FileZilla Client 3.2.7.1 (HKLM-x32\...\FileZilla Client) (Version: 3.2.7.1 - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Designjet ePrint & Share (HKLM-x32\...\{4D1B7E4E-47B1-40E3-9E15-C50E42D81610}) (Version: 1.0.7 - Hewlett-Packard)
HP Designjet T120 und T520 ePrinter Series (HKLM-x32\...\HPAmpereXL) (Version: - Hewlett-Packard Co.)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro K8600 (HKLM\...\{1B06283F-BB48-48D5-A303-9834D9ADD485}) (Version: 13.0 - HP)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP T120 and T520 series ICC Profiles (HKLM\...\{4F9E7F57-1D06-4B50-9691-813F87C655B8}) (Version: 2.0.0 - Hewlett Packard, Co.)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HP Webregistrierung (HKLM-x32\...\{D2FF897E-4A99-446E-8BB4-DD99CD496838}) (Version: 1.2.0.0 - Hewlett Packard, Co.)
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6302.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K8600_Basic (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
NetObjects Fusion 11.0 (HKLM-x32\...\{46F5DA60-1444-4D37-900E-B6945F2990B1}) (Version: 11 German - )
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Planung und Ausschreibung 2.2 - KÖMMERLING (HKLM-x32\...\{0841104C-44A1-4D6D-A25B-A297A5116484}_is1) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
sv.net (HKLM-x32\...\sv.net) (Version: 14.0 - ITSG GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Vectorworks 2012 Hilfe (HKLM-x32\...\eu.computerworks.vectorworks.2012.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2012 Hilfe (x32 Version: 1.0 - UNKNOWN) Hidden
Vectorworks 2013 Hilfe (HKLM-x32\...\eu.computerworks.vectorworks.2013.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2013 Hilfe (x32 Version: 1.0 - UNKNOWN) Hidden
Vectorworks 2014 Hilfe (HKLM-x32\...\eu.computerworks.vectorworks.2014.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2014 Hilfe (x32 Version: 1.0 - UNKNOWN) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-10-2014 07:58:24 Windows Update
30-10-2014 13:52:16 Geplanter Prüfpunkt
05-11-2014 08:28:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {008BBD74-27B0-47BF-B40C-966E5ADB312E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {080D7357-4B76-4D2D-B5E5-ED9CF8E5719B} - System32\Tasks\HPCeeScheduleForPC_Schoch_1 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {27B06F3B-7393-4AB1-8F8F-F597187E5AF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3F0D46E9-9159-457C-9392-90DAA4D2796A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {5AF8309A-6D3B-4AB6-ADF7-4597663E674D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5F7D43FB-DB89-4282-A7F3-64BAD37CC4D7} - System32\Tasks\HPCeeScheduleForANDREA$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {76AA8672-7C24-4A6A-AE40-A3FFD3C9C0E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8B0260A0-2D7E-443E-BD47-1D9749F01A91} - System32\Tasks\{4761A3EC-5351-4308-A350-45AD0E3766A6} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [2014-11-06] (Avira Operations GmbH & Co. KG)
Task: {8F8118D2-0C6F-41D7-B22B-3A43A66F9406} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9AF82C70-DB10-4963-87E5-F272E726E91B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BEA173A4-5C04-4C6A-A8C9-E5024ACB90EA} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForANDREA$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPC_Schoch_1.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2009-08-23 18:24 - 2009-08-23 18:24 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-09-15 18:31 - 2010-09-15 18:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2010-04-13 00:59 - 2010-04-13 00:59 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-11-23 18:01 - 2010-11-23 18:01 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-14 11:54 - 2012-08-24 10:11 - 00007680 _____ () C:\Program Files (x86)\Vectorworks2012\RuntimeLoader90.dll
2011-11-14 11:54 - 2012-08-24 10:14 - 00024064 _____ () C:\Program Files (x86)\Vectorworks2012\VWMM.dll
2011-11-14 11:54 - 2012-08-24 10:11 - 01854464 _____ () C:\Program Files (x86)\Vectorworks2012\NLib.dll
2011-11-14 11:54 - 2012-08-24 10:11 - 06546432 _____ () C:\Program Files (x86)\Vectorworks2012\NMTLib.dll
2011-11-14 11:54 - 2012-08-24 10:11 - 02803200 _____ () C:\Program Files (x86)\Vectorworks2012\HWTransLib.dll
2011-11-14 11:54 - 2012-08-24 10:11 - 00141312 _____ () C:\Program Files (x86)\Vectorworks2012\zlibwapi.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-10-16 08:19 - 2014-10-16 08:19 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: qwmyejuk.exe => "C:\Users\PC_Schoch_1\AppData\Roaming\Identities\qwmyejuk.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1727187631-800357886-643226720-500 - Administrator - Disabled)
Gast (S-1-5-21-1727187631-800357886-643226720-501 - Limited - Enabled)
PC_Schoch_1 (S-1-5-21-1727187631-800357886-643226720-1000 - Administrator - Enabled) => C:\Users\PC_Schoch_1
==================== Faulty Device Manager Devices =============
Name: Officejet Pro K8600
Description: Officejet Pro K8600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Officejet Pro K8600
Description: Officejet Pro K8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/11/2014 08:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 10.11.2014.0, Zeitstempel: 0x54613ced
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
Error: (11/11/2014 07:20:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 5B39.tmp, Version: 8.10.3560.65011, Zeitstempel: 0x53f205e3
Name des fehlerhaften Moduls: 5B39.tmp, Version: 8.10.3560.65011, Zeitstempel: 0x53f205e3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000019ee
ID des fehlerhaften Prozesses: 0x115c
Startzeit der fehlerhaften Anwendung: 0x5B39.tmp0
Pfad der fehlerhaften Anwendung: 5B39.tmp1
Pfad des fehlerhaften Moduls: 5B39.tmp2
Berichtskennung: 5B39.tmp3
Error: (11/11/2014 06:05:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 9AF4.tmp, Version: 8.10.3560.65011, Zeitstempel: 0x53f205e3
Name des fehlerhaften Moduls: 9AF4.tmp, Version: 8.10.3560.65011, Zeitstempel: 0x53f205e3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000019ee
ID des fehlerhaften Prozesses: 0x9e4
Startzeit der fehlerhaften Anwendung: 0x9AF4.tmp0
Pfad der fehlerhaften Anwendung: 9AF4.tmp1
Pfad des fehlerhaften Moduls: 9AF4.tmp2
Berichtskennung: 9AF4.tmp3
Error: (11/11/2014 09:07:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 7.0.550.14, Zeitstempel: 0x534c8cbb
Name des fehlerhaften Moduls: jvm.dll, Version: 24.55.0.3, Zeitstempel: 0x534ca108
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0013fbf1
ID des fehlerhaften Prozesses: 0x1230
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3
Error: (11/11/2014 09:06:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/11/2014 09:06:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/11/2014 09:06:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/10/2014 10:04:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/10/2014 10:04:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/10/2014 10:04:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (11/11/2014 09:03:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 10:00:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 03:57:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 03:24:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 08:41:28 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/07/2014 09:00:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/06/2014 01:12:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/06/2014 09:21:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/05/2014 09:19:12 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/04/2014 08:56:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (11/11/2014 08:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe10.11.2014.054613cedntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102cd001cffde8db9ea94cC:\Users\PC_Schoch_1\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll19aa6b37-69dc-11e4-b278-e069956f8c33
Error: (11/11/2014 07:20:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 5B39.tmp8.10.3560.6501153f205e35B39.tmp8.10.3560.6501153f205e3c0000005000019ee115c01cffddc314d0934C:\Users\PC_SCH~1\AppData\Local\Temp\5B39.tmpC:\Users\PC_SCH~1\AppData\Local\Temp\5B39.tmp6f1f0699-69cf-11e4-b278-e069956f8c33
Error: (11/11/2014 06:05:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 9AF4.tmp8.10.3560.6501153f205e39AF4.tmp8.10.3560.6501153f205e3c0000005000019ee9e401cffdd1b3b099b6C:\Users\PC_SCH~1\AppData\Local\Temp\9AF4.tmpC:\Users\PC_SCH~1\AppData\Local\Temp\9AF4.tmpf2013ed7-69c4-11e4-b278-e069956f8c33
Error: (11/11/2014 09:07:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe7.0.550.14534c8cbbjvm.dll24.55.0.3534ca108c00000050013fbf1123001cffd868fc095f4C:\Program Files (x86)\Java\jre7\bin\javaw.exeC:\Program Files (x86)\Java\jre7\bin\client\jvm.dllcfcc1fba-6979-11e4-b278-e069956f8c33
Error: (11/11/2014 09:06:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (11/11/2014 09:06:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/11/2014 09:06:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/10/2014 10:04:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (11/10/2014 10:04:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/10/2014 10:04:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Percentage of memory in use: 29%
Total physical RAM: 6126.54 MB
Available physical RAM: 4315.33 MB
Total Pagefile: 12251.27 MB
Available Pagefile: 9956.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:699.83 GB) (Free:616.18 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.74 GB) (Free:1.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive x: (Daten) (Fixed) (Total:585.94 GB) (Free:564.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: A1F93165)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=699.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
12.11.2014, 09:45
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Rechnung November 2014 hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
12.11.2014, 15:06
| #3 |
| | Telekom Rechnung November 2014 Vielen Dank für die Rückmeldung. Bin um 15:00 Uhr bei meiner Bekannten, dann werde ich den Scan durchführen und den Logfile posten. Sie hat Avira Pro am laufen, sollte dieser für den Scan deaktiviert werden?
__________________Hier der Log-File TDSSKiller File Code:
ATTFilter 15:08:15.0175 0x1134 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
15:08:19.0717 0x1134 ============================================================
15:08:19.0717 0x1134 Current date / time: 2014/11/12 15:08:19.0716
15:08:19.0717 0x1134 SystemInfo:
15:08:19.0717 0x1134
15:08:19.0717 0x1134 OS Version: 6.1.7601 ServicePack: 1.0
15:08:19.0717 0x1134 Product type: Workstation
15:08:19.0717 0x1134 ComputerName: ANDREA
15:08:19.0717 0x1134 UserName: PC_Schoch_1
15:08:19.0717 0x1134 Windows directory: C:\Windows
15:08:19.0717 0x1134 System windows directory: C:\Windows
15:08:19.0717 0x1134 Running under WOW64
15:08:19.0717 0x1134 Processor architecture: Intel x64
15:08:19.0717 0x1134 Number of processors: 4
15:08:19.0717 0x1134 Page size: 0x1000
15:08:19.0717 0x1134 Boot type: Normal boot
15:08:19.0717 0x1134 ============================================================
15:08:20.0045 0x1134 KLMD registered as C:\Windows\system32\drivers\04932660.sys
15:08:20.0275 0x1134 System UUID: {E79813D3-2A46-B178-EB90-98E401E58EB7}
15:08:20.0653 0x1134 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:08:20.0670 0x1134 ============================================================
15:08:20.0670 0x1134 \Device\Harddisk0\DR0:
15:08:20.0671 0x1134 MBR partitions:
15:08:20.0671 0x1134 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:08:20.0671 0x1134 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x577AB000
15:08:20.0693 0x1134 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x577DE000, BlocksNum 0x493DF800
15:08:20.0693 0x1134 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xACF0D800, BlocksNum 0x1B79800
15:08:20.0693 0x1134 ============================================================
15:08:20.0733 0x1134 C: <-> \Device\Harddisk0\DR0\Partition2
15:08:20.0777 0x1134 D: <-> \Device\Harddisk0\DR0\Partition4
15:08:20.0843 0x1134 X: <-> \Device\Harddisk0\DR0\Partition3
15:08:20.0843 0x1134 ============================================================
15:08:20.0843 0x1134 Initialize success
15:08:20.0843 0x1134 ============================================================
15:09:05.0949 0x0548 ============================================================
15:09:05.0949 0x0548 Scan started
15:09:05.0949 0x0548 Mode: Manual; SigCheck; TDLFS;
15:09:05.0949 0x0548 ============================================================
15:09:05.0949 0x0548 KSN ping started
15:09:08.0682 0x0548 KSN ping finished: true
15:09:09.0299 0x0548 ================ Scan system memory ========================
15:09:09.0300 0x0548 System memory - ok
15:09:09.0300 0x0548 ================ Scan services =============================
15:09:09.0412 0x0548 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:09:09.0529 0x0548 1394ohci - ok
15:09:09.0582 0x0548 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:09:09.0604 0x0548 ACPI - ok
15:09:09.0645 0x0548 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:09:09.0726 0x0548 AcpiPmi - ok
15:09:09.0819 0x0548 [ 67B708CBF1D5C60D20568CC23BD544E3, 8BEADD7193D7DB23046367452FB61EE219A7277BEC1EB6C44EE77E9CC541E396 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
15:09:09.0847 0x0548 AcrSch2Svc - ok
15:09:09.0927 0x0548 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:09:09.0949 0x0548 AdobeARMservice - ok
15:09:10.0045 0x0548 [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:09:10.0065 0x0548 AdobeFlashPlayerUpdateSvc - ok
15:09:10.0143 0x0548 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:09:10.0167 0x0548 adp94xx - ok
15:09:10.0230 0x0548 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:09:10.0252 0x0548 adpahci - ok
15:09:10.0262 0x0548 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:09:10.0273 0x0548 adpu320 - ok
15:09:10.0289 0x0548 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:09:10.0407 0x0548 AeLookupSvc - ok
15:09:10.0472 0x0548 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
15:09:10.0516 0x0548 AESTFilters - ok
15:09:10.0551 0x0548 [ 7F64EA2FCE77830C020B2E387C0FAC05, 89FDF8ECE4AD9EF9EF8EFB4D280A46F039B5FD5349D754C4B32DEC30423E0D02 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
15:09:10.0575 0x0548 afcdp - ok
15:09:10.0679 0x0548 [ 6900DE81D21CC3CC3C8A5F531CE2AA09, CA4866E135FF1EDB947BAE5DD8AD15C90346658032A04A2C12114A4CDBA2F087 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
15:09:10.0730 0x0548 afcdpsrv - ok
15:09:10.0811 0x0548 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:09:10.0880 0x0548 AFD - ok
15:09:10.0897 0x0548 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:09:10.0905 0x0548 agp440 - ok
15:09:10.0927 0x0548 [ 95BC4330FA44240CA00C641A73C7E62D, 5D90D9B7D03E15B1A358582834B03A043187CDF6790EE7D3E4CCA03CE77010CA ] aksdf C:\Windows\system32\drivers\aksdf.sys
15:09:10.0958 0x0548 aksdf - ok
15:09:10.0972 0x0548 [ E2E5CF34D6C56ACE5E986969A3D9B0B5, 1A5D328B924CB945F1F48B3E1956F1123BEA0C285E92BFA5BA12E5063049B8B7 ] aksfridge C:\Windows\system32\DRIVERS\aksfridge.sys
15:09:10.0983 0x0548 aksfridge - ok
15:09:11.0004 0x0548 [ A56F1B0F967AEF8A82D7771E6D166DEF, 498B2C9AFC8298C0D06FD6278DEA698C2AFEEC419200C1EF8C150ED7CB6FA1E8 ] akshasp C:\Windows\system32\DRIVERS\akshasp.sys
15:09:11.0013 0x0548 akshasp - ok
15:09:11.0025 0x0548 [ 67DFF8C8F95CB21C9C3380DD4C0387F2, 6BB7A48C7D0FB6049FAADAEF8A784FC2822B95C03190945DF6F4310A580C537F ] akshhl C:\Windows\system32\DRIVERS\akshhl.sys
15:09:11.0083 0x0548 akshhl - ok
15:09:11.0126 0x0548 [ A9A09BC526E614CE9F29BB23C2A76CED, 260027677635E6333ABD499D5F80B7C82109208D298432946DE60C0956193BA2 ] aksusb C:\Windows\system32\DRIVERS\aksusb.sys
15:09:11.0157 0x0548 aksusb - ok
15:09:11.0180 0x0548 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:09:11.0236 0x0548 ALG - ok
15:09:11.0267 0x0548 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:09:11.0281 0x0548 aliide - ok
15:09:11.0315 0x0548 [ 694B7056F66A9DFFE18836655477589A, 6DF92BEE4D361375D6AB8D5FC8B3D29D8883DCE430599548E1D2E87A1238C3D2 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:09:11.0378 0x0548 AMD External Events Utility - ok
15:09:11.0416 0x0548 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:09:11.0434 0x0548 amdide - ok
15:09:11.0470 0x0548 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:09:11.0529 0x0548 AmdK8 - ok
15:09:11.0769 0x0548 [ 600C89344A1DC910E5AF3852A0BC86F4, 0D6DAF987211ADFB8AD6095DEA5DC1F92347BA0CEA200B325ECAADD793809474 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:09:11.0961 0x0548 amdkmdag - ok
15:09:11.0998 0x0548 [ B191851B6FBF30532470D3541A104EEF, 0631628D855B82E695F48AA2C8A78843287D2E1F43929D576D9C15CCFE1DF93C ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:09:12.0022 0x0548 amdkmdap - ok
15:09:12.0036 0x0548 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:09:12.0072 0x0548 AmdPPM - ok
15:09:12.0113 0x0548 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:09:12.0130 0x0548 amdsata - ok
15:09:12.0153 0x0548 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:09:12.0164 0x0548 amdsbs - ok
15:09:12.0175 0x0548 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:09:12.0183 0x0548 amdxata - ok
15:09:12.0291 0x0548 [ EF9F989FC3058F727E11F09CEDB5C963, 02C4D9DD6FA1B21386249DEAC16258B975148D4EB177F7A274183D3ED514A570 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
15:09:12.0325 0x0548 AntiVirMailService - ok
15:09:12.0381 0x0548 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:09:12.0401 0x0548 AntiVirSchedulerService - ok
15:09:12.0453 0x0548 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:09:12.0474 0x0548 AntiVirService - ok
15:09:12.0526 0x0548 [ 323EC9754AEBCD922B0D80D49419B000, 74C060FEBDA551C9AC5CB5E5FD42E0092E01BC07AE636BD85E38D49196A92147 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:09:12.0550 0x0548 AntiVirWebService - ok
15:09:12.0610 0x0548 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
15:09:12.0740 0x0548 AppID - ok
15:09:12.0768 0x0548 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:09:12.0853 0x0548 AppIDSvc - ok
15:09:12.0907 0x0548 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:09:12.0948 0x0548 Appinfo - ok
15:09:12.0977 0x0548 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:09:12.0991 0x0548 arc - ok
15:09:12.0997 0x0548 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:09:13.0010 0x0548 arcsas - ok
15:09:13.0083 0x0548 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:09:13.0106 0x0548 aspnet_state - ok
15:09:13.0124 0x0548 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:09:13.0161 0x0548 AsyncMac - ok
15:09:13.0188 0x0548 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:09:13.0195 0x0548 atapi - ok
15:09:13.0229 0x0548 [ E02B26650ACC2F4901342D4A66774AD7, 632A88C5AE6E71BB86C5306566EA08C4678F3F949479C8D1BEB8B01DD6724B88 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:09:13.0237 0x0548 AtiHDAudioService - ok
15:09:13.0275 0x0548 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:09:13.0337 0x0548 AudioEndpointBuilder - ok
15:09:13.0354 0x0548 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:09:13.0394 0x0548 AudioSrv - ok
15:09:13.0440 0x0548 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:09:13.0456 0x0548 avgntflt - ok
15:09:13.0512 0x0548 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:09:13.0537 0x0548 avipbb - ok
15:09:13.0572 0x0548 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:09:13.0584 0x0548 avkmgr - ok
15:09:13.0631 0x0548 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:09:13.0698 0x0548 AxInstSV - ok
15:09:13.0739 0x0548 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:09:13.0774 0x0548 b06bdrv - ok
15:09:13.0799 0x0548 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:09:13.0839 0x0548 b57nd60a - ok
15:09:13.0873 0x0548 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:09:13.0921 0x0548 BDESVC - ok
15:09:13.0935 0x0548 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:09:13.0964 0x0548 Beep - ok
15:09:14.0046 0x0548 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:09:14.0103 0x0548 BFE - ok
15:09:14.0153 0x0548 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:09:14.0245 0x0548 BITS - ok
15:09:14.0278 0x0548 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:09:14.0306 0x0548 blbdrive - ok
15:09:14.0333 0x0548 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:09:14.0406 0x0548 bowser - ok
15:09:14.0438 0x0548 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:09:14.0513 0x0548 BrFiltLo - ok
15:09:14.0523 0x0548 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:09:14.0546 0x0548 BrFiltUp - ok
15:09:14.0573 0x0548 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:09:14.0618 0x0548 Browser - ok
15:09:14.0635 0x0548 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:09:14.0679 0x0548 Brserid - ok
15:09:14.0683 0x0548 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:09:14.0706 0x0548 BrSerWdm - ok
15:09:14.0715 0x0548 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:09:14.0781 0x0548 BrUsbMdm - ok
15:09:14.0801 0x0464 Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
15:09:14.0806 0x0548 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:09:14.0820 0x0548 BrUsbSer - ok
15:09:14.0826 0x0548 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:09:14.0863 0x0548 BTHMODEM - ok
15:09:14.0910 0x0548 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:09:14.0981 0x0548 bthserv - ok
15:09:15.0174 0x0548 [ CAC491D46A27A227864018AF2EF9D5D1, 25E00249A30381966B20BFF4F67CA11DB4ED1D8C2C5941A8E22B1FEC25E6B038 ] Canon Driver Information Assist Service C:\Program Files\Canon\DIAS\CnxDIAS.exe
15:09:15.0283 0x0548 Canon Driver Information Assist Service - ok
15:09:15.0292 0x0548 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:09:15.0340 0x0548 cdfs - ok
15:09:15.0385 0x0548 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:09:15.0424 0x0548 cdrom - ok
15:09:15.0493 0x0548 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:09:15.0557 0x0548 CertPropSvc - ok
15:09:15.0562 0x0548 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:09:15.0586 0x0548 circlass - ok
15:09:15.0629 0x0548 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:09:15.0653 0x0548 CLFS - ok
15:09:15.0694 0x0548 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:09:15.0708 0x0548 clr_optimization_v2.0.50727_32 - ok
15:09:15.0731 0x0548 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:09:15.0744 0x0548 clr_optimization_v2.0.50727_64 - ok
15:09:15.0840 0x0548 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:09:15.0867 0x0548 clr_optimization_v4.0.30319_32 - ok
15:09:15.0890 0x0548 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:09:15.0917 0x0548 clr_optimization_v4.0.30319_64 - ok
15:09:15.0930 0x0548 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:09:15.0972 0x0548 CmBatt - ok
15:09:16.0018 0x0548 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:09:16.0032 0x0548 cmdide - ok
15:09:16.0086 0x0548 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
15:09:16.0131 0x0548 CNG - ok
15:09:16.0135 0x0548 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:09:16.0144 0x0548 Compbatt - ok
15:09:16.0167 0x0548 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:09:16.0202 0x0548 CompositeBus - ok
15:09:16.0204 0x0548 COMSysApp - ok
15:09:16.0208 0x0548 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:09:16.0217 0x0548 crcdisk - ok
15:09:16.0297 0x0548 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:09:16.0345 0x0548 CryptSvc - ok
15:09:16.0380 0x0548 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:09:16.0431 0x0548 DcomLaunch - ok
15:09:16.0474 0x0548 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:09:16.0524 0x0548 defragsvc - ok
15:09:16.0586 0x0548 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:09:16.0658 0x0548 DfsC - ok
15:09:16.0684 0x0548 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:09:16.0731 0x0548 Dhcp - ok
15:09:16.0746 0x0548 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:09:16.0774 0x0548 discache - ok
15:09:16.0783 0x0548 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:09:16.0792 0x0548 Disk - ok
15:09:16.0825 0x0548 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:09:16.0845 0x0548 Dnscache - ok
15:09:16.0876 0x0548 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:09:16.0925 0x0548 dot3svc - ok
15:09:16.0954 0x0548 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:09:16.0982 0x0548 Dot4 - ok
15:09:17.0003 0x0548 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
15:09:17.0044 0x0548 Dot4Print - ok
15:09:17.0073 0x0548 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:09:17.0090 0x0548 dot4usb - ok
15:09:17.0125 0x0548 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:09:17.0180 0x0548 DPS - ok
15:09:17.0233 0x0548 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:09:17.0270 0x0548 drmkaud - ok
15:09:17.0339 0x0548 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:09:17.0379 0x0548 DXGKrnl - ok
15:09:17.0398 0x0548 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:09:17.0427 0x0548 EapHost - ok
15:09:17.0514 0x0548 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:09:17.0617 0x0548 ebdrv - ok
15:09:17.0688 0x0548 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
15:09:17.0724 0x0548 EFS - ok
15:09:17.0810 0x0548 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:09:17.0865 0x0548 ehRecvr - ok
15:09:17.0884 0x0548 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:09:17.0924 0x0548 ehSched - ok
15:09:17.0968 0x0548 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:09:17.0995 0x0548 elxstor - ok
15:09:18.0016 0x0548 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:09:18.0046 0x0548 ErrDev - ok
15:09:18.0090 0x0548 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:09:18.0163 0x0548 EventSystem - ok
15:09:18.0203 0x0548 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:09:18.0251 0x0548 exfat - ok
15:09:18.0264 0x0548 ezSharedSvc - ok
15:09:18.0281 0x0548 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:09:18.0329 0x0548 fastfat - ok
15:09:18.0374 0x0548 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:09:18.0450 0x0548 Fax - ok
15:09:18.0464 0x0548 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:09:18.0477 0x0548 fdc - ok
15:09:18.0498 0x0548 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:09:18.0542 0x0548 fdPHost - ok
15:09:18.0551 0x0464 Object send P2P result: true
15:09:18.0553 0x0548 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:09:18.0597 0x0548 FDResPub - ok
15:09:18.0608 0x0548 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:09:18.0618 0x0548 FileInfo - ok
15:09:18.0628 0x0548 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:09:18.0667 0x0548 Filetrace - ok
15:09:18.0670 0x0548 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:09:18.0679 0x0548 flpydisk - ok
15:09:18.0716 0x0548 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:09:18.0734 0x0548 FltMgr - ok
15:09:18.0805 0x0548 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:09:18.0854 0x0548 FontCache - ok
15:09:18.0912 0x0548 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:09:18.0940 0x0548 FontCache3.0.0.0 - ok
15:09:18.0964 0x0548 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:09:18.0977 0x0548 FsDepends - ok
15:09:19.0004 0x0548 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:09:19.0016 0x0548 Fs_Rec - ok
15:09:19.0048 0x0548 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:09:19.0069 0x0548 fvevol - ok
15:09:19.0076 0x0548 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:09:19.0089 0x0548 gagp30kx - ok
15:09:19.0120 0x0548 [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
15:09:19.0136 0x0548 GameConsoleService - ok
15:09:19.0183 0x0548 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:09:19.0245 0x0548 gpsvc - ok
15:09:19.0278 0x0548 [ 78FAD9117E4527F2CA82259DA10F40BD, 9CE5102C681B8147BFC189897C19852D2BF82A9B95DE6301EBBCD13A604A41F3 ] hardlock C:\Windows\system32\drivers\hardlock.sys
15:09:19.0326 0x0548 hardlock - ok
15:09:19.0330 0x0548 hasplms - ok
15:09:19.0359 0x0548 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:09:19.0431 0x0548 hcw85cir - ok
15:09:19.0476 0x0548 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:09:19.0545 0x0548 HdAudAddService - ok
15:09:19.0583 0x0548 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:09:19.0616 0x0548 HDAudBus - ok
15:09:19.0621 0x0548 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:09:19.0667 0x0548 HidBatt - ok
15:09:19.0674 0x0548 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:09:19.0696 0x0548 HidBth - ok
15:09:19.0714 0x0548 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:09:19.0757 0x0548 HidIr - ok
15:09:19.0790 0x0548 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:09:19.0859 0x0548 hidserv - ok
15:09:19.0924 0x0548 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:09:19.0958 0x0548 HidUsb - ok
15:09:19.0991 0x0548 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:09:20.0041 0x0548 hkmsvc - ok
15:09:20.0080 0x0548 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:09:20.0109 0x0548 HomeGroupListener - ok
15:09:20.0129 0x0548 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:09:20.0154 0x0548 HomeGroupProvider - ok
15:09:20.0204 0x0548 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:09:20.0210 0x0548 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
15:09:22.0928 0x0548 Detect skipped due to KSN trusted
15:09:22.0928 0x0548 HP Support Assistant Service - ok
15:09:22.0978 0x0548 [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
15:09:22.0990 0x0548 HPClientSvc - ok
15:09:23.0069 0x0548 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:09:23.0098 0x0548 hpqwmiex - ok
15:09:23.0122 0x0548 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:09:23.0131 0x0548 HpSAMD - ok
15:09:23.0235 0x0548 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:09:23.0284 0x0548 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
15:09:26.0010 0x0548 Detect skipped due to KSN trusted
15:09:26.0011 0x0548 HPSLPSVC - ok
15:09:26.0090 0x0548 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:09:26.0153 0x0548 HTTP - ok
15:09:26.0178 0x0548 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:09:26.0189 0x0548 hwpolicy - ok
15:09:26.0224 0x0548 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:09:26.0235 0x0548 i8042prt - ok
15:09:26.0261 0x0548 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:09:26.0276 0x0548 iaStor - ok
15:09:26.0299 0x0548 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:09:26.0313 0x0548 iaStorV - ok
15:09:26.0377 0x0548 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:09:26.0413 0x0548 idsvc - ok
15:09:26.0451 0x0548 IEEtwCollectorService - ok
15:09:26.0478 0x0548 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:09:26.0491 0x0548 iirsp - ok
15:09:26.0556 0x0548 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:09:26.0595 0x0548 IKEEXT - ok
15:09:26.0610 0x0548 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:09:26.0618 0x0548 intelide - ok
15:09:26.0641 0x0548 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:09:26.0652 0x0548 intelppm - ok
15:09:26.0674 0x0548 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:09:26.0709 0x0548 IPBusEnum - ok
15:09:26.0749 0x0548 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:09:26.0811 0x0548 IpFilterDriver - ok
15:09:26.0854 0x0548 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:09:26.0894 0x0548 iphlpsvc - ok
15:09:26.0910 0x0548 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:09:26.0934 0x0548 IPMIDRV - ok
15:09:26.0939 0x0548 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:09:26.0977 0x0548 IPNAT - ok
15:09:27.0002 0x0548 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:09:27.0056 0x0548 IRENUM - ok
15:09:27.0079 0x0548 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:09:27.0093 0x0548 isapnp - ok
15:09:27.0127 0x0548 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:09:27.0147 0x0548 iScsiPrt - ok
15:09:27.0168 0x0548 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:09:27.0181 0x0548 kbdclass - ok
15:09:27.0204 0x0548 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:09:27.0219 0x0548 kbdhid - ok
15:09:27.0249 0x0548 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
15:09:27.0264 0x0548 KeyIso - ok
15:09:27.0298 0x0548 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:09:27.0320 0x0548 KSecDD - ok
15:09:27.0333 0x0548 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:09:27.0354 0x0548 KSecPkg - ok
15:09:27.0368 0x0548 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:09:27.0404 0x0548 ksthunk - ok
15:09:27.0429 0x0548 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:09:27.0475 0x0548 KtmRm - ok
15:09:27.0535 0x0548 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:09:27.0606 0x0548 LanmanServer - ok
15:09:27.0643 0x0548 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:09:27.0709 0x0548 LanmanWorkstation - ok
15:09:27.0761 0x0548 [ FA4A45C179AB0E0F1A31B9751D4B18D7, 4356777C2608A65185C9CB8243F071EC9E11BCD152E0C0ACDE25B6BCFD75A7F4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:09:27.0794 0x0548 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
15:09:30.0522 0x0548 Detect skipped due to KSN trusted
15:09:30.0522 0x0548 LightScribeService - ok
15:09:30.0553 0x0548 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:09:30.0624 0x0548 lltdio - ok
15:09:30.0672 0x0548 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:09:30.0723 0x0548 lltdsvc - ok
15:09:30.0752 0x0548 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:09:30.0778 0x0548 lmhosts - ok
15:09:30.0815 0x0548 [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:09:30.0827 0x0548 LMS - ok
15:09:30.0853 0x0548 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:09:30.0863 0x0548 LSI_FC - ok
15:09:30.0868 0x0548 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:09:30.0877 0x0548 LSI_SAS - ok
15:09:30.0881 0x0548 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:09:30.0889 0x0548 LSI_SAS2 - ok
15:09:30.0900 0x0548 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:09:30.0909 0x0548 LSI_SCSI - ok
15:09:30.0926 0x0548 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:09:30.0975 0x0548 luafv - ok
15:09:31.0008 0x0548 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:09:31.0042 0x0548 Mcx2Svc - ok
15:09:31.0059 0x0548 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:09:31.0069 0x0548 megasas - ok
15:09:31.0086 0x0548 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:09:31.0101 0x0548 MegaSR - ok
15:09:31.0125 0x0548 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:09:31.0132 0x0548 MEIx64 - ok
15:09:31.0145 0x0548 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:09:31.0199 0x0548 MMCSS - ok
15:09:31.0214 0x0548 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:09:31.0250 0x0548 Modem - ok
15:09:31.0275 0x0548 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:09:31.0287 0x0548 monitor - ok
15:09:31.0310 0x0548 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:09:31.0319 0x0548 mouclass - ok
15:09:31.0345 0x0548 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:09:31.0355 0x0548 mouhid - ok
15:09:31.0391 0x0548 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:09:31.0403 0x0548 mountmgr - ok
15:09:31.0450 0x0548 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:09:31.0460 0x0548 MozillaMaintenance - ok
15:09:31.0488 0x0548 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:09:31.0499 0x0548 mpio - ok
15:09:31.0525 0x0548 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:09:31.0553 0x0548 mpsdrv - ok
15:09:31.0620 0x0548 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:09:31.0689 0x0548 MpsSvc - ok
15:09:31.0718 0x0548 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:09:31.0781 0x0548 MRxDAV - ok
15:09:31.0803 0x0548 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:09:31.0837 0x0548 mrxsmb - ok
15:09:31.0861 0x0548 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:09:31.0898 0x0548 mrxsmb10 - ok
15:09:31.0926 0x0548 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:09:31.0937 0x0548 mrxsmb20 - ok
15:09:31.0965 0x0548 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:09:31.0981 0x0548 msahci - ok
15:09:32.0000 0x0548 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:09:32.0011 0x0548 msdsm - ok
15:09:32.0022 0x0548 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:09:32.0054 0x0548 MSDTC - ok
15:09:32.0094 0x0548 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:09:32.0136 0x0548 Msfs - ok
15:09:32.0159 0x0548 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:09:32.0216 0x0548 mshidkmdf - ok
15:09:32.0232 0x0548 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:09:32.0240 0x0548 msisadrv - ok
15:09:32.0266 0x0548 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:09:32.0304 0x0548 MSiSCSI - ok
15:09:32.0306 0x0548 msiserver - ok
15:09:32.0329 0x0548 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:09:32.0377 0x0548 MSKSSRV - ok
15:09:32.0410 0x0548 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:09:32.0435 0x0548 MSPCLOCK - ok
15:09:32.0441 0x0548 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:09:32.0476 0x0548 MSPQM - ok
15:09:32.0510 0x0548 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:09:32.0528 0x0548 MsRPC - ok
15:09:32.0548 0x0548 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:09:32.0556 0x0548 mssmbios - ok
15:09:32.0568 0x0548 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:09:32.0607 0x0548 MSTEE - ok
15:09:32.0616 0x0548 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:09:32.0633 0x0548 MTConfig - ok
15:09:32.0646 0x0548 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:09:32.0654 0x0548 Mup - ok
15:09:32.0701 0x0548 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:09:32.0763 0x0548 napagent - ok
15:09:32.0789 0x0548 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:09:32.0830 0x0548 NativeWifiP - ok
15:09:32.0912 0x0548 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:09:32.0945 0x0548 NDIS - ok
15:09:32.0963 0x0548 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:09:32.0989 0x0548 NdisCap - ok
15:09:33.0012 0x0548 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:33.0047 0x0548 NdisTapi - ok
15:09:33.0071 0x0548 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:33.0101 0x0548 Ndisuio - ok
15:09:33.0112 0x0548 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:33.0154 0x0548 NdisWan - ok
15:09:33.0188 0x0548 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:09:33.0241 0x0548 NDProxy - ok
15:09:33.0301 0x0548 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:09:33.0310 0x0548 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:09:36.0030 0x0548 Detect skipped due to KSN trusted
15:09:36.0030 0x0548 Net Driver HPZ12 - ok
15:09:36.0058 0x0548 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:09:36.0096 0x0548 NetBIOS - ok
15:09:36.0134 0x0548 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:09:36.0171 0x0548 NetBT - ok
15:09:36.0186 0x0548 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
15:09:36.0195 0x0548 Netlogon - ok
15:09:36.0215 0x0548 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:09:36.0264 0x0548 Netman - ok
15:09:36.0317 0x0548 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:36.0344 0x0548 NetMsmqActivator - ok
15:09:36.0364 0x0548 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:36.0379 0x0548 NetPipeActivator - ok
15:09:36.0407 0x0548 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:09:36.0474 0x0548 netprofm - ok
15:09:36.0492 0x0548 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:36.0507 0x0548 NetTcpActivator - ok
15:09:36.0513 0x0548 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:36.0528 0x0548 NetTcpPortSharing - ok
15:09:36.0554 0x0548 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:09:36.0565 0x0548 nfrd960 - ok
15:09:36.0589 0x0548 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:09:36.0610 0x0548 NlaSvc - ok
15:09:36.0729 0x0548 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:09:36.0790 0x0548 NOBU - ok
15:09:36.0804 0x0548 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:09:36.0831 0x0548 Npfs - ok
15:09:36.0850 0x0548 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:09:36.0899 0x0548 nsi - ok
15:09:36.0926 0x0548 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:09:36.0968 0x0548 nsiproxy - ok
15:09:37.0051 0x0548 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:09:37.0098 0x0548 Ntfs - ok
15:09:37.0110 0x0548 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:09:37.0164 0x0548 Null - ok
15:09:37.0210 0x0548 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:09:37.0221 0x0548 nvraid - ok
15:09:37.0237 0x0548 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:09:37.0247 0x0548 nvstor - ok
15:09:37.0264 0x0548 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:09:37.0274 0x0548 nv_agp - ok
15:09:37.0285 0x0548 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:09:37.0295 0x0548 ohci1394 - ok
15:09:37.0327 0x0548 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:09:37.0336 0x0548 ose - ok
15:09:37.0480 0x0548 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:09:37.0585 0x0548 osppsvc - ok
15:09:37.0617 0x0548 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:09:37.0652 0x0548 p2pimsvc - ok
15:09:37.0676 0x0548 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:09:37.0697 0x0548 p2psvc - ok
15:09:37.0711 0x0548 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:09:37.0757 0x0548 Parport - ok
15:09:37.0799 0x0548 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:09:37.0814 0x0548 partmgr - ok
15:09:37.0836 0x0548 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
15:09:37.0872 0x0548 PcaSvc - ok
15:09:37.0921 0x0548 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:09:37.0940 0x0548 pci - ok
15:09:37.0965 0x0548 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:09:37.0973 0x0548 pciide - ok
15:09:37.0990 0x0548 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:09:38.0001 0x0548 pcmcia - ok
15:09:38.0015 0x0548 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:09:38.0024 0x0548 pcw - ok
15:09:38.0045 0x0548 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:09:38.0086 0x0548 PEAUTH - ok
15:09:38.0139 0x0548 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:09:38.0164 0x0548 PerfHost - ok
15:09:38.0235 0x0548 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:09:38.0319 0x0548 pla - ok
15:09:38.0381 0x0548 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:09:38.0427 0x0548 PlugPlay - ok
15:09:38.0449 0x0548 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:09:38.0455 0x0548 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:09:41.0178 0x0548 Detect skipped due to KSN trusted
15:09:41.0178 0x0548 Pml Driver HPZ12 - ok
15:09:41.0213 0x0548 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:09:41.0252 0x0548 PNRPAutoReg - ok
15:09:41.0294 0x0548 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:09:41.0323 0x0548 PNRPsvc - ok
15:09:41.0378 0x0548 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:09:41.0443 0x0548 PolicyAgent - ok
15:09:41.0475 0x0548 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:09:41.0515 0x0548 Power - ok
15:09:41.0543 0x0548 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:09:41.0591 0x0548 PptpMiniport - ok
15:09:41.0620 0x0548 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:09:41.0630 0x0548 Processor - ok
15:09:41.0664 0x0548 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
15:09:41.0694 0x0548 ProfSvc - ok
15:09:41.0706 0x0548 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:09:41.0716 0x0548 ProtectedStorage - ok
15:09:41.0765 0x0548 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:09:41.0834 0x0548 Psched - ok
15:09:41.0904 0x0548 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:09:41.0941 0x0548 ql2300 - ok
15:09:41.0969 0x0548 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:09:41.0979 0x0548 ql40xx - ok
15:09:42.0006 0x0548 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:09:42.0024 0x0548 QWAVE - ok
15:09:42.0038 0x0548 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:09:42.0052 0x0548 QWAVEdrv - ok
15:09:42.0068 0x0548 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:09:42.0108 0x0548 RasAcd - ok
15:09:42.0142 0x0548 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:09:42.0181 0x0548 RasAgileVpn - ok
15:09:42.0189 0x0548 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:09:42.0218 0x0548 RasAuto - ok
15:09:42.0252 0x0548 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:09:42.0296 0x0548 Rasl2tp - ok
15:09:42.0330 0x0548 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:09:42.0368 0x0548 RasMan - ok
15:09:42.0379 0x0548 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:09:42.0416 0x0548 RasPppoe - ok
15:09:42.0441 0x0548 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:09:42.0482 0x0548 RasSstp - ok
15:09:42.0500 0x0548 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:09:42.0545 0x0548 rdbss - ok
15:09:42.0556 0x0548 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:09:42.0568 0x0548 rdpbus - ok
15:09:42.0595 0x0548 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:09:42.0621 0x0548 RDPCDD - ok
15:09:42.0635 0x0548 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:09:42.0673 0x0548 RDPENCDD - ok
15:09:42.0682 0x0548 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:09:42.0709 0x0548 RDPREFMP - ok
15:09:42.0794 0x0548 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:09:42.0861 0x0548 RdpVideoMiniport - ok
15:09:42.0904 0x0548 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:09:42.0947 0x0548 RDPWD - ok
15:09:42.0979 0x0548 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:09:43.0003 0x0548 rdyboost - ok
15:09:43.0024 0x0548 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:09:43.0073 0x0548 RemoteAccess - ok
15:09:43.0096 0x0548 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:09:43.0137 0x0548 RemoteRegistry - ok
15:09:43.0150 0x0548 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:09:43.0180 0x0548 RpcEptMapper - ok
15:09:43.0190 0x0548 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:09:43.0227 0x0548 RpcLocator - ok
15:09:43.0266 0x0548 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:09:43.0304 0x0548 RpcSs - ok
15:09:43.0324 0x0548 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:09:43.0351 0x0548 rspndr - ok
15:09:43.0389 0x0548 [ B15C021C2C9BB217A799D9532E8F04D4, 62DC365676829465CFE58EB8CD0851A37B03ACE3E3980A6A1D8C4F7C2010B9EB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:09:43.0402 0x0548 RTL8167 - ok
15:09:43.0413 0x0548 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
15:09:43.0423 0x0548 SamSs - ok
15:09:43.0441 0x0548 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:09:43.0451 0x0548 sbp2port - ok
15:09:43.0472 0x0548 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:09:43.0503 0x0548 SCardSvr - ok
15:09:43.0510 0x0548 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:09:43.0549 0x0548 scfilter - ok
15:09:43.0608 0x0548 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:09:43.0686 0x0548 Schedule - ok
15:09:43.0732 0x0548 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:09:43.0758 0x0548 SCPolicySvc - ok
15:09:43.0794 0x0548 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:09:43.0843 0x0548 SDRSVC - ok
15:09:43.0858 0x0548 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:09:43.0885 0x0548 secdrv - ok
15:09:43.0888 0x0548 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:09:43.0918 0x0548 seclogon - ok
15:09:43.0925 0x0548 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:09:43.0972 0x0548 SENS - ok
15:09:43.0987 0x0548 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:09:44.0017 0x0548 SensrSvc - ok
15:09:44.0040 0x0548 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:09:44.0058 0x0548 Serenum - ok
15:09:44.0070 0x0548 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:09:44.0082 0x0548 Serial - ok
15:09:44.0102 0x0548 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:09:44.0112 0x0548 sermouse - ok
15:09:44.0144 0x0548 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:09:44.0202 0x0548 SessionEnv - ok
15:09:44.0222 0x0548 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:09:44.0237 0x0548 sffdisk - ok
15:09:44.0241 0x0548 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:09:44.0281 0x0548 sffp_mmc - ok
15:09:44.0285 0x0548 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:09:44.0321 0x0548 sffp_sd - ok
15:09:44.0331 0x0548 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:09:44.0371 0x0548 sfloppy - ok
15:09:44.0426 0x0548 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:09:44.0470 0x0548 SharedAccess - ok
15:09:44.0522 0x0548 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:09:44.0564 0x0548 ShellHWDetection - ok
15:09:44.0589 0x0548 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:09:44.0597 0x0548 SiSRaid2 - ok
15:09:44.0611 0x0548 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:09:44.0620 0x0548 SiSRaid4 - ok
15:09:44.0645 0x0548 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:09:44.0672 0x0548 Smb - ok
15:09:44.0720 0x0548 [ 20635287FAA016E4E2A07E86C02759B8, 6248EE0C41A845D4DA2B129C19392F51E971592899F3CFBA32363502A2931352 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
15:09:44.0730 0x0548 snapman - ok
15:09:44.0763 0x0548 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:09:44.0774 0x0548 SNMPTRAP - ok
15:09:44.0819 0x0548 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
15:09:44.0839 0x0548 speedfan - ok
15:09:44.0855 0x0548 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:09:44.0870 0x0548 spldr - ok
15:09:44.0901 0x0548 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:09:44.0979 0x0548 Spooler - ok
15:09:45.0117 0x0548 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:09:45.0232 0x0548 sppsvc - ok
15:09:45.0251 0x0548 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:09:45.0289 0x0548 sppuinotify - ok
15:09:45.0324 0x0548 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:09:45.0376 0x0548 srv - ok
15:09:45.0395 0x0548 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:09:45.0431 0x0548 srv2 - ok
15:09:45.0476 0x0548 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:09:45.0516 0x0548 srvnet - ok
15:09:45.0561 0x0548 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:09:45.0603 0x0548 SSDPSRV - ok
15:09:45.0612 0x0548 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:09:45.0642 0x0548 SstpSvc - ok
15:09:45.0703 0x0548 [ E942412186178B1331F8335E30FA076F, 000CA0F392A1CEA4F7843364A3639CF2ADB66BE48A6850C6AD61DD252E7727B3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
15:09:45.0742 0x0548 STacSV - ok
15:09:45.0763 0x0548 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:09:45.0774 0x0548 stexstor - ok
15:09:45.0810 0x0548 [ DCC8845692DEA3477BCF6CE9D06C711F, 22EFA0620B99E73FE9296540DB3A7AFC8E39E0ADCEE6419084218B504A550FBE ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:09:45.0835 0x0548 STHDA - ok
15:09:45.0896 0x0548 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:09:45.0949 0x0548 stisvc - ok
15:09:45.0966 0x0548 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
15:09:45.0973 0x0548 swenum - ok
15:09:45.0997 0x0548 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:09:46.0035 0x0548 swprv - ok
15:09:46.0122 0x0548 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:09:46.0185 0x0548 SysMain - ok
15:09:46.0225 0x0548 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:09:46.0285 0x0548 TabletInputService - ok
15:09:46.0332 0x0548 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:09:46.0402 0x0548 TapiSrv - ok
15:09:46.0422 0x0548 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:09:46.0478 0x0548 TBS - ok
15:09:46.0568 0x0548 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:09:46.0620 0x0548 Tcpip - ok
15:09:46.0682 0x0548 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:09:46.0728 0x0548 TCPIP6 - ok
15:09:46.0756 0x0548 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:09:46.0766 0x0548 tcpipreg - ok
15:09:46.0791 0x0548 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:09:46.0811 0x0548 TDPIPE - ok
15:09:46.0885 0x0548 [ DF9179B7BDF0C5B71F9C3D93C016BAE5, F065E7ECEC27B4312A361A5C2AD388C10578250BAF31B20801B901449B736C77 ] tdrpman251 C:\Windows\system32\DRIVERS\tdrpm251.sys
15:09:46.0919 0x0548 tdrpman251 - ok
15:09:46.0940 0x0548 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:09:46.0949 0x0548 TDTCP - ok
15:09:46.0979 0x0548 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:09:47.0032 0x0548 tdx - ok
15:09:47.0081 0x0548 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
15:09:47.0094 0x0548 TermDD - ok
15:09:47.0139 0x0548 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
15:09:47.0179 0x0548 TermService - ok
15:09:47.0190 0x0548 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:09:47.0204 0x0548 Themes - ok
15:09:47.0219 0x0548 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:09:47.0246 0x0548 THREADORDER - ok
15:09:47.0280 0x0548 [ F7546EAD58CC3000AC02CF9529B9934E, 932A7A7AA50F207B97F52EF25CF2E38E57C2F88AC1AC203E1DC9CFA461CFA441 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
15:09:47.0304 0x0548 timounter - ok
15:09:47.0314 0x0548 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:09:47.0343 0x0548 TrkWks - ok
15:09:47.0399 0x0548 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:09:47.0453 0x0548 TrustedInstaller - ok
15:09:47.0496 0x0548 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:09:47.0524 0x0548 tssecsrv - ok
15:09:47.0550 0x0548 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:09:47.0578 0x0548 TsUsbFlt - ok
15:09:47.0635 0x0548 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:09:47.0687 0x0548 tunnel - ok
15:09:47.0702 0x0548 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:09:47.0711 0x0548 uagp35 - ok
15:09:47.0745 0x0548 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:09:47.0795 0x0548 udfs - ok
15:09:47.0824 0x0548 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:09:47.0850 0x0548 UI0Detect - ok
15:09:47.0873 0x0548 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:09:47.0882 0x0548 uliagpkx - ok
15:09:47.0906 0x0548 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:09:47.0916 0x0548 umbus - ok
15:09:47.0933 0x0548 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:09:47.0943 0x0548 UmPass - ok
15:09:48.0072 0x0548 [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:09:48.0130 0x0548 UNS - ok
15:09:48.0151 0x0548 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:09:48.0186 0x0548 upnphost - ok
15:09:48.0212 0x0548 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:09:48.0283 0x0548 usbccgp - ok
15:09:48.0309 0x0548 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:09:48.0387 0x0548 usbcir - ok
15:09:48.0422 0x0548 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:09:48.0443 0x0548 usbehci - ok
15:09:48.0510 0x0548 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:09:48.0558 0x0548 usbhub - ok
15:09:48.0591 0x0548 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:09:48.0610 0x0548 usbohci - ok
15:09:48.0624 0x0548 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:09:48.0648 0x0548 usbprint - ok
15:09:48.0680 0x0548 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:09:48.0705 0x0548 usbscan - ok
15:09:48.0717 0x0548 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:09:48.0784 0x0548 USBSTOR - ok
15:09:48.0795 0x0548 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:09:48.0815 0x0548 usbuhci - ok
15:09:48.0831 0x0548 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:09:48.0859 0x0548 UxSms - ok
15:09:48.0869 0x0548 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
15:09:48.0878 0x0548 VaultSvc - ok
15:09:48.0904 0x0548 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:09:48.0912 0x0548 vdrvroot - ok
15:09:48.0967 0x0548 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:09:49.0031 0x0548 vds - ok
15:09:49.0051 0x0548 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:09:49.0062 0x0548 vga - ok
15:09:49.0077 0x0548 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:09:49.0104 0x0548 VgaSave - ok
15:09:49.0131 0x0548 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:09:49.0152 0x0548 vhdmp - ok
15:09:49.0177 0x0548 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:09:49.0185 0x0548 viaide - ok
15:09:49.0195 0x0548 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:09:49.0204 0x0548 volmgr - ok
15:09:49.0225 0x0548 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:09:49.0244 0x0548 volmgrx - ok
15:09:49.0262 0x0548 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:09:49.0275 0x0548 volsnap - ok
15:09:49.0301 0x0548 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:09:49.0311 0x0548 vsmraid - ok
15:09:49.0383 0x0548 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:09:49.0460 0x0548 VSS - ok
15:09:49.0475 0x0548 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:09:49.0492 0x0548 vwifibus - ok
15:09:49.0535 0x0548 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:09:49.0598 0x0548 W32Time - ok
15:09:49.0613 0x0548 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:09:49.0622 0x0548 WacomPen - ok
15:09:49.0658 0x0548 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:09:49.0689 0x0548 WANARP - ok
15:09:49.0695 0x0548 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:09:49.0722 0x0548 Wanarpv6 - ok
15:09:49.0800 0x0548 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:09:49.0875 0x0548 wbengine - ok
15:09:49.0889 0x0548 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:09:49.0907 0x0548 WbioSrvc - ok
15:09:49.0954 0x0548 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:09:49.0996 0x0548 wcncsvc - ok
15:09:50.0008 0x0548 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:09:50.0025 0x0548 WcsPlugInService - ok
15:09:50.0040 0x0548 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:09:50.0048 0x0548 Wd - ok
15:09:50.0112 0x0548 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:09:50.0143 0x0548 Wdf01000 - ok
15:09:50.0166 0x0548 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:09:50.0284 0x0548 WdiServiceHost - ok
15:09:50.0289 0x0548 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:09:50.0313 0x0548 WdiSystemHost - ok
15:09:50.0351 0x0548 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:09:50.0380 0x0548 WebClient - ok
15:09:50.0397 0x0548 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:09:50.0442 0x0548 Wecsvc - ok
15:09:50.0447 0x0548 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:09:50.0476 0x0548 wercplsupport - ok
15:09:50.0497 0x0548 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:09:50.0545 0x0548 WerSvc - ok
15:09:50.0570 0x0548 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:09:50.0604 0x0548 WfpLwf - ok
15:09:50.0618 0x0548 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:09:50.0626 0x0548 WIMMount - ok
15:09:50.0642 0x0548 WinDefend - ok
15:09:50.0667 0x0548 WinHttpAutoProxySvc - ok
15:09:50.0721 0x0548 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:09:50.0778 0x0548 Winmgmt - ok
15:09:50.0875 0x0548 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
15:09:50.0955 0x0548 WinRM - ok
15:09:50.0993 0x0548 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:09:51.0005 0x0548 WinUsb - ok
15:09:51.0041 0x0548 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:09:51.0075 0x0548 Wlansvc - ok
15:09:51.0176 0x0548 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:09:51.0227 0x0548 wlidsvc - ok
15:09:51.0252 0x0548 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:09:51.0262 0x0548 WmiAcpi - ok
15:09:51.0286 0x0548 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:09:51.0301 0x0548 wmiApSrv - ok
15:09:51.0311 0x0548 WMPNetworkSvc - ok
15:09:51.0335 0x0548 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:09:51.0352 0x0548 WPCSvc - ok
15:09:51.0387 0x0548 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:09:51.0405 0x0548 WPDBusEnum - ok
15:09:51.0416 0x0548 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:09:51.0457 0x0548 ws2ifsl - ok
15:09:51.0468 0x0548 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:09:51.0493 0x0548 wscsvc - ok
15:09:51.0513 0x0548 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:09:51.0540 0x0548 WSDPrintDevice - ok
15:09:51.0542 0x0548 WSearch - ok
15:09:51.0651 0x0548 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
15:09:51.0719 0x0548 wuauserv - ok
15:09:51.0746 0x0548 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:09:51.0783 0x0548 WudfPf - ok
15:09:51.0805 0x0548 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:09:51.0839 0x0548 WUDFRd - ok
15:09:51.0880 0x0548 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:09:51.0892 0x0548 wudfsvc - ok
15:09:51.0933 0x0548 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:09:51.0965 0x0548 WwanSvc - ok
15:09:51.0968 0x0548 ================ Scan global ===============================
15:09:51.0989 0x0548 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:09:52.0030 0x0548 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:09:52.0046 0x0548 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:09:52.0058 0x0548 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:09:52.0093 0x0548 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:09:52.0101 0x0548 [ Global ] - ok
15:09:52.0101 0x0548 ================ Scan MBR ==================================
15:09:52.0113 0x0548 [ 2C59D2FB843EB14D3ECA44CBB1EB1208 ] \Device\Harddisk0\DR0
15:09:52.0441 0x0548 \Device\Harddisk0\DR0 - ok
15:09:52.0441 0x0548 ================ Scan VBR ==================================
15:09:52.0444 0x0548 [ AE735C9C2281D65A2E36AA25FB9FAE6D ] \Device\Harddisk0\DR0\Partition1
15:09:52.0513 0x0548 \Device\Harddisk0\DR0\Partition1 - ok
15:09:52.0516 0x0548 [ AA8DB04C54AA4769FCA8EDBE7B4C4651 ] \Device\Harddisk0\DR0\Partition2
15:09:52.0581 0x0548 \Device\Harddisk0\DR0\Partition2 - ok
15:09:52.0604 0x0548 [ 8B421BB4709E531E0DEB49B63D69200D ] \Device\Harddisk0\DR0\Partition3
15:09:52.0642 0x0548 \Device\Harddisk0\DR0\Partition3 - ok
15:09:52.0646 0x0548 [ 3687781B1D83F3A3D96B59C983F53AC9 ] \Device\Harddisk0\DR0\Partition4
15:09:52.0648 0x0548 \Device\Harddisk0\DR0\Partition4 - ok
15:09:52.0648 0x0548 ================ Scan generic autorun ======================
15:09:52.0699 0x0548 [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
15:09:52.0711 0x0548 hpsysdrv - ok
15:09:52.0773 0x0548 [ 74260F0ABFA90A22A964B6BDE690AAA2, 183E6601AB5740F4C0B46E3414D7B683594D2223C7F8FE67F7F4A97F95031181 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
15:09:52.0798 0x0548 SmartMenu - ok
15:09:52.0838 0x0548 [ 0B30074603E297706C88E21AAC8185AD, 2DC70FC37125C1AFBC651676BE4F2934B12E0CA05DF78C8AC1524A716139656C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
15:09:52.0851 0x0548 Acronis Scheduler2 Service - ok
15:09:52.0914 0x0548 [ 0899CF4DED834760397AA8C5DDD264F4, 00AB9C5A588473571A6FB42E03956B07FAA65B57945048AE0583BACE2A22C236 ] C:\Program Files\IDT\WDM\sttray64.exe
15:09:52.0966 0x0548 SysTrayApp - ok
15:09:53.0011 0x0548 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
15:09:53.0023 0x0548 NCPluginUpdater - ok
15:09:53.0052 0x0548 [ 061197E94C37D989326D1F1E14DF440E, A0548C8F4780F36B8859EBA6C6A17BFEB05F0EBB12FB210B480EAFE2B104144E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:09:53.0062 0x0548 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
15:09:55.0794 0x0548 Detect skipped due to KSN trusted
15:09:55.0794 0x0548 StartCCC - ok
15:09:55.0811 0x0548 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
15:09:55.0823 0x0548 HP Software Update - ok
15:09:55.0895 0x0548 [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
15:09:55.0928 0x0548 Norton Online Backup - ok
15:09:55.0951 0x0548 [ 30D7BB258A97BDA7C7E2EC63C23554AA, 83DFD5B0D0A2A53052F3E20809813B4D07185B12A734B5B5CD267CF04479EC36 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
15:09:55.0974 0x0548 Easybits Recovery - detected UnsignedFile.Multi.Generic ( 1 )
15:09:58.0695 0x0548 Detect skipped due to KSN trusted
15:09:58.0695 0x0548 Easybits Recovery - ok
15:09:58.0853 0x0548 [ C520BD10E6B0BD2588E3A3922180CE51, AF408C1B16620F60B8952103A3ADB8861DB7B0087603C57335F83677F558A211 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
15:09:58.0955 0x0548 TrueImageMonitor.exe - ok
15:09:58.0959 0x0548 ROC_ROC_NT - ok
15:09:58.0996 0x0548 [ 63AAD7BB041E02E5B7BCBAA9AD4C0A27, 2A85045190FE08401095490682B3EC9DCC4B4A8D065F4CC71D662372817F21D2 ] C:\Program Files (x86)\PDF24\pdf24.exe
15:09:59.0006 0x0548 PDFPrint - ok
15:09:59.0085 0x0548 [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:09:59.0105 0x0548 avgnt - ok
15:09:59.0139 0x0548 [ 18C384C8FA1A0A5CA6484D545A6E748A, C978961D4C6A4FA87E28B639E296977A743AF1463AE5B50BA78CCE9C9F8AB202 ] C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
15:09:59.0156 0x0548 ItalusUploader - detected UnsignedFile.Multi.Generic ( 1 )
15:10:02.0728 0x0548 ItalusUploader ( UnsignedFile.Multi.Generic ) - warning
15:10:05.0477 0x0548 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:05.0580 0x0548 Sidebar - ok
15:10:05.0606 0x0548 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:05.0632 0x0548 mctadmin - ok
15:10:05.0684 0x0548 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:05.0723 0x0548 Sidebar - ok
15:10:05.0728 0x0548 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:05.0742 0x0548 mctadmin - ok
15:10:05.0803 0x0548 [ 9E0BB012A32608D339CE25305B2C30FB, A34DD7F9F6E87D8AA132CD0C1F115B5E70746F7B637BD72DACB76D1C3AB4F548 ] C:\Users\PC_Schoch_1\AppData\Roaming\Identities\qwmyejuk.exe
15:10:05.0829 0x0548 qwmyejuk.exe - detected UnsignedFile.Multi.Generic ( 1 )
15:10:08.0558 0x0548 Detect turned to UDS exact due to KSN untrusted
15:10:08.0558 0x0548 qwmyejuk.exe ( UDS:DangerousObject.Multi.Generic ) - infected
15:10:08.0558 0x0548 Force sending object to P2P due to detect: C:\Users\PC_Schoch_1\AppData\Roaming\Identities\qwmyejuk.exe
15:10:16.0412 0x0548 Object send P2P result: true
15:10:19.0117 0x0548 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x41000 ( enabled : updated )
15:10:19.0121 0x0548 Win FW state via NFP2: enabled
15:10:21.0791 0x0548 ============================================================
15:10:21.0791 0x0548 Scan finished
15:10:21.0791 0x0548 ============================================================
15:10:21.0800 0x04ac Detected object count: 2
15:10:21.0800 0x04ac Actual detected object count: 2
15:10:44.0794 0x04ac ItalusUploader ( UnsignedFile.Multi.Generic ) - skipped by user
15:10:44.0794 0x04ac ItalusUploader ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:10:44.0796 0x04ac qwmyejuk.exe ( UDS:DangerousObject.Multi.Generic ) - skipped by user
15:10:44.0796 0x04ac qwmyejuk.exe ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
Geändert von Rensch (12.11.2014 um 15:11 Uhr) |
|
12.11.2014, 15:39
| #4 |
| | Telekom Rechnung November 2014 TDSSKiller hatte 2 Objekte gefunden, hatte aber vergessen auf "Skip" umzustellen.  Der 2. Durchlauf war sauber. Eine sache ist mir noch aufgefallen, als ich an diesem Rechner eure Webseite aufrufen wollte, war diese nicht erreichbar. Habe dann die Proxyeinstellungen kontrolliert, diese standen auf "Proxy-Einstellungen vom System verwenden" nach Umstellung auf kein Proxy ging die Boardseite wieder. FSRT - Log FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by PC_Schoch_1 (administrator) on ANDREA on 12-11-2014 15:33:28
Running from C:\Users\PC_Schoch_1\Desktop
Loaded Profile: PC_Schoch_1 (Available profiles: PC_Schoch_1)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [357936 2009-08-28] (Acronis)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-24] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-08-30] (EasyBits Software AS)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5078416 2009-08-28] (Acronis)
HKLM-x32\...\Run: [ROC_ROC_NT] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1727187631-800357886-643226720-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1727187631-800357886-643226720-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\PC_Schoch_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1727187631-800357886-643226720-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-23] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\PC_Schoch_1\AppData\Roaming\Mozilla\Firefox\Profiles\jdolthy0.default
FF SelectedSearchEngine: AVG Secure Search
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\PC_Schoch_1\AppData\Roaming\Mozilla\Firefox\Profiles\jdolthy0.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-12]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aejpijcgafgphijcoplgdcpoaoalgcje] - C:\ProgramData\SaveByclick\aejpijcgafgphijcoplgdcpoaoalgcje.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [804144 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [993584 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4970384 2013-03-28] (CANON INC.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2012-01-13] (Acronis)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 15:16 - 2014-11-12 15:25 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-11-12 15:14 - 2014-11-12 15:14 - 00000000 ____D () C:\Users\PC_Schoch_1\Desktop\Virusentfernung
2014-11-12 12:15 - 2014-11-12 12:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 12:12 - 2014-11-12 12:12 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\PC_Schoch_1\Desktop\tdsskiller.exe
2014-11-11 20:53 - 2014-11-11 20:53 - 00033240 _____ () C:\Users\PC_Schoch_1\Desktop\Addition.txt
2014-11-11 20:51 - 2014-11-12 15:33 - 00016489 _____ () C:\Users\PC_Schoch_1\Desktop\FRST.txt
2014-11-11 20:50 - 2014-11-12 15:33 - 00000000 ____D () C:\FRST
2014-11-11 20:49 - 2014-11-11 20:49 - 02116096 _____ (Farbar) C:\Users\PC_Schoch_1\Desktop\FRST64.exe
2014-11-11 09:07 - 2014-11-11 09:07 - 00001886 _____ () C:\Windows\SysWOW64\hs_err_pid4656.log
2014-11-10 18:58 - 2014-11-10 18:58 - 00000000 __SHD () C:\Users\PC_Schoch_1\AppData\Local\EmieUserList
2014-11-10 18:58 - 2014-11-10 18:58 - 00000000 __SHD () C:\Users\PC_Schoch_1\AppData\Local\EmieSiteList
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-20 16:16 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-20 16:16 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-20 16:16 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-20 16:16 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-17 10:00 - 2014-10-17 10:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-17 10:00 - 2014-10-17 10:00 - 00002025 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-17 09:38 - 2014-11-07 12:06 - 00000287 _____ () C:\Users\PC_Schoch_1\AppData\Local\VersionChecker_19.xml
2014-10-17 09:38 - 2014-10-17 09:38 - 00000026 _____ () C:\Users\PC_Schoch_1\AppData\Local\getnuserver.php
2014-10-17 09:38 - 2014-10-17 09:38 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Local\SafeNet Sentinel
2014-10-17 09:38 - 2014-10-17 09:38 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-10-17 09:37 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-10-17 09:37 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-17 09:34 - 2014-10-17 10:16 - 00000145 _____ () C:\Users\PC_Schoch_1\Desktop\Info-Vectorworks.txt
2014-10-17 09:26 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-17 09:26 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-10-17 09:26 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-17 09:26 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-17 09:26 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-17 09:26 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-17 09:26 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-10-17 09:26 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-10-17 09:24 - 2014-10-17 09:24 - 00001097 _____ () C:\Users\PC_Schoch_1\Desktop\Vectorworks2014.lnk
2014-10-17 09:22 - 2014-10-17 09:23 - 00000000 ____D () C:\Program Files (x86)\Vectorworks 2014 Hilfe
2014-10-17 09:17 - 2014-10-17 09:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-17 09:16 - 2014-10-17 09:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks2014
2014-10-17 09:10 - 2014-10-17 09:59 - 00000000 ____D () C:\Program Files (x86)\Vectorworks2014
2014-10-16 07:46 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 07:46 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 07:46 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 07:46 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 07:46 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 07:46 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 07:46 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 07:46 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 07:46 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 07:46 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 07:46 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 07:46 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 07:46 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 07:46 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 07:46 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 07:46 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 07:46 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 07:46 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 07:46 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 07:46 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 07:46 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 07:46 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 07:46 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 07:46 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 07:46 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 07:46 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 07:46 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 07:46 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 07:46 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 07:46 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 07:46 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 07:46 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 07:46 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 07:46 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 07:46 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 07:46 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 07:46 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 07:46 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 07:46 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 07:46 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 07:46 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 07:46 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 07:46 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 07:46 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 07:46 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 07:46 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 07:46 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 07:46 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 07:46 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 07:46 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 07:46 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 07:46 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 07:46 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 07:46 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 07:46 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 07:46 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 07:46 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 07:46 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 07:46 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 07:46 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 07:46 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 07:46 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 07:46 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 07:46 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 07:46 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 07:46 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 07:46 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 07:46 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 07:46 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-16 07:46 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-16 07:46 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-16 07:46 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-16 07:46 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-10-16 07:45 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 07:45 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 07:45 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 07:45 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 07:45 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 07:45 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 07:45 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 07:45 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 07:45 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 07:45 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-16 07:45 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-16 07:45 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-10-16 07:45 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-16 07:45 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-10-13 13:28 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-13 13:28 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-13 13:28 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-13 13:28 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 15:33 - 2011-04-23 01:22 - 11617152 _____ () C:\Windows\system32\perfh007.dat
2014-11-12 15:33 - 2011-04-23 01:22 - 03573568 _____ () C:\Windows\system32\perfc007.dat
2014-11-12 15:33 - 2009-07-14 06:13 - 00006504 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 15:31 - 2011-04-23 00:44 - 01546301 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 15:26 - 2012-09-20 18:41 - 00034440 _____ () C:\Windows\setupact.log
2014-11-12 15:26 - 2012-09-18 16:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 15:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 15:25 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 15:25 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 15:16 - 2011-11-14 10:30 - 00000000 ____D () C:\Users\PC_Schoch_1\Documents\Outlook-Dateien
2014-11-12 15:03 - 2013-02-12 17:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 14:18 - 2011-12-15 08:18 - 00003214 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForANDREA$
2014-11-12 14:18 - 2011-12-15 08:18 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForANDREA$.job
2014-11-12 13:03 - 2013-02-12 17:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 13:03 - 2012-04-12 08:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 13:03 - 2011-12-07 09:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 12:13 - 2011-11-18 12:18 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Local\CrashDumps
2014-11-11 21:03 - 2011-11-14 12:18 - 00000287 _____ () C:\Users\PC_Schoch_1\AppData\Local\VersionChecker_17.xml
2014-11-10 22:07 - 2012-02-10 14:31 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-11-10 22:06 - 2011-11-13 19:30 - 00000000 ____D () C:\Users\PC_Schoch_1
2014-11-10 15:22 - 2012-02-07 09:19 - 00000356 _____ () C:\Windows\Tasks\HPCeeScheduleForPC_Schoch_1.job
2014-11-10 11:04 - 2012-02-07 09:19 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPC_Schoch_1
2014-11-10 11:04 - 2011-11-28 14:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-10 11:04 - 2011-11-14 18:16 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-28 08:57 - 2009-07-14 05:45 - 00420416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 05:34 - 2011-11-13 19:48 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-17 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 10:11 - 2011-11-14 12:00 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Local\Adobe
2014-10-17 10:06 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 10:04 - 2012-11-02 09:17 - 00164712 _____ () C:\Windows\PFRO.log
2014-10-17 10:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-17 10:00 - 2011-11-18 18:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-17 10:00 - 2011-11-14 12:02 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-17 09:56 - 2011-11-13 19:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 09:37 - 2013-08-14 17:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 09:36 - 2013-03-05 15:25 - 00000287 _____ () C:\Users\PC_Schoch_1\AppData\Local\VersionChecker_18.xml
2014-10-17 09:36 - 2013-03-05 15:11 - 00000000 ____D () C:\Program Files (x86)\Vectorworks2013
2014-10-17 09:19 - 2013-03-05 15:18 - 00014611 _____ () C:\Windows\aksdrvsetup.log
2014-10-17 09:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-10-14 15:24 - 2011-11-18 18:27 - 00000000 ____D () C:\Users\PC_Schoch_1\AppData\Roaming\TeamViewer
2014-10-14 10:40 - 2013-08-05 13:42 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 10:40 - 2013-08-05 13:41 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 10:40 - 2013-08-05 13:41 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
Some content of TEMP:
====================
C:\Users\PC_Schoch_1\AppData\Local\Temp\avgnt.exe
C:\Users\PC_Schoch_1\AppData\Local\Temp\{C9359E45-1D96-47F5-ADA0-3E7D32C03445}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 10:16
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by PC_Schoch_1 at 2014-11-12 15:34:04
Running from C:\Users\PC_Schoch_1\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
8600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8600_Readme (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Acronis*True*Image*Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5029 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Connect Add-in (HKU\S-1-5-21-1727187631-800357886-643226720-1000\...\Adobe Connect Add-in) (Version: - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{3001791D-2CA6-6FE3-BE0F-8EA7522B32D4}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}) (Version: 2.2.0.0 - ATI Technologies Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (x32 Version: 2010.1123.1002.17926 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Color Network ScanGear Ver.2.71 (HKLM-x32\...\{4E5CA273-5771-450A-AFDD-C58DAD9205DC}) (Version: 2.71.0000 - CANON INC.)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deinstallationspr. Druckertr. PCL (HKLM\...\PCL Printer Driver) (Version: 6, 0, 1, 0 - Canon Inc.)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular 13.0.0.8086k) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FieryRemoteScan 4.4.15.6 (HKLM-x32\...\{A2F6E9AB-86D8-11D5-A06C-00E081105A80}) (Version: - )
FileZilla Client 3.2.7.1 (HKLM-x32\...\FileZilla Client) (Version: 3.2.7.1 - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Designjet ePrint & Share (HKLM-x32\...\{4D1B7E4E-47B1-40E3-9E15-C50E42D81610}) (Version: 1.0.7 - Hewlett-Packard)
HP Designjet T120 und T520 ePrinter Series (HKLM-x32\...\HPAmpereXL) (Version: - Hewlett-Packard Co.)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro K8600 (HKLM\...\{1B06283F-BB48-48D5-A303-9834D9ADD485}) (Version: 13.0 - HP)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP T120 and T520 series ICC Profiles (HKLM\...\{4F9E7F57-1D06-4B50-9691-813F87C655B8}) (Version: 2.0.0 - Hewlett Packard, Co.)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HP Webregistrierung (HKLM-x32\...\{D2FF897E-4A99-446E-8BB4-DD99CD496838}) (Version: 1.2.0.0 - Hewlett Packard, Co.)
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6302.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K8600_Basic (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 33.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
NetObjects Fusion 11.0 (HKLM-x32\...\{46F5DA60-1444-4D37-900E-B6945F2990B1}) (Version: 11 German - )
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Planung und Ausschreibung 2.2 - KÖMMERLING (HKLM-x32\...\{0841104C-44A1-4D6D-A25B-A297A5116484}_is1) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
sv.net (HKLM-x32\...\sv.net) (Version: 14.0 - ITSG GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Vectorworks 2012 Hilfe (HKLM-x32\...\eu.computerworks.vectorworks.2012.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2012 Hilfe (x32 Version: 1.0 - UNKNOWN) Hidden
Vectorworks 2013 Hilfe (HKLM-x32\...\eu.computerworks.vectorworks.2013.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2013 Hilfe (x32 Version: 1.0 - UNKNOWN) Hidden
Vectorworks 2014 Hilfe (HKLM-x32\...\eu.computerworks.vectorworks.2014.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1) (Version: 1.0 - UNKNOWN)
Vectorworks 2014 Hilfe (x32 Version: 1.0 - UNKNOWN) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-10-2014 07:58:24 Windows Update
30-10-2014 13:52:16 Geplanter Prüfpunkt
05-11-2014 08:28:23 Windows Update
11-11-2014 23:50:27 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {008BBD74-27B0-47BF-B40C-966E5ADB312E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {080D7357-4B76-4D2D-B5E5-ED9CF8E5719B} - System32\Tasks\HPCeeScheduleForPC_Schoch_1 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {27B06F3B-7393-4AB1-8F8F-F597187E5AF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3F0D46E9-9159-457C-9392-90DAA4D2796A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {5AF8309A-6D3B-4AB6-ADF7-4597663E674D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5F7D43FB-DB89-4282-A7F3-64BAD37CC4D7} - System32\Tasks\HPCeeScheduleForANDREA$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {76AA8672-7C24-4A6A-AE40-A3FFD3C9C0E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8B0260A0-2D7E-443E-BD47-1D9749F01A91} - System32\Tasks\{4761A3EC-5351-4308-A350-45AD0E3766A6} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [2014-11-06] (Avira Operations GmbH & Co. KG)
Task: {8F8118D2-0C6F-41D7-B22B-3A43A66F9406} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9AF82C70-DB10-4963-87E5-F272E726E91B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BEA173A4-5C04-4C6A-A8C9-E5024ACB90EA} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForANDREA$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPC_Schoch_1.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2009-08-23 18:24 - 2009-08-23 18:24 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-09-15 18:31 - 2010-09-15 18:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2010-04-13 00:59 - 2010-04-13 00:59 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-11-23 18:01 - 2010-11-23 18:01 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-11-12 12:15 - 2014-11-12 12:15 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24732043.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60658199.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24732043.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60658199.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: qwmyejuk.exe => "C:\Users\PC_Schoch_1\AppData\Roaming\Identities\qwmyejuk.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1727187631-800357886-643226720-500 - Administrator - Disabled)
Gast (S-1-5-21-1727187631-800357886-643226720-501 - Limited - Enabled)
PC_Schoch_1 (S-1-5-21-1727187631-800357886-643226720-1000 - Administrator - Enabled) => C:\Users\PC_Schoch_1
==================== Faulty Device Manager Devices =============
Name: Officejet Pro K8600
Description: Officejet Pro K8600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Officejet Pro K8600
Description: Officejet Pro K8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/12/2014 03:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/12/2014 03:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/12/2014 03:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/12/2014 03:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/12/2014 03:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/12/2014 03:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/12/2014 00:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: javaw.exe, Version: 7.0.550.14, Zeitstempel: 0x534c8cbb
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002df85
ID des fehlerhaften Prozesses: 0xc08
Startzeit der fehlerhaften Anwendung: 0xjavaw.exe0
Pfad der fehlerhaften Anwendung: javaw.exe1
Pfad des fehlerhaften Moduls: javaw.exe2
Berichtskennung: javaw.exe3
Error: (11/12/2014 00:13:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/12/2014 00:13:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/12/2014 00:13:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (11/12/2014 03:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Email Schutz" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/12/2014 03:27:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Email Schutz erreicht.
Error: (11/12/2014 03:27:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/12/2014 03:19:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/12/2014 00:09:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/11/2014 09:03:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 10:00:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 03:57:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 03:24:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/10/2014 08:41:28 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (11/12/2014 03:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (11/12/2014 03:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/12/2014 03:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/12/2014 03:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (11/12/2014 03:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/12/2014 03:22:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/12/2014 00:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe7.0.550.14534c8cbbntdll.dll6.1.7601.18247521ea8e7c00000050002df85c0801cffe69b1dc649bC:\Program Files (x86)\Java\jre7\bin\javaw.exeC:\Windows\SysWOW64\ntdll.dllf050e312-6a5c-11e4-8d5c-e069956f8c33
Error: (11/12/2014 00:13:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (11/12/2014 00:13:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (11/12/2014 00:13:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Percentage of memory in use: 37%
Total physical RAM: 6126.54 MB
Available physical RAM: 3817.5 MB
Total Pagefile: 12251.27 MB
Available Pagefile: 9464.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:699.83 GB) (Free:614.04 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.74 GB) (Free:1.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive x: (Daten) (Fixed) (Total:585.94 GB) (Free:564.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: A1F93165)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=699.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
13.11.2014, 08:21
| #5 |
| | Telekom Rechnung November 2014 Hier noch der letzte TDSSKiller Logfile Code:
ATTFilter 16:10:35.0744 0x0eec TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:10:37.0491 0x0eec ============================================================
16:10:37.0491 0x0eec Current date / time: 2014/11/12 16:10:37.0491
16:10:37.0491 0x0eec SystemInfo:
16:10:37.0491 0x0eec
16:10:37.0491 0x0eec OS Version: 6.1.7601 ServicePack: 1.0
16:10:37.0491 0x0eec Product type: Workstation
16:10:37.0491 0x0eec ComputerName: ANDREA
16:10:37.0491 0x0eec UserName: PC_Schoch_1
16:10:37.0491 0x0eec Windows directory: C:\Windows
16:10:37.0491 0x0eec System windows directory: C:\Windows
16:10:37.0491 0x0eec Running under WOW64
16:10:37.0491 0x0eec Processor architecture: Intel x64
16:10:37.0491 0x0eec Number of processors: 4
16:10:37.0491 0x0eec Page size: 0x1000
16:10:37.0491 0x0eec Boot type: Normal boot
16:10:37.0491 0x0eec ============================================================
16:10:37.0491 0x0eec BG loaded
16:10:37.0803 0x0eec System UUID: {E79813D3-2A46-B178-EB90-98E401E58EB7}
16:10:38.0177 0x0eec Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:10:38.0193 0x0eec ============================================================
16:10:38.0193 0x0eec \Device\Harddisk0\DR0:
16:10:38.0193 0x0eec MBR partitions:
16:10:38.0193 0x0eec \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:10:38.0193 0x0eec \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x577AB000
16:10:38.0209 0x0eec \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x577DE000, BlocksNum 0x493DF800
16:10:38.0209 0x0eec \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xACF0D800, BlocksNum 0x1B79800
16:10:38.0209 0x0eec ============================================================
16:10:38.0287 0x0eec C: <-> \Device\Harddisk0\DR0\Partition2
16:10:38.0333 0x0eec D: <-> \Device\Harddisk0\DR0\Partition4
16:10:38.0552 0x0eec X: <-> \Device\Harddisk0\DR0\Partition3
16:10:38.0552 0x0eec ============================================================
16:10:38.0552 0x0eec Initialize success
16:10:38.0552 0x0eec ============================================================
16:10:44.0293 0x117c ============================================================
16:10:44.0293 0x117c Scan started
16:10:44.0293 0x117c Mode: Manual; SigCheck; TDLFS;
16:10:44.0293 0x117c ============================================================
16:10:44.0293 0x117c KSN ping started
16:10:47.0038 0x117c KSN ping finished: true
16:10:49.0628 0x117c ================ Scan system memory ========================
16:10:49.0628 0x117c System memory - ok
16:10:49.0628 0x117c ================ Scan services =============================
16:10:50.0907 0x117c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:10:50.0954 0x117c 1394ohci - ok
16:10:51.0016 0x117c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:10:51.0047 0x117c ACPI - ok
16:10:51.0141 0x117c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:10:51.0157 0x117c AcpiPmi - ok
16:10:51.0391 0x117c [ 67B708CBF1D5C60D20568CC23BD544E3, 8BEADD7193D7DB23046367452FB61EE219A7277BEC1EB6C44EE77E9CC541E396 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
16:10:51.0406 0x117c AcrSch2Svc - ok
16:10:51.0609 0x117c [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:10:51.0625 0x117c AdobeARMservice - ok
16:10:52.0529 0x117c [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:10:52.0545 0x117c AdobeFlashPlayerUpdateSvc - ok
16:10:52.0670 0x117c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:10:52.0701 0x117c adp94xx - ok
16:10:52.0748 0x117c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:10:52.0763 0x117c adpahci - ok
16:10:52.0779 0x117c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:10:52.0795 0x117c adpu320 - ok
16:10:52.0841 0x117c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:10:52.0873 0x117c AeLookupSvc - ok
16:10:53.0060 0x117c [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:10:53.0075 0x117c AESTFilters - ok
16:10:53.0169 0x117c [ 7F64EA2FCE77830C020B2E387C0FAC05, 89FDF8ECE4AD9EF9EF8EFB4D280A46F039B5FD5349D754C4B32DEC30423E0D02 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
16:10:53.0200 0x117c afcdp - ok
16:10:53.0434 0x117c [ 6900DE81D21CC3CC3C8A5F531CE2AA09, CA4866E135FF1EDB947BAE5DD8AD15C90346658032A04A2C12114A4CDBA2F087 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
16:10:53.0481 0x117c afcdpsrv - ok
16:10:53.0621 0x117c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:10:53.0637 0x117c AFD - ok
16:10:53.0684 0x117c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:10:53.0699 0x117c agp440 - ok
16:10:53.0746 0x117c [ 95BC4330FA44240CA00C641A73C7E62D, 5D90D9B7D03E15B1A358582834B03A043187CDF6790EE7D3E4CCA03CE77010CA ] aksdf C:\Windows\system32\drivers\aksdf.sys
16:10:53.0762 0x117c aksdf - ok
16:10:53.0809 0x117c [ E2E5CF34D6C56ACE5E986969A3D9B0B5, 1A5D328B924CB945F1F48B3E1956F1123BEA0C285E92BFA5BA12E5063049B8B7 ] aksfridge C:\Windows\system32\DRIVERS\aksfridge.sys
16:10:53.0840 0x117c aksfridge - ok
16:10:53.0902 0x117c [ A56F1B0F967AEF8A82D7771E6D166DEF, 498B2C9AFC8298C0D06FD6278DEA698C2AFEEC419200C1EF8C150ED7CB6FA1E8 ] akshasp C:\Windows\system32\DRIVERS\akshasp.sys
16:10:53.0918 0x117c akshasp - ok
16:10:53.0949 0x117c [ 67DFF8C8F95CB21C9C3380DD4C0387F2, 6BB7A48C7D0FB6049FAADAEF8A784FC2822B95C03190945DF6F4310A580C537F ] akshhl C:\Windows\system32\DRIVERS\akshhl.sys
16:10:53.0965 0x117c akshhl - ok
16:10:53.0996 0x117c [ A9A09BC526E614CE9F29BB23C2A76CED, 260027677635E6333ABD499D5F80B7C82109208D298432946DE60C0956193BA2 ] aksusb C:\Windows\system32\DRIVERS\aksusb.sys
16:10:54.0011 0x117c aksusb - ok
16:10:54.0058 0x117c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:10:54.0089 0x117c ALG - ok
16:10:54.0167 0x117c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:10:54.0183 0x117c aliide - ok
16:10:54.0261 0x117c [ 694B7056F66A9DFFE18836655477589A, 6DF92BEE4D361375D6AB8D5FC8B3D29D8883DCE430599548E1D2E87A1238C3D2 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:10:54.0277 0x117c AMD External Events Utility - ok
16:10:54.0355 0x117c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:10:54.0370 0x117c amdide - ok
16:10:54.0433 0x117c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:10:54.0448 0x117c AmdK8 - ok
16:10:55.0322 0x117c [ 600C89344A1DC910E5AF3852A0BC86F4, 0D6DAF987211ADFB8AD6095DEA5DC1F92347BA0CEA200B325ECAADD793809474 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:10:55.0509 0x117c amdkmdag - ok
16:10:55.0618 0x117c [ B191851B6FBF30532470D3541A104EEF, 0631628D855B82E695F48AA2C8A78843287D2E1F43929D576D9C15CCFE1DF93C ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:10:55.0649 0x117c amdkmdap - ok
16:10:55.0712 0x117c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:10:55.0743 0x117c AmdPPM - ok
16:10:55.0790 0x117c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:10:55.0805 0x117c amdsata - ok
16:10:55.0915 0x117c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:10:55.0930 0x117c amdsbs - ok
16:10:55.0977 0x117c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:10:55.0993 0x117c amdxata - ok
16:10:56.0429 0x117c [ EF9F989FC3058F727E11F09CEDB5C963, 02C4D9DD6FA1B21386249DEAC16258B975148D4EB177F7A274183D3ED514A570 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
16:10:56.0461 0x117c AntiVirMailService - ok
16:10:56.0570 0x117c [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:10:56.0601 0x117c AntiVirSchedulerService - ok
16:10:56.0726 0x117c [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:10:56.0741 0x117c AntiVirService - ok
16:10:56.0882 0x117c [ 323EC9754AEBCD922B0D80D49419B000, 74C060FEBDA551C9AC5CB5E5FD42E0092E01BC07AE636BD85E38D49196A92147 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:10:56.0913 0x117c AntiVirWebService - ok
16:10:57.0007 0x117c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:10:57.0053 0x117c AppID - ok
16:10:57.0100 0x117c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:10:57.0131 0x117c AppIDSvc - ok
16:10:57.0178 0x117c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:10:57.0194 0x117c Appinfo - ok
16:10:57.0287 0x117c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:10:57.0303 0x117c arc - ok
16:10:57.0319 0x117c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:10:57.0319 0x117c arcsas - ok
16:10:57.0755 0x117c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:10:57.0771 0x117c aspnet_state - ok
16:10:57.0818 0x117c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:10:57.0865 0x117c AsyncMac - ok
16:10:57.0896 0x117c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:10:57.0911 0x117c atapi - ok
16:10:57.0989 0x117c [ E02B26650ACC2F4901342D4A66774AD7, 632A88C5AE6E71BB86C5306566EA08C4678F3F949479C8D1BEB8B01DD6724B88 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:10:58.0005 0x117c AtiHDAudioService - ok
16:10:58.0145 0x117c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:10:58.0192 0x117c AudioEndpointBuilder - ok
16:10:58.0255 0x117c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:10:58.0301 0x117c AudioSrv - ok
16:10:58.0411 0x117c [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:10:58.0426 0x117c avgntflt - ok
16:10:58.0535 0x0b20 Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
16:10:58.0535 0x117c [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:10:58.0551 0x117c avipbb - ok
16:10:58.0598 0x117c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:10:58.0613 0x117c avkmgr - ok
16:10:58.0691 0x117c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:10:58.0723 0x117c AxInstSV - ok
16:10:58.0863 0x117c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:10:58.0879 0x117c b06bdrv - ok
16:10:58.0972 0x117c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:10:59.0003 0x117c b57nd60a - ok
16:10:59.0050 0x117c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:10:59.0081 0x117c BDESVC - ok
16:10:59.0097 0x117c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:10:59.0128 0x117c Beep - ok
16:10:59.0284 0x117c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:10:59.0315 0x117c BFE - ok
16:10:59.0409 0x117c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:10:59.0456 0x117c BITS - ok
16:10:59.0503 0x117c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:10:59.0518 0x117c blbdrive - ok
16:10:59.0549 0x117c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:10:59.0565 0x117c bowser - ok
16:10:59.0612 0x117c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:10:59.0627 0x117c BrFiltLo - ok
16:10:59.0659 0x117c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:10:59.0674 0x117c BrFiltUp - ok
16:10:59.0721 0x117c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:10:59.0737 0x117c Browser - ok
16:10:59.0768 0x117c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:10:59.0799 0x117c Brserid - ok
16:10:59.0799 0x117c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:10:59.0815 0x117c BrSerWdm - ok
16:10:59.0846 0x117c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:10:59.0846 0x117c BrUsbMdm - ok
16:10:59.0877 0x117c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:10:59.0893 0x117c BrUsbSer - ok
16:10:59.0924 0x117c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:10:59.0939 0x117c BTHMODEM - ok
16:11:00.0017 0x117c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:11:00.0049 0x117c bthserv - ok
16:11:00.0766 0x117c [ CAC491D46A27A227864018AF2EF9D5D1, 25E00249A30381966B20BFF4F67CA11DB4ED1D8C2C5941A8E22B1FEC25E6B038 ] Canon Driver Information Assist Service C:\Program Files\Canon\DIAS\CnxDIAS.exe
16:11:00.0860 0x117c Canon Driver Information Assist Service - ok
16:11:00.0938 0x117c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:11:00.0985 0x117c cdfs - ok
16:11:01.0078 0x117c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:11:01.0094 0x117c cdrom - ok
16:11:01.0156 0x117c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:11:01.0203 0x117c CertPropSvc - ok
16:11:01.0234 0x117c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:11:01.0250 0x117c circlass - ok
16:11:01.0343 0x117c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:11:01.0359 0x117c CLFS - ok
16:11:01.0468 0x117c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:11:01.0484 0x117c clr_optimization_v2.0.50727_32 - ok
16:11:01.0687 0x117c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:11:01.0702 0x117c clr_optimization_v2.0.50727_64 - ok
16:11:02.0092 0x117c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:11:02.0108 0x117c clr_optimization_v4.0.30319_32 - ok
16:11:02.0155 0x117c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:11:02.0170 0x117c clr_optimization_v4.0.30319_64 - ok
16:11:02.0248 0x117c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:11:02.0264 0x117c CmBatt - ok
16:11:02.0311 0x117c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:11:02.0326 0x117c cmdide - ok
16:11:02.0467 0x117c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:11:02.0498 0x117c CNG - ok
16:11:02.0545 0x117c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:11:02.0560 0x117c Compbatt - ok
16:11:02.0638 0x117c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:11:02.0654 0x117c CompositeBus - ok
16:11:02.0669 0x117c COMSysApp - ok
16:11:02.0685 0x117c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:11:02.0701 0x117c crcdisk - ok
16:11:02.0779 0x117c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:11:02.0794 0x117c CryptSvc - ok
16:11:02.0810 0x0b20 Object send P2P result: true
16:11:02.0950 0x117c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:11:03.0013 0x117c DcomLaunch - ok
16:11:03.0137 0x117c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:11:03.0169 0x117c defragsvc - ok
16:11:03.0200 0x117c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:11:03.0231 0x117c DfsC - ok
16:11:03.0278 0x117c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:11:03.0293 0x117c Dhcp - ok
16:11:03.0325 0x117c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:11:03.0356 0x117c discache - ok
16:11:03.0434 0x117c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:11:03.0434 0x117c Disk - ok
16:11:03.0481 0x117c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:11:03.0512 0x117c Dnscache - ok
16:11:03.0559 0x117c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:11:03.0590 0x117c dot3svc - ok
16:11:03.0668 0x117c [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:11:03.0699 0x117c Dot4 - ok
16:11:03.0777 0x117c [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
16:11:03.0808 0x117c Dot4Print - ok
16:11:03.0839 0x117c [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:11:03.0855 0x117c dot4usb - ok
16:11:03.0917 0x117c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:11:03.0964 0x117c DPS - ok
16:11:04.0027 0x117c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:11:04.0027 0x117c drmkaud - ok
16:11:04.0089 0x117c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:11:04.0120 0x117c DXGKrnl - ok
16:11:04.0167 0x117c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:11:04.0198 0x117c EapHost - ok
16:11:04.0463 0x117c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:11:04.0541 0x117c ebdrv - ok
16:11:04.0635 0x117c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:11:04.0651 0x117c EFS - ok
16:11:04.0838 0x117c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:11:04.0869 0x117c ehRecvr - ok
16:11:04.0916 0x117c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:11:04.0947 0x117c ehSched - ok
16:11:05.0025 0x117c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:11:05.0041 0x117c elxstor - ok
16:11:05.0087 0x117c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:11:05.0087 0x117c ErrDev - ok
16:11:05.0212 0x117c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:11:05.0259 0x117c EventSystem - ok
16:11:05.0306 0x117c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:11:05.0353 0x117c exfat - ok
16:11:05.0399 0x117c ezSharedSvc - ok
16:11:05.0477 0x117c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:11:05.0509 0x117c fastfat - ok
16:11:05.0618 0x117c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:11:05.0649 0x117c Fax - ok
16:11:05.0680 0x117c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:11:05.0696 0x117c fdc - ok
16:11:05.0743 0x117c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:11:05.0789 0x117c fdPHost - ok
16:11:05.0821 0x117c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:11:05.0836 0x117c FDResPub - ok
16:11:05.0930 0x117c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:11:05.0945 0x117c FileInfo - ok
16:11:05.0961 0x117c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:11:05.0992 0x117c Filetrace - ok
16:11:06.0008 0x117c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:11:06.0008 0x117c flpydisk - ok
16:11:06.0055 0x117c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:11:06.0086 0x117c FltMgr - ok
16:11:06.0351 0x117c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:11:06.0398 0x117c FontCache - ok
16:11:06.0507 0x117c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:11:06.0507 0x117c FontCache3.0.0.0 - ok
16:11:06.0585 0x117c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:11:06.0601 0x117c FsDepends - ok
16:11:06.0632 0x117c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:11:06.0647 0x117c Fs_Rec - ok
16:11:06.0757 0x117c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:11:06.0772 0x117c fvevol - ok
16:11:06.0835 0x117c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:11:06.0850 0x117c gagp30kx - ok
16:11:06.0991 0x117c [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
16:11:07.0006 0x117c GameConsoleService - ok
16:11:07.0100 0x117c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:11:07.0147 0x117c gpsvc - ok
16:11:07.0225 0x117c [ 78FAD9117E4527F2CA82259DA10F40BD, 9CE5102C681B8147BFC189897C19852D2BF82A9B95DE6301EBBCD13A604A41F3 ] hardlock C:\Windows\system32\drivers\hardlock.sys
16:11:07.0256 0x117c hardlock - ok
16:11:07.0256 0x117c hasplms - ok
16:11:07.0334 0x117c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:11:07.0349 0x117c hcw85cir - ok
16:11:07.0443 0x117c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:11:07.0459 0x117c HdAudAddService - ok
16:11:07.0505 0x117c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:11:07.0521 0x117c HDAudBus - ok
16:11:07.0537 0x117c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:11:07.0552 0x117c HidBatt - ok
16:11:07.0583 0x117c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:11:07.0599 0x117c HidBth - ok
16:11:07.0615 0x117c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:11:07.0630 0x117c HidIr - ok
16:11:07.0661 0x117c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:11:07.0693 0x117c hidserv - ok
16:11:07.0739 0x117c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:11:07.0755 0x117c HidUsb - ok
16:11:07.0817 0x117c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:11:07.0864 0x117c hkmsvc - ok
16:11:07.0927 0x117c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:11:07.0942 0x117c HomeGroupListener - ok
16:11:07.0989 0x117c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:11:08.0005 0x117c HomeGroupProvider - ok
16:11:08.0192 0x117c [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:11:08.0207 0x117c HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
16:11:10.0969 0x117c Detect skipped due to KSN trusted
16:11:10.0969 0x117c HP Support Assistant Service - ok
16:11:11.0078 0x117c [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:11:11.0109 0x117c HPClientSvc - ok
16:11:11.0249 0x117c [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:11:11.0281 0x117c hpqwmiex - ok
16:11:11.0343 0x117c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:11:11.0359 0x117c HpSAMD - ok
16:11:11.0717 0x117c [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:11:11.0905 0x117c HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
16:11:14.0681 0x117c Detect skipped due to KSN trusted
16:11:14.0681 0x117c HPSLPSVC - ok
16:11:14.0869 0x117c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:11:14.0915 0x117c HTTP - ok
16:11:14.0993 0x117c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:11:15.0009 0x117c hwpolicy - ok
16:11:15.0056 0x117c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:11:15.0087 0x117c i8042prt - ok
16:11:15.0196 0x117c [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:11:15.0212 0x117c iaStor - ok
16:11:15.0274 0x117c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:11:15.0305 0x117c iaStorV - ok
16:11:15.0446 0x117c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:11:15.0477 0x117c idsvc - ok
16:11:15.0586 0x117c IEEtwCollectorService - ok
16:11:15.0649 0x117c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:11:15.0664 0x117c iirsp - ok
16:11:15.0836 0x117c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:11:15.0883 0x117c IKEEXT - ok
16:11:15.0945 0x117c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:11:15.0961 0x117c intelide - ok
16:11:16.0023 0x117c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:11:16.0039 0x117c intelppm - ok
16:11:16.0117 0x117c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:11:16.0163 0x117c IPBusEnum - ok
16:11:16.0210 0x117c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:11:16.0257 0x117c IpFilterDriver - ok
16:11:16.0351 0x117c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:11:16.0382 0x117c iphlpsvc - ok
16:11:16.0413 0x117c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:11:16.0413 0x117c IPMIDRV - ok
16:11:16.0444 0x117c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:11:16.0491 0x117c IPNAT - ok
16:11:16.0538 0x117c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:11:16.0538 0x117c IRENUM - ok
16:11:16.0585 0x117c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:11:16.0600 0x117c isapnp - ok
16:11:16.0647 0x117c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:11:16.0678 0x117c iScsiPrt - ok
16:11:16.0772 0x117c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:11:16.0787 0x117c kbdclass - ok
16:11:16.0803 0x117c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:11:16.0819 0x117c kbdhid - ok
16:11:16.0881 0x117c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:11:16.0897 0x117c KeyIso - ok
16:11:16.0943 0x117c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:11:16.0959 0x117c KSecDD - ok
16:11:16.0990 0x117c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:11:16.0990 0x117c KSecPkg - ok
16:11:17.0037 0x117c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:11:17.0068 0x117c ksthunk - ok
16:11:17.0115 0x117c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:11:17.0146 0x117c KtmRm - ok
16:11:17.0224 0x117c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:11:17.0271 0x117c LanmanServer - ok
16:11:17.0333 0x117c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:11:17.0380 0x117c LanmanWorkstation - ok
16:11:17.0474 0x117c [ FA4A45C179AB0E0F1A31B9751D4B18D7, 4356777C2608A65185C9CB8243F071EC9E11BCD152E0C0ACDE25B6BCFD75A7F4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:11:17.0489 0x117c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
16:11:20.0282 0x117c Detect skipped due to KSN trusted
16:11:20.0282 0x117c LightScribeService - ok
16:11:20.0344 0x117c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:11:20.0391 0x117c lltdio - ok
16:11:20.0438 0x117c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:11:20.0469 0x117c lltdsvc - ok
16:11:20.0516 0x117c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:11:20.0578 0x117c lmhosts - ok
16:11:20.0719 0x117c [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:11:20.0734 0x117c LMS - ok
16:11:20.0781 0x117c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:11:20.0797 0x117c LSI_FC - ok
16:11:20.0812 0x117c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:11:20.0828 0x117c LSI_SAS - ok
16:11:20.0843 0x117c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:11:20.0843 0x117c LSI_SAS2 - ok
16:11:20.0875 0x117c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:11:20.0875 0x117c LSI_SCSI - ok
16:11:20.0906 0x117c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:11:20.0937 0x117c luafv - ok
16:11:21.0031 0x117c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:11:21.0046 0x117c Mcx2Svc - ok
16:11:21.0093 0x117c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:11:21.0109 0x117c megasas - ok
16:11:21.0124 0x117c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:11:21.0140 0x117c MegaSR - ok
16:11:21.0171 0x117c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:11:21.0187 0x117c MEIx64 - ok
16:11:21.0218 0x117c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:11:21.0249 0x117c MMCSS - ok
16:11:21.0265 0x117c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:11:21.0280 0x117c Modem - ok
16:11:21.0311 0x117c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:11:21.0311 0x117c monitor - ok
16:11:21.0358 0x117c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:11:21.0374 0x117c mouclass - ok
16:11:21.0405 0x117c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:11:21.0421 0x117c mouhid - ok
16:11:21.0483 0x117c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:11:21.0499 0x117c mountmgr - ok
16:11:21.0608 0x117c [ 28048289E32294004A86935CC40A3252, D397C3BAD6BCDA33FA0982E10677598E8BDF69A0933D19A36873CB45BA4FB819 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:11:21.0623 0x117c MozillaMaintenance - ok
16:11:21.0655 0x117c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:11:21.0686 0x117c mpio - ok
16:11:21.0701 0x117c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:11:21.0733 0x117c mpsdrv - ok
16:11:21.0920 0x117c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:11:21.0951 0x117c MpsSvc - ok
16:11:21.0998 0x117c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:11:22.0013 0x117c MRxDAV - ok
16:11:22.0045 0x117c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:11:22.0060 0x117c mrxsmb - ok
16:11:22.0123 0x117c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:11:22.0138 0x117c mrxsmb10 - ok
16:11:22.0201 0x117c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:11:22.0216 0x117c mrxsmb20 - ok
16:11:22.0263 0x117c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:11:22.0279 0x117c msahci - ok
16:11:22.0310 0x117c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:11:22.0325 0x117c msdsm - ok
16:11:22.0341 0x117c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:11:22.0357 0x117c MSDTC - ok
16:11:22.0403 0x117c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:11:22.0435 0x117c Msfs - ok
16:11:22.0466 0x117c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:11:22.0497 0x117c mshidkmdf - ok
16:11:22.0528 0x117c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:11:22.0528 0x117c msisadrv - ok
16:11:22.0575 0x117c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:11:22.0606 0x117c MSiSCSI - ok
16:11:22.0606 0x117c msiserver - ok
16:11:22.0653 0x117c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:11:22.0684 0x117c MSKSSRV - ok
16:11:22.0731 0x117c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:11:22.0762 0x117c MSPCLOCK - ok
16:11:22.0793 0x117c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:11:22.0809 0x117c MSPQM - ok
16:11:22.0871 0x117c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:11:22.0903 0x117c MsRPC - ok
16:11:22.0981 0x117c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:11:22.0996 0x117c mssmbios - ok
16:11:23.0012 0x117c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:11:23.0043 0x117c MSTEE - ok
16:11:23.0074 0x117c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:11:23.0074 0x117c MTConfig - ok
16:11:23.0121 0x117c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:11:23.0137 0x117c Mup - ok
16:11:23.0215 0x117c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:11:23.0261 0x117c napagent - ok
16:11:23.0324 0x117c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:11:23.0355 0x117c NativeWifiP - ok
16:11:23.0558 0x117c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:11:23.0589 0x117c NDIS - ok
16:11:23.0605 0x117c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:11:23.0620 0x117c NdisCap - ok
16:11:23.0667 0x117c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:11:23.0714 0x117c NdisTapi - ok
16:11:23.0776 0x117c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:11:23.0823 0x117c Ndisuio - ok
16:11:23.0854 0x117c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:23.0885 0x117c NdisWan - ok
16:11:23.0901 0x117c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:11:23.0932 0x117c NDProxy - ok
16:11:24.0057 0x117c [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:11:24.0057 0x117c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:11:26.0849 0x117c Detect skipped due to KSN trusted
16:11:26.0849 0x117c Net Driver HPZ12 - ok
16:11:26.0896 0x117c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:11:26.0943 0x117c NetBIOS - ok
16:11:26.0974 0x117c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:11:27.0005 0x117c NetBT - ok
16:11:27.0037 0x117c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:11:27.0052 0x117c Netlogon - ok
16:11:27.0083 0x117c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:11:27.0115 0x117c Netman - ok
16:11:27.0208 0x117c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:11:27.0224 0x117c NetMsmqActivator - ok
16:11:27.0255 0x117c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:11:27.0255 0x117c NetPipeActivator - ok
16:11:27.0317 0x117c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:11:27.0364 0x117c netprofm - ok
16:11:27.0380 0x117c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:11:27.0395 0x117c NetTcpActivator - ok
16:11:27.0395 0x117c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:11:27.0411 0x117c NetTcpPortSharing - ok
16:11:27.0458 0x117c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:11:27.0473 0x117c nfrd960 - ok
16:11:27.0536 0x117c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:11:27.0567 0x117c NlaSvc - ok
16:11:27.0879 0x117c [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
16:11:27.0941 0x117c NOBU - ok
16:11:27.0957 0x117c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:11:27.0988 0x117c Npfs - ok
16:11:28.0004 0x117c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:11:28.0019 0x117c nsi - ok
16:11:28.0051 0x117c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:11:28.0082 0x117c nsiproxy - ok
16:11:28.0285 0x117c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:11:28.0316 0x117c Ntfs - ok
16:11:28.0331 0x117c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:11:28.0363 0x117c Null - ok
16:11:28.0425 0x117c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:11:28.0441 0x117c nvraid - ok
16:11:28.0487 0x117c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:11:28.0503 0x117c nvstor - ok
16:11:28.0550 0x117c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:11:28.0565 0x117c nv_agp - ok
16:11:28.0581 0x117c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:11:28.0597 0x117c ohci1394 - ok
16:11:28.0737 0x117c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:11:28.0753 0x117c ose - ok
16:11:29.0267 0x117c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:11:29.0377 0x117c osppsvc - ok
16:11:29.0439 0x117c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:11:29.0455 0x117c p2pimsvc - ok
16:11:29.0517 0x117c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:11:29.0548 0x117c p2psvc - ok
16:11:29.0595 0x117c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:11:29.0611 0x117c Parport - ok
16:11:29.0626 0x117c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:11:29.0642 0x117c partmgr - ok
16:11:29.0704 0x117c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:11:29.0735 0x117c PcaSvc - ok
16:11:29.0798 0x117c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:11:29.0813 0x117c pci - ok
16:11:29.0876 0x117c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:11:29.0891 0x117c pciide - ok
16:11:29.0907 0x117c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:11:29.0938 0x117c pcmcia - ok
16:11:29.0954 0x117c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:11:29.0954 0x117c pcw - ok
16:11:30.0047 0x117c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:11:30.0094 0x117c PEAUTH - ok
16:11:30.0983 0x117c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:11:30.0999 0x117c PerfHost - ok
16:11:31.0155 0x117c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:11:31.0217 0x117c pla - ok
16:11:31.0311 0x117c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:11:31.0342 0x117c PlugPlay - ok
16:11:31.0420 0x117c [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:11:31.0436 0x117c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:11:34.0213 0x117c Detect skipped due to KSN trusted
16:11:34.0213 0x117c Pml Driver HPZ12 - ok
16:11:34.0259 0x117c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:11:34.0275 0x117c PNRPAutoReg - ok
16:11:34.0322 0x117c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:11:34.0337 0x117c PNRPsvc - ok
16:11:34.0415 0x117c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:11:34.0478 0x117c PolicyAgent - ok
16:11:34.0540 0x117c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:11:34.0587 0x117c Power - ok
16:11:34.0649 0x117c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:11:34.0681 0x117c PptpMiniport - ok
16:11:34.0743 0x117c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:11:34.0759 0x117c Processor - ok
16:11:34.0805 0x117c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:11:34.0821 0x117c ProfSvc - ok
16:11:34.0837 0x117c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:11:34.0852 0x117c ProtectedStorage - ok
16:11:34.0946 0x117c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:11:34.0977 0x117c Psched - ok
16:11:35.0164 0x117c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:11:35.0195 0x117c ql2300 - ok
16:11:35.0211 0x117c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:11:35.0227 0x117c ql40xx - ok
16:11:35.0258 0x117c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:11:35.0273 0x117c QWAVE - ok
16:11:35.0305 0x117c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:11:35.0305 0x117c QWAVEdrv - ok
16:11:35.0336 0x117c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:11:35.0351 0x117c RasAcd - ok
16:11:35.0429 0x117c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:11:35.0461 0x117c RasAgileVpn - ok
16:11:35.0492 0x117c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:11:35.0523 0x117c RasAuto - ok
16:11:35.0554 0x117c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:11:35.0601 0x117c Rasl2tp - ok
16:11:35.0632 0x117c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:11:35.0663 0x117c RasMan - ok
16:11:35.0710 0x117c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:11:35.0726 0x117c RasPppoe - ok
16:11:35.0757 0x117c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:11:35.0773 0x117c RasSstp - ok
16:11:35.0851 0x117c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:11:35.0897 0x117c rdbss - ok
16:11:35.0913 0x117c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:11:35.0929 0x117c rdpbus - ok
16:11:35.0975 0x117c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:11:35.0991 0x117c RDPCDD - ok
16:11:36.0053 0x117c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:11:36.0085 0x117c RDPENCDD - ok
16:11:36.0116 0x117c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:11:36.0131 0x117c RDPREFMP - ok
16:11:36.0334 0x117c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:11:36.0350 0x117c RdpVideoMiniport - ok
16:11:36.0428 0x117c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:11:36.0459 0x117c RDPWD - ok
16:11:36.0568 0x117c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:11:36.0584 0x117c rdyboost - ok
16:11:36.0615 0x117c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:11:36.0646 0x117c RemoteAccess - ok
16:11:36.0709 0x117c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:11:36.0771 0x117c RemoteRegistry - ok
16:11:36.0787 0x117c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:11:36.0818 0x117c RpcEptMapper - ok
16:11:36.0865 0x117c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:11:36.0880 0x117c RpcLocator - ok
16:11:37.0005 0x117c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:11:37.0036 0x117c RpcSs - ok
16:11:37.0099 0x117c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:11:37.0130 0x117c rspndr - ok
16:11:37.0208 0x117c [ B15C021C2C9BB217A799D9532E8F04D4, 62DC365676829465CFE58EB8CD0851A37B03ACE3E3980A6A1D8C4F7C2010B9EB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:11:37.0223 0x117c RTL8167 - ok
16:11:37.0255 0x117c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:11:37.0270 0x117c SamSs - ok
16:11:37.0301 0x117c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:11:37.0317 0x117c sbp2port - ok
16:11:37.0379 0x117c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:11:37.0426 0x117c SCardSvr - ok
16:11:37.0457 0x117c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:11:37.0473 0x117c scfilter - ok
16:11:37.0629 0x117c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:11:37.0691 0x117c Schedule - ok
16:11:37.0723 0x117c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:11:37.0754 0x117c SCPolicySvc - ok
16:11:37.0801 0x117c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:11:37.0801 0x117c SDRSVC - ok
16:11:37.0910 0x117c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:11:37.0941 0x117c secdrv - ok
16:11:37.0957 0x117c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:11:37.0988 0x117c seclogon - ok
16:11:38.0019 0x117c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:11:38.0066 0x117c SENS - ok
16:11:38.0128 0x117c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:11:38.0144 0x117c SensrSvc - ok
16:11:38.0191 0x117c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:11:38.0206 0x117c Serenum - ok
16:11:38.0237 0x117c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:11:38.0253 0x117c Serial - ok
16:11:38.0315 0x117c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:11:38.0331 0x117c sermouse - ok
16:11:38.0378 0x117c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:11:38.0425 0x117c SessionEnv - ok
16:11:38.0456 0x117c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:11:38.0471 0x117c sffdisk - ok
16:11:38.0471 0x117c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:11:38.0487 0x117c sffp_mmc - ok
16:11:38.0503 0x117c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:11:38.0518 0x117c sffp_sd - ok
16:11:38.0596 0x117c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:11:38.0612 0x117c sfloppy - ok
16:11:38.0690 0x117c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:11:38.0737 0x117c SharedAccess - ok
16:11:38.0815 0x117c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:11:38.0861 0x117c ShellHWDetection - ok
16:11:38.0908 0x117c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:11:38.0924 0x117c SiSRaid2 - ok
16:11:38.0955 0x117c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:11:38.0986 0x117c SiSRaid4 - ok
16:11:39.0017 0x117c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:11:39.0064 0x117c Smb - ok
16:11:39.0158 0x117c [ 20635287FAA016E4E2A07E86C02759B8, 6248EE0C41A845D4DA2B129C19392F51E971592899F3CFBA32363502A2931352 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
16:11:39.0173 0x117c snapman - ok
16:11:39.0236 0x117c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:11:39.0251 0x117c SNMPTRAP - ok
16:11:39.0376 0x117c [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
16:11:39.0392 0x117c speedfan - ok
16:11:39.0423 0x117c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:11:39.0439 0x117c spldr - ok
16:11:39.0517 0x117c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:11:39.0548 0x117c Spooler - ok
16:11:39.0844 0x117c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:11:39.0938 0x117c sppsvc - ok
16:11:39.0969 0x117c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:11:40.0000 0x117c sppuinotify - ok
16:11:40.0094 0x117c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:11:40.0109 0x117c srv - ok
16:11:40.0187 0x117c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:11:40.0203 0x117c srv2 - ok
16:11:40.0234 0x117c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:11:40.0250 0x117c srvnet - ok
16:11:40.0281 0x117c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:11:40.0328 0x117c SSDPSRV - ok
16:11:40.0359 0x117c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:11:40.0375 0x117c SstpSvc - ok
16:11:40.0531 0x117c [ E942412186178B1331F8335E30FA076F, 000CA0F392A1CEA4F7843364A3639CF2ADB66BE48A6850C6AD61DD252E7727B3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:11:40.0546 0x117c STacSV - ok
16:11:40.0577 0x117c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:11:40.0593 0x117c stexstor - ok
16:11:40.0687 0x117c [ DCC8845692DEA3477BCF6CE9D06C711F, 22EFA0620B99E73FE9296540DB3A7AFC8E39E0ADCEE6419084218B504A550FBE ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:11:40.0702 0x117c STHDA - ok
16:11:40.0843 0x117c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:11:40.0874 0x117c stisvc - ok
16:11:40.0905 0x117c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:11:40.0921 0x117c swenum - ok
16:11:41.0014 0x117c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:11:41.0061 0x117c swprv - ok
16:11:41.0279 0x117c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:11:41.0326 0x117c SysMain - ok
16:11:41.0357 0x117c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:11:41.0373 0x117c TabletInputService - ok
16:11:41.0451 0x117c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:11:41.0498 0x117c TapiSrv - ok
16:11:41.0545 0x117c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:11:41.0576 0x117c TBS - ok
16:11:41.0810 0x117c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:11:41.0857 0x117c Tcpip - ok
16:11:42.0044 0x117c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:11:42.0075 0x117c TCPIP6 - ok
16:11:42.0137 0x117c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:11:42.0153 0x117c tcpipreg - ok
16:11:42.0200 0x117c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:11:42.0215 0x117c TDPIPE - ok
16:11:42.0387 0x117c [ DF9179B7BDF0C5B71F9C3D93C016BAE5, F065E7ECEC27B4312A361A5C2AD388C10578250BAF31B20801B901449B736C77 ] tdrpman251 C:\Windows\system32\DRIVERS\tdrpm251.sys
16:11:42.0434 0x117c tdrpman251 - ok
16:11:42.0449 0x117c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:11:42.0465 0x117c TDTCP - ok
16:11:42.0559 0x117c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:11:42.0590 0x117c tdx - ok
16:11:42.0637 0x117c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:11:42.0637 0x117c TermDD - ok
16:11:42.0761 0x117c [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
16:11:42.0793 0x117c TermService - ok
16:11:42.0824 0x117c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:11:42.0839 0x117c Themes - ok
16:11:42.0886 0x117c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:11:42.0917 0x117c THREADORDER - ok
16:11:43.0042 0x117c [ F7546EAD58CC3000AC02CF9529B9934E, 932A7A7AA50F207B97F52EF25CF2E38E57C2F88AC1AC203E1DC9CFA461CFA441 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
16:11:43.0089 0x117c timounter - ok
16:11:43.0120 0x117c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:11:43.0167 0x117c TrkWks - ok
16:11:43.0261 0x117c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:11:43.0307 0x117c TrustedInstaller - ok
16:11:43.0354 0x117c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:11:43.0370 0x117c tssecsrv - ok
16:11:43.0432 0x117c [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:11:43.0448 0x117c TsUsbFlt - ok
16:11:43.0541 0x117c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:11:43.0588 0x117c tunnel - ok
16:11:43.0604 0x117c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:11:43.0619 0x117c uagp35 - ok
16:11:43.0682 0x117c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:11:43.0729 0x117c udfs - ok
16:11:43.0760 0x117c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:11:43.0775 0x117c UI0Detect - ok
16:11:43.0838 0x117c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:11:43.0853 0x117c uliagpkx - ok
16:11:43.0885 0x117c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:11:43.0900 0x117c umbus - ok
16:11:43.0947 0x117c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:11:43.0963 0x117c UmPass - ok
16:11:44.0337 0x117c [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:11:44.0399 0x117c UNS - ok
16:11:44.0431 0x117c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:11:44.0477 0x117c upnphost - ok
16:11:44.0524 0x117c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:11:44.0540 0x117c usbccgp - ok
16:11:44.0602 0x117c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:11:44.0633 0x117c usbcir - ok
16:11:44.0665 0x117c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:11:44.0680 0x117c usbehci - ok
16:11:44.0789 0x117c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:11:44.0821 0x117c usbhub - ok
16:11:44.0852 0x117c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:11:44.0867 0x117c usbohci - ok
16:11:44.0914 0x117c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:11:44.0930 0x117c usbprint - ok
16:11:44.0992 0x117c [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:11:45.0023 0x117c usbscan - ok
16:11:45.0039 0x117c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:11:45.0055 0x117c USBSTOR - ok
16:11:45.0148 0x117c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:11:45.0164 0x117c usbuhci - ok
16:11:45.0211 0x117c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:11:45.0257 0x117c UxSms - ok
16:11:45.0273 0x117c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:11:45.0289 0x117c VaultSvc - ok
16:11:45.0304 0x117c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:11:45.0320 0x117c vdrvroot - ok
16:11:45.0367 0x117c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:11:45.0429 0x117c vds - ok
16:11:45.0460 0x117c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:11:45.0476 0x117c vga - ok
16:11:45.0491 0x117c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:11:45.0507 0x117c VgaSave - ok
16:11:45.0554 0x117c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:11:45.0569 0x117c vhdmp - ok
16:11:45.0632 0x117c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:11:45.0647 0x117c viaide - ok
16:11:45.0710 0x117c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:11:45.0725 0x117c volmgr - ok
16:11:45.0819 0x117c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:11:45.0850 0x117c volmgrx - ok
16:11:45.0881 0x117c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:11:45.0897 0x117c volsnap - ok
16:11:45.0928 0x117c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:11:45.0944 0x117c vsmraid - ok
16:11:46.0162 0x117c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:11:46.0225 0x117c VSS - ok
16:11:46.0240 0x117c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:11:46.0256 0x117c vwifibus - ok
16:11:46.0381 0x117c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:11:46.0427 0x117c W32Time - ok
16:11:46.0459 0x117c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:11:46.0474 0x117c WacomPen - ok
16:11:46.0552 0x117c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:11:46.0583 0x117c WANARP - ok
16:11:46.0599 0x117c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:11:46.0615 0x117c Wanarpv6 - ok
16:11:46.0802 0x117c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:11:46.0833 0x117c wbengine - ok
16:11:46.0864 0x117c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:11:46.0895 0x117c WbioSrvc - ok
16:11:46.0989 0x117c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:11:47.0020 0x117c wcncsvc - ok
16:11:47.0036 0x117c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:11:47.0051 0x117c WcsPlugInService - ok
16:11:47.0083 0x117c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:11:47.0098 0x117c Wd - ok
16:11:47.0161 0x117c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:11:47.0192 0x117c Wdf01000 - ok
16:11:47.0223 0x117c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:11:47.0239 0x117c WdiServiceHost - ok
16:11:47.0239 0x117c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:11:47.0254 0x117c WdiSystemHost - ok
16:11:47.0317 0x117c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:11:47.0348 0x117c WebClient - ok
16:11:47.0410 0x117c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:11:47.0457 0x117c Wecsvc - ok
16:11:47.0473 0x117c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:11:47.0504 0x117c wercplsupport - ok
16:11:47.0551 0x117c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:11:47.0597 0x117c WerSvc - ok
16:11:47.0660 0x117c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:11:47.0707 0x117c WfpLwf - ok
16:11:47.0738 0x117c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:11:47.0753 0x117c WIMMount - ok
16:11:47.0785 0x117c WinDefend - ok
16:11:47.0847 0x117c WinHttpAutoProxySvc - ok
16:11:47.0972 0x117c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:11:48.0019 0x117c Winmgmt - ok
16:11:48.0190 0x117c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:11:48.0253 0x117c WinRM - ok
16:11:48.0331 0x117c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:11:48.0346 0x117c WinUsb - ok
16:11:48.0424 0x117c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:11:48.0455 0x117c Wlansvc - ok
16:11:48.0721 0x117c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:11:48.0767 0x117c wlidsvc - ok
16:11:48.0814 0x117c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:11:48.0830 0x117c WmiAcpi - ok
16:11:48.0877 0x117c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:11:48.0892 0x117c wmiApSrv - ok
16:11:48.0939 0x117c WMPNetworkSvc - ok
16:11:49.0001 0x117c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:11:49.0033 0x117c WPCSvc - ok
16:11:49.0064 0x117c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:11:49.0095 0x117c WPDBusEnum - ok
16:11:49.0142 0x117c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:11:49.0173 0x117c ws2ifsl - ok
16:11:49.0204 0x117c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:11:49.0220 0x117c wscsvc - ok
16:11:49.0298 0x117c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:11:49.0313 0x117c WSDPrintDevice - ok
16:11:49.0313 0x117c WSearch - ok
16:11:49.0641 0x117c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
16:11:49.0703 0x117c wuauserv - ok
16:11:49.0781 0x117c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:11:49.0797 0x117c WudfPf - ok
16:11:49.0844 0x117c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:49.0859 0x117c WUDFRd - ok
16:11:49.0891 0x117c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:11:49.0906 0x117c wudfsvc - ok
16:11:49.0953 0x117c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:11:49.0984 0x117c WwanSvc - ok
16:11:50.0031 0x117c ================ Scan global ===============================
16:11:50.0047 0x117c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:11:50.0093 0x117c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:11:50.0109 0x117c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:11:50.0156 0x117c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:11:50.0218 0x117c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:11:50.0218 0x117c [ Global ] - ok
16:11:50.0218 0x117c ================ Scan MBR ==================================
16:11:50.0249 0x117c [ 2C59D2FB843EB14D3ECA44CBB1EB1208 ] \Device\Harddisk0\DR0
16:11:57.0067 0x117c \Device\Harddisk0\DR0 - ok
16:11:57.0067 0x117c ================ Scan VBR ==================================
16:11:57.0114 0x117c [ AE735C9C2281D65A2E36AA25FB9FAE6D ] \Device\Harddisk0\DR0\Partition1
16:11:57.0207 0x117c \Device\Harddisk0\DR0\Partition1 - ok
16:11:57.0254 0x117c [ AA8DB04C54AA4769FCA8EDBE7B4C4651 ] \Device\Harddisk0\DR0\Partition2
16:11:57.0348 0x117c \Device\Harddisk0\DR0\Partition2 - ok
16:11:57.0394 0x117c [ 8B421BB4709E531E0DEB49B63D69200D ] \Device\Harddisk0\DR0\Partition3
16:11:57.0457 0x117c \Device\Harddisk0\DR0\Partition3 - ok
16:11:57.0488 0x117c [ 3687781B1D83F3A3D96B59C983F53AC9 ] \Device\Harddisk0\DR0\Partition4
16:11:57.0488 0x117c \Device\Harddisk0\DR0\Partition4 - ok
16:11:57.0488 0x117c ================ Scan generic autorun ======================
16:11:57.0597 0x117c [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
16:11:57.0613 0x117c hpsysdrv - ok
16:11:57.0753 0x117c [ 74260F0ABFA90A22A964B6BDE690AAA2, 183E6601AB5740F4C0B46E3414D7B683594D2223C7F8FE67F7F4A97F95031181 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
16:11:57.0784 0x117c SmartMenu - ok
16:11:57.0909 0x117c [ 0B30074603E297706C88E21AAC8185AD, 2DC70FC37125C1AFBC651676BE4F2934B12E0CA05DF78C8AC1524A716139656C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
16:11:57.0925 0x117c Acronis Scheduler2 Service - ok
16:11:58.0081 0x117c [ 0899CF4DED834760397AA8C5DDD264F4, 00AB9C5A588473571A6FB42E03956B07FAA65B57945048AE0583BACE2A22C236 ] C:\Program Files\IDT\WDM\sttray64.exe
16:11:58.0112 0x117c SysTrayApp - ok
16:11:58.0252 0x117c [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
16:11:58.0268 0x117c NCPluginUpdater - ok
16:11:58.0611 0x117c [ 061197E94C37D989326D1F1E14DF440E, A0548C8F4780F36B8859EBA6C6A17BFEB05F0EBB12FB210B480EAFE2B104144E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:11:58.0611 0x117c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
16:12:01.0388 0x117c Detect skipped due to KSN trusted
16:12:01.0388 0x117c StartCCC - ok
16:12:01.0435 0x117c [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
16:12:01.0435 0x117c HP Software Update - ok
16:12:01.0575 0x117c [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
16:12:01.0606 0x117c Norton Online Backup - ok
16:12:01.0700 0x117c [ 30D7BB258A97BDA7C7E2EC63C23554AA, 83DFD5B0D0A2A53052F3E20809813B4D07185B12A734B5B5CD267CF04479EC36 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
16:12:01.0716 0x117c Easybits Recovery - detected UnsignedFile.Multi.Generic ( 1 )
16:12:04.0492 0x117c Detect skipped due to KSN trusted
16:12:04.0492 0x117c Easybits Recovery - ok
16:12:05.0132 0x117c [ C520BD10E6B0BD2588E3A3922180CE51, AF408C1B16620F60B8952103A3ADB8861DB7B0087603C57335F83677F558A211 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
16:12:05.0226 0x117c TrueImageMonitor.exe - ok
16:12:05.0241 0x117c ROC_ROC_NT - ok
16:12:05.0304 0x117c [ 63AAD7BB041E02E5B7BCBAA9AD4C0A27, 2A85045190FE08401095490682B3EC9DCC4B4A8D065F4CC71D662372817F21D2 ] C:\Program Files (x86)\PDF24\pdf24.exe
16:12:05.0319 0x117c PDFPrint - ok
16:12:05.0647 0x117c [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:12:05.0662 0x117c avgnt - ok
16:12:05.0818 0x117c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:12:05.0850 0x117c Sidebar - ok
16:12:05.0881 0x117c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:12:05.0912 0x117c mctadmin - ok
16:12:05.0990 0x117c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:12:06.0021 0x117c Sidebar - ok
16:12:06.0021 0x117c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:12:06.0037 0x117c mctadmin - ok
16:12:06.0037 0x117c Waiting for KSN requests completion. In queue: 14
16:12:07.0051 0x117c Waiting for KSN requests completion. In queue: 7
16:12:08.0065 0x117c Waiting for KSN requests completion. In queue: 7
16:12:09.0094 0x117c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x41000 ( enabled : updated )
16:12:09.0094 0x117c Win FW state via NFP2: enabled
16:12:11.0840 0x117c ============================================================
16:12:11.0840 0x117c Scan finished
16:12:11.0840 0x117c ============================================================
16:12:11.0840 0x10e4 Detected object count: 0
16:12:11.0840 0x10e4 Actual detected object count: 0
16:12:15.0709 0x07dc Deinitialize success
muss ich noch etwas tun oder sollte das System jetzt OK sein? VG |
|
14.11.2014, 07:03
| #6 |
| /// the machine /// TB-Ausbilder | Telekom Rechnung November 2014 Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Telekom Rechnung November 2014 |
|
| Themen zu Telekom Rechnung November 2014 |
| administrator, adware, antivir, branding, browser, canon, cpu, ebanking, explorer, fehlercode 0xc0000005, fehlercode 0xc0000374, fehlercode 22, fehlercode 28, flash player, ftp, italusuploader, mozilla, officejet, performance, registry, secure search, software, symantec, this device is disabled. (code 22), uds:dangerousobject.multi.generic, unsignedfile.multi.generic |
Linear-Darstellung
