Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: SPAMHAUS blockiert meine ausgehenden mails

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.10.2015, 19:36   #1
IN3BQX
 
SPAMHAUS blockiert meine ausgehenden mails - Standard

SPAMHAUS blockiert meine ausgehenden mails



Seit geraumer Zeit kann ich keine mails mehr von meinen xxx@timetronic.it-Konten mehr versenden, sondern bekomme die beiliegende Fehlermeldung.

Ich vermute, daß ein Schadprogramm heimlich Spam-mails mit diesen Absenderadressen verschickt hat und diese daher auf einer Schwarzen Liste gelandet sind.
Dies Vermutung wird dadurch erhärtet, daß ich eine Weile irgendwelche Bestätigungsmails bekommen, diese aber ignoriert und gelöscht habe.

In letzter Zeit hat das aber auch aufgehört.

Wollte Euch um Hilfe bitten und habe nach Eurer "Anweisung für Hilfesuchende" Defogger und FRST heruntergeladen und ausgeführt, die Logs findet Ihr anbei.
GMER konnte ich allerdings nicht ausführen, weil sich mein AVIRA-Echtzeitschutz nicht, wie verlangt, deaktivieren läßt:das Häkchen "Echtzeitschutz aktiviert" läßt sich im AVIRA-Kontextmenü nicht entfernen, ich kanns zwar anklicken, aber es verschwindet nicht.

Danke im voraus für Eure Hilfe.

Viele Grüße
Peter
Miniaturansicht angehängter Grafiken
SPAMHAUS blockiert meine ausgehenden mails-spamhouse_fehlermeldung.jpg  

Alt 10.10.2015, 19:47   #2
schrauber
/// the machine
/// TB-Ausbilder
 

SPAMHAUS blockiert meine ausgehenden mails - Standard

SPAMHAUS blockiert meine ausgehenden mails



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 10.10.2015, 20:50   #3
IN3BQX
 
SPAMHAUS blockiert meine ausgehenden mails - Standard

Entschuldige ...



Hier die Logs wie gewünscht - hatte das mit vorhin nicht richtig kapiert

Danke
Peter

Defogger:
---------
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:44 on 10/10/2015 (Peter)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST:
------
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-10-2015
durchgeführt von Peter (Administrator) auf PETER-HP_W7 (10-10-2015 18:45:39)
Gestartet von C:\Users\Peter\Downloads
Geladene Profile: Peter (Verfügbare Profile: Peter)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(© 2015 Microsoft Corporation) C:\Users\Peter\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684064 2012-10-16] (PDF Complete Inc)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-09] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\Run: [Dropbox Update] => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\Run: [Spotify Web Helper] => C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-02] (Spotify Ltd)
HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\Run: [BingSvc] => C:\Users\Peter\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247144 2009-11-13] (TomTom)
HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\MountPoints2: {aa65ab74-0ebf-11e5-b211-2c44fd2ce01e} - D:\AutoRun.exe
HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\MountPoints2: {aa65ab82-0ebf-11e5-b211-2c44fd2ce01e} - D:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-05-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{147E614D-A9D4-454C-BEAA-E894207C510F}: [NameServer] 193.70.152.25 212.52.97.25
Tcpip\..\Interfaces\{565BCB3B-FC5E-475F-94DF-2A202E5DB2C0}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{895B2A6E-B581-4F2A-8C41-82628ADE8495}: [DhcpNameServer] 8.8.8.8 4.4.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.de
HKU\S-1-5-21-686935404-1206154447-227450523-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.golliver.com
HKU\S-1-5-21-686935404-1206154447-227450523-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKU\S-1-5-21-686935404-1206154447-227450523-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.de
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {19D1C66A-ED11-446B-91EE-305F4A6A56F0} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-5/4?satitle={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {19D1C66A-ED11-446B-91EE-305F4A6A56F0} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-5/4?satitle={searchTerms}
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKU\S-1-5-21-686935404-1206154447-227450523-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-686935404-1206154447-227450523-1001 -> {19D1C66A-ED11-446B-91EE-305F4A6A56F0} URL = hxxp://www.google.de
SearchScopes: HKU\S-1-5-21-686935404-1206154447-227450523-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://www.google.de
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-01] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-01] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-09] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-01] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-686935404-1206154447-227450523-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\gt87khp0.default
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-05-17] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-21] (Digital Persona, Inc.)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\gt87khp0.default\searchplugins\avira-safesearch.xml [2015-04-01]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\golliver.xml [2015-09-16]
FF Extension: Avira Browser Safety - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\gt87khp0.default\Extensions\abs@avira.com [2015-09-17]
FF Extension: Bing Search - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\gt87khp0.default\Extensions\bingsearch.full@microsoft.com [2015-07-01]
FF Extension: Avira SafeSearch - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\gt87khp0.default\Extensions\safesearch@avira.com [2015-06-16]
FF Extension: Golliver - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\gt87khp0.default\Extensions\search@golliver.com.xpi [2015-09-16]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-12-06]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bollbfeakabenkobaocgakdibphdnanj] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-07-21]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2014-02-28] () [Datei ist nicht signiert]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-21] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-02-21] () [Datei ist nicht signiert]
R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini [9263 2014-02-26] () [Datei ist nicht signiert]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135136 2012-10-16] (PDF Complete Inc)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
S2 uzsvc; C:\Program Files (x86)\UltraZip\uzsvc.exe [526296 2015-09-17] ()
S2 uzupd; C:\Program Files (x86)\UltraZip\uzupd.exe [43992 2015-08-31] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-06] (Microsoft Corporation)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-23] (Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-15] (Malwarebytes Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91176 2013-02-21] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-02-21] (McAfee, Inc.)
S2 TVicPort; C:\Windows\SysWow64\Drivers\TVicPort.sys [14544 2005-03-30] (EnTech Taiwan)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-10 18:45 - 2015-10-10 18:45 - 00020737 _____ C:\Users\Peter\Downloads\FRST.txt
2015-10-10 18:45 - 2015-10-10 18:45 - 00000000 ____D C:\FRST
2015-10-10 18:44 - 2015-10-10 18:44 - 00000472 _____ C:\Users\Peter\Downloads\defogger_disable.log
2015-10-10 18:44 - 2015-10-10 18:44 - 00000000 _____ C:\Users\Peter\defogger_reenable
2015-10-10 18:43 - 2015-10-10 18:43 - 00050477 _____ C:\Users\Peter\Downloads\Defogger.exe
2015-10-10 18:41 - 2015-10-10 18:41 - 02195456 _____ (Farbar) C:\Users\Peter\Downloads\FRST64.exe
2015-10-03 09:45 - 2015-10-04 19:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-03 08:47 - 2015-10-03 08:47 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 06:03 - 2015-10-02 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-25 14:54 - 2015-09-25 14:54 - 06521184 _____ (Tim Kosse) C:\Users\Peter\Downloads\FileZilla_3.14.0_win64-setup.exe
2015-09-17 13:24 - 2015-09-21 20:21 - 00000000 ____D C:\ProgramData\UltraZip
2015-09-16 23:47 - 2015-09-16 23:47 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Opera Software
2015-09-16 23:47 - 2015-09-16 23:47 - 00000000 ____D C:\Users\Peter\AppData\Local\Opera Software
2015-09-16 23:46 - 2015-10-01 06:06 - 00003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442440015
2015-09-16 23:46 - 2015-10-01 06:06 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-16 23:46 - 2015-09-16 23:46 - 00001174 _____ C:\Users\Public\Desktop\Opera.lnk
2015-09-16 23:46 - 2015-09-16 23:46 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-16 23:45 - 2015-09-17 13:26 - 00000000 ____D C:\Program Files (x86)\UltraZip
2015-09-16 23:45 - 2015-09-16 23:45 - 00001545 _____ C:\Users\Peter\Desktop\FM PDF To JPG Pro.lnk
2015-09-16 23:45 - 2015-09-16 23:45 - 00001517 _____ C:\Users\Peter\Desktop\Free PDF To JPG.lnk
2015-09-16 23:45 - 2015-09-16 23:45 - 00000000 ____D C:\Users\Peter\AppData\Roaming\OpenCandy
2015-09-16 23:45 - 2015-09-16 23:45 - 00000000 ____D C:\Users\Peter\AppData\Local\FMSoftwareStudio
2015-09-16 23:45 - 2015-09-16 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraZip
2015-09-16 23:45 - 2015-09-16 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FM Software Studio
2015-09-16 23:45 - 2015-09-16 23:45 - 00000000 ____D C:\Program Files (x86)\FM Software Studio
2015-09-16 23:41 - 2015-09-16 23:41 - 01457952 _____ C:\Users\Peter\Downloads\Free PDF To JPG Converter - CHIP-Installer.exe
2015-09-16 16:37 - 2015-09-16 16:37 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UV5R_W64_VIP
2015-09-16 16:37 - 2015-09-16 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UV5R_W64_VIP
2015-09-16 16:37 - 2015-09-16 16:37 - 00000000 ____D C:\Program Files (x86)\UV5R_W64_VIP
2015-09-13 18:02 - 2015-09-13 18:02 - 02602967 _____ C:\Users\Peter\Downloads\20130918085301786.rar
2015-09-13 17:22 - 2015-09-13 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GT3_W64_VIP
2015-09-13 17:21 - 2015-09-16 16:37 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2015-09-13 17:21 - 2015-09-16 16:37 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2015-09-13 17:21 - 2015-09-13 17:22 - 00000000 ____D C:\Program Files (x86)\GT3_W64_VIP
2015-09-13 17:21 - 2015-09-13 17:21 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GT3_W64_VIP
2015-09-13 17:02 - 2015-09-13 17:05 - 141017554 _____ C:\Users\Peter\Downloads\GT-3TP_Manual.zip
2015-09-13 17:01 - 2015-09-13 17:01 - 03634138 _____ C:\Users\Peter\Downloads\GT-3_Deutsch.zip
2015-09-12 21:31 - 2015-09-20 08:44 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForPeter.job
2015-09-12 21:31 - 2015-09-19 12:02 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPeter
2015-09-11 21:15 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-11 21:15 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-11 21:15 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-11 21:15 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-11 21:15 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-11 21:15 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-11 21:15 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-11 21:15 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-11 21:15 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-11 21:15 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-11 21:15 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-11 21:15 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-11 21:15 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-11 21:15 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-11 21:15 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-11 21:15 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-11 21:15 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-11 21:15 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-11 21:15 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-11 21:15 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-11 21:15 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-11 21:15 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-11 21:15 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-11 21:15 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-11 21:15 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-11 21:15 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-11 21:15 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-11 21:15 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-11 21:15 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-11 21:15 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-11 21:15 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-11 21:15 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-11 21:15 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-11 21:15 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-11 21:15 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-11 21:15 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-11 21:15 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-11 21:15 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-11 21:15 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-11 21:15 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-11 21:15 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-11 21:15 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-11 21:15 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-11 21:15 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-11 21:15 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-11 21:15 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-11 21:15 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-11 21:15 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-11 21:15 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-11 21:15 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-11 21:15 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-11 21:15 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-11 21:15 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-11 21:15 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-11 21:15 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-11 21:15 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-11 21:15 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-11 21:15 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-11 21:15 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-11 21:15 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-11 21:15 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-11 21:15 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-11 21:15 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-11 21:15 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-11 21:15 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-11 21:15 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-11 21:15 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-11 21:15 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-11 21:15 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-11 21:15 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-11 21:15 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-11 21:15 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-11 21:15 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-11 21:13 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-11 21:13 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-11 21:13 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-11 21:13 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-11 21:13 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-11 21:13 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-11 21:13 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-11 21:13 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-11 21:13 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-11 21:13 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-11 21:13 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-11 21:13 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-11 21:13 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-11 21:13 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-11 21:13 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-11 21:13 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-11 21:13 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-11 21:13 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-11 21:13 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-11 21:13 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-11 21:13 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-11 21:13 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-11 21:13 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-11 21:13 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-11 21:13 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-11 21:13 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-11 21:13 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-11 21:13 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-11 21:13 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-11 21:13 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-11 21:13 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-11 21:13 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-11 21:13 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-11 21:13 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-11 21:13 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-11 21:13 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-11 21:13 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-11 21:13 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-11 21:13 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-11 21:13 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-11 21:13 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-11 21:13 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-11 21:13 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-11 21:13 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-11 21:13 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-11 21:13 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-11 21:13 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-11 21:13 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-11 21:13 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-11 21:13 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-11 21:13 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-11 21:13 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-11 21:13 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-11 21:13 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-11 21:13 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-11 21:13 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-11 21:13 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-11 21:13 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-11 21:13 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-11 21:13 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-11 21:13 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-11 21:13 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-11 21:13 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-11 21:13 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-11 21:13 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-11 21:12 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-11 21:12 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-11 21:12 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-11 21:12 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-11 21:12 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-11 21:12 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-11 21:12 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-11 21:12 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-11 21:12 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-11 21:12 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-11 21:12 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-11 21:12 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-11 21:12 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-11 21:12 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-11 21:12 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-11 21:12 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-10 18:44 - 2015-06-20 06:33 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-686935404-1206154447-227450523-1001UA.job
2015-10-10 18:44 - 2014-01-31 14:17 - 00000000 ____D C:\Users\Peter
2015-10-10 18:34 - 2013-12-06 11:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-10 18:12 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-10 18:12 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-10 18:07 - 2014-01-31 14:15 - 01549877 _____ C:\Windows\WindowsUpdate.log
2015-10-10 18:05 - 2014-05-11 12:30 - 00000000 ___RD C:\Users\Peter\Dropbox
2015-10-10 18:04 - 2014-05-11 12:25 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2015-10-10 18:04 - 2013-12-06 12:02 - 00000000 ____D C:\ProgramData\PDFC
2015-10-10 18:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-10 18:03 - 2009-07-14 06:51 - 00136112 _____ C:\Windows\setupact.log
2015-10-10 18:02 - 2014-03-10 19:18 - 00002010 ____H C:\Users\Peter\Documents\Default.rdp
2015-10-10 11:12 - 2014-03-17 16:29 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-10-09 23:06 - 2014-01-31 14:22 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BCB3A0C8-B24F-494C-BBFF-C06FD63D1705}
2015-10-09 22:20 - 2014-02-27 21:53 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Skype
2015-10-09 11:31 - 2015-04-04 22:55 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 08:44 - 2015-06-20 06:33 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-686935404-1206154447-227450523-1001Core.job
2015-10-09 03:00 - 2015-04-04 22:55 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-07 22:48 - 2014-03-04 19:21 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2015-10-07 18:21 - 2013-12-06 12:01 - 00000000 ____D C:\ProgramData\Skype
2015-10-06 14:05 - 2014-03-09 19:51 - 00000000 ____D C:\Users\Peter\AppData\Roaming\FileZilla
2015-10-05 17:08 - 2014-03-20 21:52 - 00000000 ____D C:\Users\Peter\MediathekView
2015-10-05 17:03 - 2015-01-25 19:15 - 00509440 ___SH C:\Users\Peter\Desktop\Thumbs.db
2015-10-04 19:46 - 2014-02-26 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-04 19:46 - 2010-11-21 05:47 - 01310686 _____ C:\Windows\PFRO.log
2015-10-02 20:38 - 2014-01-31 14:22 - 00000000 ____D C:\Users\Peter\AppData\Local\PDFC
2015-09-30 21:28 - 2014-03-27 22:12 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-30 20:53 - 2014-03-09 19:51 - 00002039 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-09-30 20:53 - 2014-03-09 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-30 20:53 - 2014-03-09 19:51 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-09-23 17:27 - 2014-05-01 13:46 - 00000000 ____D C:\Users\Peter\AppData\Local\GHISLER
2015-09-23 16:45 - 2015-05-13 14:01 - 00000221 _____ C:\Users\Peter\Desktop\TERMINAL.INI
2015-09-23 02:24 - 2014-03-29 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-23 02:23 - 2014-02-26 21:53 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-23 02:23 - 2014-02-26 21:53 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-09-22 19:34 - 2013-12-06 11:57 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-22 19:34 - 2013-12-06 11:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-22 19:34 - 2013-12-06 11:57 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-15 23:28 - 2015-01-09 17:44 - 00000000 ____D C:\Users\Peter\AppData\Local\Spotify
2015-09-15 23:17 - 2014-04-14 15:00 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Audacity
2015-09-15 23:14 - 2015-01-09 17:43 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Spotify
2015-09-13 00:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-12 21:26 - 2013-12-06 11:15 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-09-12 21:26 - 2013-12-06 11:15 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-09-12 21:26 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-12 21:10 - 2009-07-14 06:45 - 00298032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 21:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-11 23:25 - 2014-03-19 20:11 - 00000000 ____D C:\Windows\system32\MRT
2015-09-11 21:02 - 2013-12-06 11:48 - 00000000 ____D C:\ProgramData\Package Cache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-23 21:24 - 2014-03-27 17:16 - 0005120 _____ () C:\Users\Peter\AppData\Local\Databases.db
2014-09-25 15:05 - 2014-12-04 22:25 - 0003584 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\avgnt.exe
C:\Users\Peter\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Peter\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Peter\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Peter\AppData\Local\Temp\DefaultPack.EXE
C:\Users\Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdtn8hv.dll
C:\Users\Peter\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Peter\AppData\Local\Temp\FreemakeVideoDownloader_3.7.0.1.exe
C:\Users\Peter\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Peter\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Peter\AppData\Local\Temp\OCamap32B.dll
C:\Users\Peter\AppData\Local\Temp\OlyPatch.exe
C:\Users\Peter\AppData\Local\Temp\patchlaunch.exe
C:\Users\Peter\AppData\Local\Temp\ResetDevice.exe
C:\Users\Peter\AppData\Local\Temp\Second_Life_3_7_6_289164_i686_Setup.exe
C:\Users\Peter\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Peter\AppData\Local\Temp\v2_9_8_3722_win.exe
C:\Users\Peter\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-01 07:19

==================== Ende von FRST.txt ============================
         
Addition:
--------
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-10-2015
durchgeführt von Peter (2015-10-10 18:46:21)
Gestartet von C:\Users\Peter\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-01-31 12:17:11)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-686935404-1206154447-227450523-500 - Administrator - Disabled)
Gast (S-1-5-21-686935404-1206154447-227450523-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-686935404-1206154447-227450523-1003 - Limited - Enabled)
Peter (S-1-5-21-686935404-1206154447-227450523-1001 - Administrator - Enabled) => C:\Users\Peter

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{BE52A08B-D385-4E65-BDCB-3FCD9BB1DF63}) (Version: 20.14.2217.13144 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.14.2217.13144 - Alcor Micro Corp.) Hidden
Allway Sync version 14.1.3 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
BASCOM-AVR (HKLM-x32\...\{47F94730-ABD2-47F6-920E-EA8CDB6DD0C6}_is1) (Version: 1.11.9.9 - MCS Electronics)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.40.35706 - Hewlett-Packard Company)
Dropbox (HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Falcom Workbench 2.7.2-RC1 (HKLM-x32\...\Falcom Workbench 2.7.2-RC1_is1) (Version:  - Falcom Wireless Communications GmbH)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.97 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.4 - Hewlett-Packard Company)
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
FlexHEX (HKLM-x32\...\{11056249-9F13-49F9-B64B-39E760EC656D}) (Version: 2.6 - Inv Softworks)
FM PDF To JPG Converter Pro 2.2 (HKLM-x32\...\FM PDF To JPG Converter Pro_is1) (Version: 2.2 - )
Free PDF To JPG Converter 3.42 (HKLM-x32\...\Free PDF To JPG Converter_is1) (Version: 3.42 - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Earth (HKLM-x32\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)
GT3_W64_VIP (HKLM-x32\...\ST6UNST #1) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Desktop Keyboard (HKLM-x32\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.2.1213 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Joe (HKLM-x32\...\{F8C986EA-13F8-4B39-91C3-A6B9A851CD34}) (Version: 4.01.0000 - Wirth IT Design)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
M&I WinEditor 4.0 (HKLM-x32\...\M&I WinEditor_is1) (Version:  - Matthias Schulze & Ingo Paleit)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.301.08.18.51 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 41.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MySQL Connector Python v2.0.4 for Python v3.4 (HKLM-x32\...\{9CAFF8FF-355C-483D-8F20-FCEC77824533}) (Version: 2.0.4 - Oracle)
MySQL Connector/ODBC 5.1 (HKLM-x32\...\{29042B1C-0713-4575-B7CA-5C8E7B0899D4}) (Version: 5.1.4 - MySQL AB)
MySQL Server 5.0 (HKLM-x32\...\{E5AED31E-3474-4C85-B492-42149DE37891}) (Version: 5.0.51b - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32\...\{EC561602-C0B9-4FAA-A175-1B3273639AC3}) (Version: 5.0.12 - MySQL AB)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.12 - PDF Complete, Inc)
PE Explorer 1.99 R6 (HKLM-x32\...\PE Explorer_is1) (Version: 1.99.6 - Heaventools Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.) Hidden
Python 3.4.1 (HKLM-x32\...\{df32bb9e-3ed8-36b5-a649-e8c845c5f3a2}) (Version: 3.4.1150 - Python Software Foundation)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5223 - CyberLink Corp.) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-686935404-1206154447-227450523-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
Tether (HKLM-x32\...\{C5C67EA4-16FA-473C-B274-904A71162DE4}) (Version: 1.0.1 - ClockworkMod)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.1.02 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.1.02 - Hewlett-Packard Company) Hidden
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME 2.7.3.1894 (HKLM-x32\...\TomTom HOME) (Version: 2.7.3.1894 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TourChart (HKLM-x32\...\{D6259068-71AB-4CEC-B920-30340BA66196}) (Version: 1.00.0000 - timetronic GmbH)
UltraZip (HKLM-x32\...\{5E36886D-AE94-4901-82A6-A96381B7B4AD}_is1) (Version: 2.0.6.3 - UltraZip)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UV5R_W64_VIP (HKLM-x32\...\ST6UNST #2) (Version:  - )
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-686935404-1206154447-227450523-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

04-10-2015 00:34:22 Geplanter Prüfpunkt
09-10-2015 03:00:10 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {078F67BF-C918-4495-B33D-3413FDE3FA03} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-686935404-1206154447-227450523-1001UA => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {310A9880-B277-4E11-9F6D-8EC260AEB168} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-686935404-1206154447-227450523-1001Core => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {46C7E9E2-C3D1-499B-AE7D-399B4AD08BBF} - System32\Tasks\{1EF91F4F-95C5-4F69-93D9-9E027985A182} => Firefox.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/abandoninstall?page=tsProgressBar
Task: {57C69677-6C86-4646-8438-5E929574043D} - System32\Tasks\HPCeeScheduleForPeter => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {69A84BE6-6F1E-4C99-966B-4B4D0DB33764} - System32\Tasks\Opera scheduled Autoupdate 1442440015 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {749B8CC7-EFF5-484E-ACFA-31AD8F15C087} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {7FAFE3B1-7354-4CB5-8E6F-B2C8A3FB28D0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {8C408ECD-EFA7-4CDE-B3BD-F78A25FF1B4C} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2012-04-24] (CyberLink)
Task: {961A4DE1-BF3E-44F5-923A-1C8502BB33FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-08] (Hewlett-Packard Company)
Task: {A71B76B1-209C-4149-A8A8-E020CBD9E671} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-08] (Hewlett-Packard Company)
Task: {DD7035E6-6590-48E6-820B-8D6BC389E16B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F74D808F-2297-4972-A83D-25C5917B1DC6} - System32\Tasks\{E7DB7C55-DC34-40CD-A44D-EBA113C03975} => Firefox.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/abandoninstall?page=tsProgressBar
Task: {F9888219-9242-4F03-900D-61EE553DD77D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-686935404-1206154447-227450523-1001Core.job => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-686935404-1206154447-227450523-1001UA.job => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPeter.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-02-21 21:50 - 2013-02-21 21:50 - 03346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2014-03-08 15:12 - 2014-02-28 14:26 - 00182784 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
2013-02-21 21:05 - 2013-02-21 21:05 - 01327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2008-04-17 20:13 - 2008-04-17 20:13 - 05750784 _____ () C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
2015-09-16 14:12 - 2015-09-16 14:12 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-04-05 04:46 - 2012-04-05 04:46 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-06 11:56 - 2009-07-03 00:58 - 00406016 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
2013-02-21 21:32 - 2013-02-21 21:32 - 02854912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-21 21:02 - 2013-02-21 21:02 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-21 21:31 - 2013-02-21 21:31 - 03035136 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-02-21 21:36 - 2013-02-21 21:36 - 02867200 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-21 21:34 - 2013-02-21 21:34 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-21 21:06 - 2013-02-21 21:06 - 02043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-21 21:08 - 2013-02-21 21:08 - 01949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2015-09-16 23:45 - 2015-09-17 13:25 - 00067544 _____ () C:\Program Files (x86)\UltraZip\UltraZip.dll
2015-10-10 18:04 - 2015-10-10 18:04 - 00071168 _____ () c:\users\peter\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdtn8hv.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012800 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00779776 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 14:24 - 2015-09-24 01:07 - 00056320 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012288 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-686935404-1206154447-227450523-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 4.4.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{41B58EED-D849-40C0-A3FF-B9A766E3F283}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{12177ADB-FA24-401D-88B3-233AA676195C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A8B1F06D-8CAD-43C7-87FF-E7C7086AA5C4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D89224B0-5D9B-4919-9159-22ACB307FE57}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C4C115D9-400A-4751-B902-46A08822C7A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{B139DF4C-EDE4-41E2-AD79-E74E6AF632D2}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{622ADE6D-615E-475D-9C62-C8B356FE4F29}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{A40B0B06-D703-4D96-B19C-5CDF76B55535}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{2183881E-4E79-48D0-9E5A-D1DC9BCD4E7E}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{0A60CCFF-D266-4B5B-8587-9C6425B335F4}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{77CF2B38-7FAD-4724-BC35-9F07844E169F}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{17DB676E-0949-461B-949C-F297DBBBC7D5}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{280F940C-D609-4DDD-9EE8-3F1194E52679}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{BB70FF3A-BE05-4D30-93DD-61BA16B5E135}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{33649421-6E65-4B02-868F-7BFF15029A0F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{00C8431C-CAE9-4D1E-9976-47ECD7AE942D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{6370C856-E16D-4167-8329-28117D93E4C1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{D44EFE07-4F5A-4EB7-889C-948A55C18A8E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{7747B0B4-D9A3-4164-AC6D-5B6FDF8D5215}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{46E92578-F483-419D-B7B2-E16310998879}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{EE1211F4-8323-44F9-ACB2-15A38EBDE045}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{92D658EA-26D0-4A57-B88E-05D5EB1095C2}C:\python34\python.exe] => (Block) C:\python34\python.exe
FirewallRules: [UDP Query User{DA4D02D5-3A2B-4CCC-8090-A02688941345}C:\python34\python.exe] => (Block) C:\python34\python.exe
FirewallRules: [TCP Query User{A49A2498-2FE5-48B8-A991-5FCC6FC7DF3A}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3A18E449-D3EE-4687-A5AF-D216A26F502D}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0DE09C6C-5A9D-45EE-B6D8-E7C85F5123D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA5FCD0B-4E04-477E-9107-C8B8D4AEB972}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6C8AFDD4-3AAC-46B4-9511-5996950B868A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DBBB1760-B2E3-49CF-A242-97344FA75D4E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{D136C50C-AAF2-444F-8048-F66E14F8DEAB}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{6D1BAC8C-D8E0-4720-8C74-950ACD7AF6B8}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [{9131B92C-1736-4CEE-B4F4-CA64F81D50FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{65433CA5-C15D-4CE4-913E-7B8970D73EFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1A993977-DA04-4D63-9CF5-3C222E98A6D6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5143960F-7B82-4B7F-A3AF-34C8BEBCD3B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{3AAD2261-FDA8-4F16-BA3F-5A63D7CCE10D}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{94F41045-81BA-4DEF-BFFF-9A12D43C5FE3}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5D63D90F-C9CC-4F93-9653-06FADCE8645F}] => (Allow) C:\Program Files (x86)\ClockworkMod\Tether\win32\node.exe
FirewallRules: [{C1581B3C-B915-43E4-9AB8-7C0217894965}] => (Allow) C:\Program Files (x86)\ClockworkMod\Tether\win32\node.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/08/2015 10:59:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.13.202 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d88

Startzeit: 01d10200ecccdecf

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 3ed21417-6dff-11e5-bfd8-2c44fd2ce01e

Error: (10/04/2015 07:57:37 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "\\NSLU2\peter\FileServer\Windows-Sicherung\" nicht abgeschlossen. Fehler: "Das System kann die angegebene Datei nicht finden. (0x80070002)"

Error: (10/01/2015 05:51:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.13.202 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1568

Startzeit: 01d0fc1f1e1e1660

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 083a1c85-6854-11e5-9767-2c44fd2ce01e

Error: (09/29/2015 03:48:23 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Leerung[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Freigabe[0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist.
], Ausführung[0x00000000, Der Vorgang wurde erfolgreich beendet.
].


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (09/29/2015 03:48:23 PM) (Source: VSS) (EventID: 12310) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die Schattenkopie kann nicht zugesichert werden - Vorgang hat das Zeitlimit überschritten.
Fehlerkontext: DeviceIoControl(\\?\Volume{be13f8c4-5e63-11e3-a43b-806e6f6e6963} - 0000000000000120,0x0053c010,0000000000250FF0,0,000000000024FFE0,4096,[0]).


Vorgang:
   Schattenkopien werden übertragen

Kontext:
   Ausführungskontext: System Provider

Error: (09/27/2015 09:44:16 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "\\NSLU2\peter\FileServer\Windows-Sicherung\" nicht abgeschlossen. Fehler: "Das System kann die angegebene Datei nicht finden. (0x80070002)"

Error: (09/27/2015 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "\\NSLU2\peter\FileServer\Windows-Sicherung\" nicht abgeschlossen. Fehler: "Das System kann die angegebene Datei nicht finden. (0x80070002)"

Error: (09/20/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "\\NSLU2\peter\FileServer\Windows-Sicherung\" nicht abgeschlossen. Fehler: "Das System kann die angegebene Datei nicht finden. (0x80070002)"

Error: (09/15/2015 08:24:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.12.420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9f8

Startzeit: 01d0ef28fdecf2b4

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: b9e3461b-5bd6-11e5-908b-2c44fd2ce01e

Error: (09/15/2015 05:02:38 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Leerung[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Freigabe[0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist.
], Ausführung[0x00000000, Der Vorgang wurde erfolgreich beendet.
].


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet


Systemfehler:
=============
Error: (10/10/2015 06:03:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVicPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (10/10/2015 06:03:26 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\TVicPort.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (10/10/2015 09:04:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVicPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (10/10/2015 09:04:33 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\TVicPort.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (10/09/2015 05:07:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (10/09/2015 05:07:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (10/09/2015 05:07:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (10/09/2015 05:07:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (10/09/2015 05:07:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (10/09/2015 05:05:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVicPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 3983.35 MB
Verfügbarer physikalischer RAM: 2286.56 MB
Summe virtueller Speicher: 8264.9 MB
Verfügbarer virtueller Speicher: 5900.23 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:451.09 GB) (Free:246.37 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:14.47 GB) (Free:1.7 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 60204563)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=101 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         
__________________

Alt 11.10.2015, 08:32   #4
schrauber
/// the machine
/// TB-Ausbilder
 

SPAMHAUS blockiert meine ausgehenden mails - Standard

SPAMHAUS blockiert meine ausgehenden mails



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.10.2015, 10:31   #5
IN3BQX
 
SPAMHAUS blockiert meine ausgehenden mails - Standard

Rootkit-Scan durchgeführt



Hallo und erstmal Danke!

Hier die beiden Logdateien:

MBAR:
------
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.10.11.01
  rootkit: v2015.10.06.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18015
Peter :: PETER-HP_W7 [administrator]

11.10.2015 09:55:07
mbar-log-2015-10-11 (09-55-07).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 374317
Time elapsed: 28 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
TDSSKiller:
----------
Code:
ATTFilter
10:25:46.0274 0x17e0  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:25:53.0216 0x17e0  ============================================================
10:25:53.0216 0x17e0  Current date / time: 2015/10/11 10:25:53.0216
10:25:53.0216 0x17e0  SystemInfo:
10:25:53.0216 0x17e0  
10:25:53.0216 0x17e0  OS Version: 6.1.7601 ServicePack: 1.0
10:25:53.0216 0x17e0  Product type: Workstation
10:25:53.0216 0x17e0  ComputerName: PETER-HP_W7
10:25:53.0216 0x17e0  UserName: Peter
10:25:53.0216 0x17e0  Windows directory: C:\Windows
10:25:53.0216 0x17e0  System windows directory: C:\Windows
10:25:53.0216 0x17e0  Running under WOW64
10:25:53.0216 0x17e0  Processor architecture: Intel x64
10:25:53.0216 0x17e0  Number of processors: 2
10:25:53.0216 0x17e0  Page size: 0x1000
10:25:53.0216 0x17e0  Boot type: Normal boot
10:25:53.0216 0x17e0  ============================================================
10:25:54.0354 0x17e0  KLMD registered as C:\Windows\system32\drivers\93139593.sys
10:25:54.0947 0x17e0  System UUID: {E70C67EA-FCA6-45BE-EF5F-A04FC0D08B22}
10:25:55.0524 0x17e0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:25:55.0540 0x17e0  ============================================================
10:25:55.0540 0x17e0  \Device\Harddisk0\DR0:
10:25:55.0540 0x17e0  MBR partitions:
10:25:55.0540 0x17e0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:25:55.0540 0x17e0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3862D800
10:25:55.0540 0x17e0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38660000, BlocksNum 0x1CF3000
10:25:55.0540 0x17e0  ============================================================
10:25:55.0540 0x17e0  C: <-> \Device\Harddisk0\DR0\Partition2
10:25:55.0602 0x17e0  E: <-> \Device\Harddisk0\DR0\Partition3
10:25:55.0602 0x17e0  ============================================================
10:25:55.0602 0x17e0  Initialize success
10:25:55.0602 0x17e0  ============================================================
10:26:00.0267 0x11ec  ============================================================
10:26:00.0267 0x11ec  Scan started
10:26:00.0267 0x11ec  Mode: Manual; 
10:26:00.0267 0x11ec  ============================================================
10:26:00.0267 0x11ec  KSN ping started
10:26:14.0322 0x11ec  KSN ping finished: true
10:26:15.0399 0x11ec  ================ Scan system memory ========================
10:26:15.0399 0x11ec  System memory - ok
10:26:15.0399 0x11ec  ================ Scan services =============================
10:26:15.0539 0x11ec  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:26:15.0539 0x11ec  1394ohci - ok
10:26:15.0586 0x11ec  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:26:15.0586 0x11ec  ACPI - ok
10:26:15.0617 0x11ec  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:26:15.0617 0x11ec  AcpiPmi - ok
10:26:15.0758 0x11ec  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:26:15.0758 0x11ec  AdobeARMservice - ok
10:26:15.0820 0x11ec  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:26:15.0820 0x11ec  AdobeFlashPlayerUpdateSvc - ok
10:26:15.0882 0x11ec  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:26:15.0898 0x11ec  adp94xx - ok
10:26:15.0945 0x11ec  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:26:15.0945 0x11ec  adpahci - ok
10:26:15.0976 0x11ec  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:26:15.0976 0x11ec  adpu320 - ok
10:26:16.0023 0x11ec  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:26:16.0023 0x11ec  AeLookupSvc - ok
10:26:16.0085 0x11ec  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:26:16.0101 0x11ec  AFD - ok
10:26:16.0132 0x11ec  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:26:16.0132 0x11ec  agp440 - ok
10:26:16.0179 0x11ec  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:26:16.0179 0x11ec  ALG - ok
10:26:16.0194 0x11ec  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:26:16.0194 0x11ec  aliide - ok
10:26:16.0210 0x11ec  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:26:16.0210 0x11ec  amdide - ok
10:26:16.0241 0x11ec  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:26:16.0241 0x11ec  AmdK8 - ok
10:26:16.0257 0x11ec  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:26:16.0257 0x11ec  AmdPPM - ok
10:26:16.0288 0x11ec  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:26:16.0288 0x11ec  amdsata - ok
10:26:16.0319 0x11ec  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:26:16.0319 0x11ec  amdsbs - ok
10:26:16.0335 0x11ec  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:26:16.0350 0x11ec  amdxata - ok
10:26:16.0366 0x11ec  [ 7AF76466E5887A897EC1959208DE3BB3, 8B4672B9640DE6A7395A888713CB6D7AC780C040ABA4005B93A539AD395C2AA8 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
10:26:16.0366 0x11ec  AmUStor - ok
10:26:16.0428 0x11ec  [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
10:26:16.0460 0x11ec  AntiVirMailService - ok
10:26:16.0522 0x11ec  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:26:16.0538 0x11ec  AntiVirSchedulerService - ok
10:26:16.0553 0x11ec  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:26:16.0553 0x11ec  AntiVirService - ok
10:26:16.0600 0x11ec  [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:26:16.0616 0x11ec  AntiVirWebService - ok
10:26:16.0662 0x11ec  [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID           C:\Windows\system32\drivers\appid.sys
10:26:16.0662 0x11ec  AppID - ok
10:26:16.0678 0x11ec  [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:26:16.0678 0x11ec  AppIDSvc - ok
10:26:16.0709 0x11ec  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
10:26:16.0709 0x11ec  Appinfo - ok
10:26:16.0756 0x11ec  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:26:16.0756 0x11ec  AppMgmt - ok
10:26:16.0772 0x11ec  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:26:16.0772 0x11ec  arc - ok
10:26:16.0803 0x11ec  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:26:16.0803 0x11ec  arcsas - ok
10:26:16.0896 0x11ec  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:26:16.0912 0x11ec  aspnet_state - ok
10:26:16.0943 0x11ec  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:26:16.0943 0x11ec  AsyncMac - ok
10:26:16.0959 0x11ec  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:26:16.0959 0x11ec  atapi - ok
10:26:17.0021 0x11ec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:26:17.0052 0x11ec  AudioEndpointBuilder - ok
10:26:17.0068 0x11ec  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:26:17.0068 0x11ec  AudioSrv - ok
10:26:17.0130 0x11ec  [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:26:17.0130 0x11ec  avgntflt - ok
10:26:17.0177 0x11ec  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:26:17.0177 0x11ec  avipbb - ok
10:26:17.0286 0x11ec  [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
10:26:17.0286 0x11ec  Avira.ServiceHost - ok
10:26:17.0302 0x11ec  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:26:17.0318 0x11ec  avkmgr - ok
10:26:17.0318 0x11ec  [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
10:26:17.0333 0x11ec  avnetflt - ok
10:26:17.0364 0x11ec  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:26:17.0364 0x11ec  AxInstSV - ok
10:26:17.0411 0x11ec  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:26:17.0411 0x11ec  b06bdrv - ok
10:26:17.0442 0x11ec  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:26:17.0458 0x11ec  b57nd60a - ok
10:26:17.0505 0x11ec  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:26:17.0505 0x11ec  BDESVC - ok
10:26:17.0520 0x11ec  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:26:17.0520 0x11ec  Beep - ok
10:26:17.0598 0x11ec  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:26:17.0630 0x11ec  BFE - ok
10:26:17.0661 0x11ec  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:26:17.0676 0x11ec  BITS - ok
10:26:17.0692 0x11ec  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:26:17.0692 0x11ec  blbdrive - ok
10:26:17.0754 0x11ec  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:26:17.0754 0x11ec  Bonjour Service - ok
10:26:17.0848 0x11ec  BotkindSyncService - ok
10:26:17.0864 0x11ec  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:26:17.0879 0x11ec  bowser - ok
10:26:17.0895 0x11ec  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:26:17.0910 0x11ec  BrFiltLo - ok
10:26:17.0942 0x11ec  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:26:17.0957 0x11ec  BrFiltUp - ok
10:26:17.0988 0x11ec  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:26:17.0988 0x11ec  Browser - ok
10:26:18.0020 0x11ec  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:26:18.0035 0x11ec  Brserid - ok
10:26:18.0051 0x11ec  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:26:18.0051 0x11ec  BrSerWdm - ok
10:26:18.0082 0x11ec  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:26:18.0082 0x11ec  BrUsbMdm - ok
10:26:18.0098 0x11ec  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:26:18.0098 0x11ec  BrUsbSer - ok
10:26:18.0129 0x11ec  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:26:18.0129 0x11ec  BTHMODEM - ok
10:26:18.0160 0x11ec  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:26:18.0160 0x11ec  bthserv - ok
10:26:18.0176 0x11ec  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:26:18.0176 0x11ec  cdfs - ok
10:26:18.0207 0x11ec  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:26:18.0207 0x11ec  cdrom - ok
10:26:18.0254 0x11ec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:26:18.0254 0x11ec  CertPropSvc - ok
10:26:18.0269 0x11ec  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:26:18.0285 0x11ec  circlass - ok
10:26:18.0347 0x11ec  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
10:26:18.0347 0x11ec  CLFS - ok
10:26:18.0394 0x11ec  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:26:18.0394 0x11ec  clr_optimization_v2.0.50727_32 - ok
10:26:18.0441 0x11ec  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:26:18.0456 0x11ec  clr_optimization_v2.0.50727_64 - ok
10:26:18.0534 0x11ec  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:26:18.0534 0x11ec  clr_optimization_v4.0.30319_32 - ok
10:26:18.0550 0x11ec  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:26:18.0581 0x11ec  clr_optimization_v4.0.30319_64 - ok
10:26:18.0612 0x11ec  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:26:18.0612 0x11ec  CmBatt - ok
10:26:18.0628 0x11ec  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:26:18.0628 0x11ec  cmdide - ok
10:26:18.0722 0x11ec  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
10:26:18.0737 0x11ec  CNG - ok
10:26:18.0753 0x11ec  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:26:18.0768 0x11ec  Compbatt - ok
10:26:18.0784 0x11ec  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:26:18.0800 0x11ec  CompositeBus - ok
10:26:18.0800 0x11ec  COMSysApp - ok
10:26:18.0878 0x11ec  [ AA7A157729FB504E1EED535F2F6AD1C0, A06D35E943DD9DE3157E92B6002064EE1C1067276D0BE7ADFF75938F8A564883 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:26:18.0893 0x11ec  cphs - ok
10:26:18.0909 0x11ec  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:26:18.0909 0x11ec  crcdisk - ok
10:26:18.0956 0x11ec  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:26:18.0971 0x11ec  CryptSvc - ok
10:26:19.0002 0x11ec  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
10:26:19.0018 0x11ec  CSC - ok
10:26:19.0049 0x11ec  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:26:19.0080 0x11ec  CscService - ok
10:26:19.0096 0x11ec  [ D3FAC3926974F22F91E4C9E053DAD07F, 3FC6BA1ADAD70E914A32B2D0EA14D9EE125863F0375BC55B675C474786A90726 ] DAMDrv          C:\Windows\system32\DRIVERS\DAMDrv64.sys
10:26:19.0096 0x11ec  DAMDrv - ok
10:26:19.0143 0x11ec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:26:19.0158 0x11ec  DcomLaunch - ok
10:26:19.0158 0x11ec  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:26:19.0174 0x11ec  defragsvc - ok
10:26:19.0190 0x11ec  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:26:19.0190 0x11ec  DfsC - ok
10:26:19.0221 0x11ec  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:26:19.0221 0x11ec  Dhcp - ok
10:26:19.0361 0x11ec  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
10:26:19.0424 0x11ec  DiagTrack - ok
10:26:19.0439 0x11ec  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:26:19.0439 0x11ec  discache - ok
10:26:19.0471 0x11ec  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:26:19.0471 0x11ec  Disk - ok
10:26:19.0486 0x11ec  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
10:26:19.0502 0x11ec  dmvsc - ok
10:26:19.0517 0x11ec  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:26:19.0517 0x11ec  Dnscache - ok
10:26:19.0549 0x11ec  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:26:19.0549 0x11ec  dot3svc - ok
10:26:19.0627 0x11ec  [ ABC44B9AA588432B3031E961E8374147, 350BB3B62CB9BCEDBBC3598E530DFE0355BF8ECE69EDC8FB97328C13BA86CE2F ] DpHost          c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
10:26:19.0627 0x11ec  DpHost - ok
10:26:19.0642 0x11ec  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:26:19.0658 0x11ec  DPS - ok
10:26:19.0673 0x11ec  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:26:19.0673 0x11ec  drmkaud - ok
10:26:19.0751 0x11ec  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:26:19.0767 0x11ec  DXGKrnl - ok
10:26:19.0783 0x11ec  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:26:19.0783 0x11ec  EapHost - ok
10:26:20.0001 0x11ec  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:26:20.0079 0x11ec  ebdrv - ok
10:26:20.0126 0x11ec  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS             C:\Windows\System32\lsass.exe
10:26:20.0141 0x11ec  EFS - ok
10:26:20.0204 0x11ec  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:26:20.0219 0x11ec  ehRecvr - ok
10:26:20.0235 0x11ec  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:26:20.0235 0x11ec  ehSched - ok
10:26:20.0266 0x11ec  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:26:20.0282 0x11ec  elxstor - ok
10:26:20.0297 0x11ec  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:26:20.0297 0x11ec  ErrDev - ok
10:26:20.0329 0x11ec  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:26:20.0329 0x11ec  EventSystem - ok
10:26:20.0391 0x11ec  [ 8ADACFFAD67394C711698EA074CE3BAB, 02793393584762224D87C487D80080D6DBCD09192098A7A1399CA16C17886C5D ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
10:26:20.0407 0x11ec  ewusbnet - ok
10:26:20.0422 0x11ec  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:26:20.0438 0x11ec  exfat - ok
10:26:20.0453 0x11ec  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:26:20.0453 0x11ec  fastfat - ok
10:26:20.0500 0x11ec  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:26:20.0516 0x11ec  Fax - ok
10:26:20.0531 0x11ec  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:26:20.0531 0x11ec  fdc - ok
10:26:20.0547 0x11ec  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:26:20.0547 0x11ec  fdPHost - ok
10:26:20.0563 0x11ec  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:26:20.0563 0x11ec  FDResPub - ok
10:26:20.0563 0x11ec  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:26:20.0563 0x11ec  FileInfo - ok
10:26:20.0578 0x11ec  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:26:20.0594 0x11ec  Filetrace - ok
10:26:20.0625 0x11ec  [ 1CF8947766082AA117C11EBD3B095669, C1AA1527B67F14ABAA5D2919C467DEB29D977D26149C1C60F20BDB1651D4A8A3 ] FLCDLOCK        c:\Windows\SysWOW64\flcdlock.exe
10:26:20.0641 0x11ec  FLCDLOCK - ok
10:26:20.0672 0x11ec  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:26:20.0672 0x11ec  flpydisk - ok
10:26:20.0687 0x11ec  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:26:20.0703 0x11ec  FltMgr - ok
10:26:20.0765 0x11ec  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
10:26:20.0797 0x11ec  FontCache - ok
10:26:20.0843 0x11ec  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:26:20.0843 0x11ec  FontCache3.0.0.0 - ok
10:26:20.0843 0x11ec  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:26:20.0859 0x11ec  FsDepends - ok
10:26:20.0875 0x11ec  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:26:20.0890 0x11ec  Fs_Rec - ok
10:26:20.0906 0x11ec  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:26:20.0906 0x11ec  fvevol - ok
10:26:20.0921 0x11ec  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:26:20.0921 0x11ec  gagp30kx - ok
10:26:20.0937 0x11ec  GamesAppService - ok
10:26:20.0999 0x11ec  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:26:21.0015 0x11ec  gpsvc - ok
10:26:21.0031 0x11ec  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:26:21.0031 0x11ec  hcw85cir - ok
10:26:21.0062 0x11ec  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:26:21.0077 0x11ec  HdAudAddService - ok
10:26:21.0093 0x11ec  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:26:21.0109 0x11ec  HDAudBus - ok
10:26:21.0109 0x11ec  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:26:21.0109 0x11ec  HidBatt - ok
10:26:21.0124 0x11ec  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:26:21.0124 0x11ec  HidBth - ok
10:26:21.0140 0x11ec  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:26:21.0140 0x11ec  HidIr - ok
10:26:21.0171 0x11ec  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:26:21.0171 0x11ec  hidserv - ok
10:26:21.0187 0x11ec  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:26:21.0187 0x11ec  HidUsb - ok
10:26:21.0202 0x11ec  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:26:21.0202 0x11ec  hkmsvc - ok
10:26:21.0218 0x11ec  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:26:21.0233 0x11ec  HomeGroupListener - ok
10:26:21.0249 0x11ec  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:26:21.0249 0x11ec  HomeGroupProvider - ok
10:26:21.0296 0x11ec  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:26:21.0296 0x11ec  HP Support Assistant Service - ok
10:26:21.0343 0x11ec  [ 882B2F20B3684E3126FA2137E851BE4B, D13A29A2C935F1F622B08CDCC601990D4F1F61350D610B8866AC2A10FEFEEC12 ] HPFSService     c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
10:26:21.0343 0x11ec  HPFSService - ok
10:26:21.0421 0x11ec  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:26:21.0436 0x11ec  hpqwmiex - ok
10:26:21.0483 0x11ec  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:26:21.0483 0x11ec  HpSAMD - ok
10:26:21.0545 0x11ec  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:26:21.0561 0x11ec  HTTP - ok
10:26:21.0623 0x11ec  [ D969D0E26C5B1E813B17066A8318D5D4, 27308902D216CD38F40B9341F40AFDCFEC09EA3122FB88E7C7A5C42D0433315D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:26:21.0623 0x11ec  hwdatacard - ok
10:26:21.0655 0x11ec  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:26:21.0655 0x11ec  hwpolicy - ok
10:26:21.0701 0x11ec  [ B45B3647BA32749B94FA689175EC8C26, F0876ECA6FA66A296DB7E11FA9E4094D96064AE87EC21CC752C9B7E6A7DFEDD2 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
10:26:21.0701 0x11ec  hwusbdev - ok
10:26:21.0748 0x11ec  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:26:21.0748 0x11ec  i8042prt - ok
10:26:21.0779 0x11ec  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:26:21.0795 0x11ec  iaStorV - ok
10:26:21.0889 0x11ec  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:26:21.0920 0x11ec  idsvc - ok
10:26:21.0935 0x11ec  IEEtwCollectorService - ok
10:26:22.0263 0x11ec  [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:26:22.0591 0x11ec  igfx - ok
10:26:22.0622 0x11ec  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:26:22.0637 0x11ec  iirsp - ok
10:26:22.0669 0x11ec  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:26:22.0684 0x11ec  IKEEXT - ok
10:26:22.0778 0x11ec  [ 68E799ADC93086EA170D3314DF23BEDB, F3B30B806F54FC6A9C2EC8C357591191BF606AA12D2D90B24411C31D7825E6EE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:26:22.0856 0x11ec  IntcAzAudAddService - ok
10:26:22.0856 0x11ec  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:26:22.0871 0x11ec  intelide - ok
10:26:22.0887 0x11ec  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
10:26:22.0903 0x11ec  intelppm - ok
10:26:22.0903 0x11ec  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:26:22.0918 0x11ec  IPBusEnum - ok
10:26:22.0949 0x11ec  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:26:22.0949 0x11ec  IpFilterDriver - ok
10:26:23.0012 0x11ec  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:26:23.0027 0x11ec  iphlpsvc - ok
10:26:23.0027 0x11ec  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:26:23.0043 0x11ec  IPMIDRV - ok
10:26:23.0074 0x11ec  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:26:23.0074 0x11ec  IPNAT - ok
10:26:23.0090 0x11ec  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:26:23.0090 0x11ec  IRENUM - ok
10:26:23.0105 0x11ec  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:26:23.0121 0x11ec  isapnp - ok
10:26:23.0137 0x11ec  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:26:23.0152 0x11ec  iScsiPrt - ok
10:26:23.0168 0x11ec  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:26:23.0168 0x11ec  kbdclass - ok
10:26:23.0199 0x11ec  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:26:23.0199 0x11ec  kbdhid - ok
10:26:23.0230 0x11ec  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso          C:\Windows\system32\lsass.exe
10:26:23.0230 0x11ec  KeyIso - ok
10:26:23.0261 0x11ec  [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:26:23.0261 0x11ec  KSecDD - ok
10:26:23.0293 0x11ec  [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:26:23.0293 0x11ec  KSecPkg - ok
10:26:23.0308 0x11ec  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:26:23.0308 0x11ec  ksthunk - ok
10:26:23.0355 0x11ec  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:26:23.0355 0x11ec  KtmRm - ok
10:26:23.0402 0x11ec  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:26:23.0402 0x11ec  LanmanServer - ok
10:26:23.0417 0x11ec  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:26:23.0433 0x11ec  LanmanWorkstation - ok
10:26:23.0449 0x11ec  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:26:23.0464 0x11ec  lltdio - ok
10:26:23.0480 0x11ec  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:26:23.0495 0x11ec  lltdsvc - ok
10:26:23.0527 0x11ec  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:26:23.0527 0x11ec  lmhosts - ok
10:26:23.0573 0x11ec  [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:26:23.0589 0x11ec  LMS - ok
10:26:23.0605 0x11ec  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:26:23.0620 0x11ec  LSI_FC - ok
10:26:23.0636 0x11ec  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:26:23.0636 0x11ec  LSI_SAS - ok
10:26:23.0667 0x11ec  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:26:23.0667 0x11ec  LSI_SAS2 - ok
10:26:23.0683 0x11ec  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:26:23.0698 0x11ec  LSI_SCSI - ok
10:26:23.0714 0x11ec  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:26:23.0714 0x11ec  luafv - ok
10:26:23.0761 0x11ec  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
10:26:23.0761 0x11ec  LVRS64 - ok
10:26:23.0932 0x11ec  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
10:26:24.0057 0x11ec  LVUVC64 - ok
10:26:24.0135 0x11ec  [ 6E6754470C2553985F51A98EF9FE4E63, 02539E0510311F5058BE7DCAD3795F10F0B1D32BDA4FC50C2A7F44FBB69BF93A ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
10:26:24.0166 0x11ec  McAfee Endpoint Encryption Agent - ok
10:26:24.0182 0x11ec  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:26:24.0182 0x11ec  Mcx2Svc - ok
10:26:24.0197 0x11ec  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:26:24.0197 0x11ec  megasas - ok
10:26:24.0229 0x11ec  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:26:24.0229 0x11ec  MegaSR - ok
10:26:24.0260 0x11ec  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
10:26:24.0260 0x11ec  MEIx64 - ok
10:26:24.0291 0x11ec  [ 33D17CE434F2A48A803CE3AD0612AFD0, A81A31D02DAA6728BFC073B083D73381E7219F10AFE522316BDDB731A67833C5 ] MfeEpeOpal      C:\Windows\system32\drivers\MfeEpeOpal.sys
10:26:24.0291 0x11ec  MfeEpeOpal - ok
10:26:24.0307 0x11ec  [ DFDAD7BE0924608AC447C70AFEB87A76, 4E2B53EC7F079772A95B10F78D17661521B9F83CD343491E6A4DB426B79035BA ] MfeEpePc        C:\Windows\system32\drivers\MfeEpePc.sys
10:26:24.0322 0x11ec  MfeEpePc - ok
10:26:24.0338 0x11ec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:26:24.0338 0x11ec  MMCSS - ok
10:26:24.0369 0x11ec  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:26:24.0369 0x11ec  Modem - ok
10:26:24.0385 0x11ec  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:26:24.0385 0x11ec  monitor - ok
10:26:24.0400 0x11ec  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:26:24.0400 0x11ec  mouclass - ok
10:26:24.0431 0x11ec  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:26:24.0431 0x11ec  mouhid - ok
10:26:24.0478 0x11ec  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:26:24.0478 0x11ec  mountmgr - ok
10:26:24.0509 0x11ec  [ 6215DA3AD492CFBEBEE2ADBED0A6CC22, 07B290B58EF722825D50AF97E10B7098A2118B3F335E1FFF8F9E5E9AF7A0A6CE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:26:24.0509 0x11ec  MozillaMaintenance - ok
10:26:24.0525 0x11ec  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:26:24.0541 0x11ec  mpio - ok
10:26:24.0541 0x11ec  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:26:24.0541 0x11ec  mpsdrv - ok
10:26:24.0619 0x11ec  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:26:24.0634 0x11ec  MpsSvc - ok
10:26:24.0665 0x11ec  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:26:24.0681 0x11ec  MRxDAV - ok
10:26:24.0728 0x11ec  [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:26:24.0728 0x11ec  mrxsmb - ok
10:26:24.0759 0x11ec  [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:26:24.0759 0x11ec  mrxsmb10 - ok
10:26:24.0775 0x11ec  [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:26:24.0775 0x11ec  mrxsmb20 - ok
10:26:24.0790 0x11ec  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:26:24.0790 0x11ec  msahci - ok
10:26:24.0853 0x11ec  [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
10:26:24.0868 0x11ec  MSCamSvc - ok
10:26:24.0884 0x11ec  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:26:24.0899 0x11ec  msdsm - ok
10:26:24.0899 0x11ec  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:26:24.0915 0x11ec  MSDTC - ok
10:26:24.0946 0x11ec  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:26:24.0946 0x11ec  Msfs - ok
10:26:24.0962 0x11ec  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:26:24.0962 0x11ec  mshidkmdf - ok
10:26:25.0009 0x11ec  [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
10:26:25.0009 0x11ec  MSHUSBVideo - ok
10:26:25.0024 0x11ec  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:26:25.0024 0x11ec  msisadrv - ok
10:26:25.0040 0x11ec  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:26:25.0055 0x11ec  MSiSCSI - ok
10:26:25.0055 0x11ec  msiserver - ok
10:26:25.0055 0x11ec  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:26:25.0055 0x11ec  MSKSSRV - ok
10:26:25.0071 0x11ec  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:26:25.0087 0x11ec  MSPCLOCK - ok
10:26:25.0087 0x11ec  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:26:25.0087 0x11ec  MSPQM - ok
10:26:25.0102 0x11ec  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:26:25.0118 0x11ec  MsRPC - ok
10:26:25.0133 0x11ec  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:26:25.0133 0x11ec  mssmbios - ok
10:26:25.0133 0x11ec  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:26:25.0133 0x11ec  MSTEE - ok
10:26:25.0149 0x11ec  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:26:25.0149 0x11ec  MTConfig - ok
10:26:25.0149 0x11ec  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:26:25.0165 0x11ec  Mup - ok
10:26:25.0211 0x11ec  MySQL - ok
10:26:25.0243 0x11ec  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:26:25.0258 0x11ec  napagent - ok
10:26:25.0274 0x11ec  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:26:25.0274 0x11ec  NativeWifiP - ok
10:26:25.0321 0x11ec  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:26:25.0336 0x11ec  NDIS - ok
10:26:25.0352 0x11ec  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:26:25.0352 0x11ec  NdisCap - ok
10:26:25.0367 0x11ec  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:26:25.0367 0x11ec  NdisTapi - ok
10:26:25.0383 0x11ec  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:26:25.0383 0x11ec  Ndisuio - ok
10:26:25.0399 0x11ec  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:26:25.0399 0x11ec  NdisWan - ok
10:26:25.0430 0x11ec  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:26:25.0430 0x11ec  NDProxy - ok
10:26:25.0445 0x11ec  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:26:25.0445 0x11ec  NetBIOS - ok
10:26:25.0461 0x11ec  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:26:25.0461 0x11ec  NetBT - ok
10:26:25.0492 0x11ec  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon        C:\Windows\system32\lsass.exe
10:26:25.0492 0x11ec  Netlogon - ok
10:26:25.0523 0x11ec  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:26:25.0539 0x11ec  Netman - ok
10:26:25.0601 0x11ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:25.0601 0x11ec  NetMsmqActivator - ok
10:26:25.0617 0x11ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:25.0617 0x11ec  NetPipeActivator - ok
10:26:25.0633 0x11ec  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:26:25.0648 0x11ec  netprofm - ok
10:26:25.0648 0x11ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:25.0664 0x11ec  NetTcpActivator - ok
10:26:25.0664 0x11ec  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:25.0664 0x11ec  NetTcpPortSharing - ok
10:26:25.0679 0x11ec  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:26:25.0679 0x11ec  nfrd960 - ok
10:26:25.0726 0x11ec  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:26:25.0742 0x11ec  NlaSvc - ok
10:26:25.0757 0x11ec  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:26:25.0757 0x11ec  Npfs - ok
10:26:25.0773 0x11ec  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:26:25.0773 0x11ec  nsi - ok
10:26:25.0789 0x11ec  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:26:25.0789 0x11ec  nsiproxy - ok
10:26:25.0867 0x11ec  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:26:25.0913 0x11ec  Ntfs - ok
10:26:25.0929 0x11ec  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:26:25.0929 0x11ec  Null - ok
10:26:25.0945 0x11ec  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:26:25.0945 0x11ec  nvraid - ok
10:26:25.0976 0x11ec  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:26:25.0976 0x11ec  nvstor - ok
10:26:26.0007 0x11ec  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:26:26.0007 0x11ec  nv_agp - ok
10:26:26.0023 0x11ec  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:26:26.0023 0x11ec  ohci1394 - ok
10:26:26.0069 0x11ec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:26:26.0069 0x11ec  p2pimsvc - ok
10:26:26.0101 0x11ec  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:26:26.0101 0x11ec  p2psvc - ok
10:26:26.0132 0x11ec  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:26:26.0132 0x11ec  Parport - ok
10:26:26.0163 0x11ec  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:26:26.0163 0x11ec  partmgr - ok
10:26:26.0210 0x11ec  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:26:26.0210 0x11ec  PcaSvc - ok
10:26:26.0225 0x11ec  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:26:26.0225 0x11ec  pci - ok
10:26:26.0241 0x11ec  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:26:26.0241 0x11ec  pciide - ok
10:26:26.0257 0x11ec  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:26:26.0272 0x11ec  pcmcia - ok
10:26:26.0288 0x11ec  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:26:26.0288 0x11ec  pcw - ok
10:26:26.0303 0x11ec  pdfcDispatcher - ok
10:26:26.0319 0x11ec  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:26:26.0335 0x11ec  PEAUTH - ok
10:26:26.0381 0x11ec  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:26:26.0413 0x11ec  PeerDistSvc - ok
10:26:26.0475 0x11ec  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:26:26.0475 0x11ec  PerfHost - ok
10:26:26.0537 0x11ec  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:26:26.0569 0x11ec  pla - ok
10:26:26.0600 0x11ec  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:26:26.0615 0x11ec  PlugPlay - ok
10:26:26.0631 0x11ec  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:26:26.0631 0x11ec  PNRPAutoReg - ok
10:26:26.0647 0x11ec  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:26:26.0647 0x11ec  PNRPsvc - ok
10:26:26.0693 0x11ec  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:26:26.0709 0x11ec  PolicyAgent - ok
10:26:26.0740 0x11ec  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:26:26.0740 0x11ec  Power - ok
10:26:26.0756 0x11ec  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:26:26.0771 0x11ec  PptpMiniport - ok
10:26:26.0787 0x11ec  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:26:26.0787 0x11ec  Processor - ok
10:26:26.0834 0x11ec  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:26:26.0849 0x11ec  ProfSvc - ok
10:26:26.0849 0x11ec  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:26:26.0849 0x11ec  ProtectedStorage - ok
10:26:26.0881 0x11ec  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:26:26.0881 0x11ec  Psched - ok
10:26:26.0943 0x11ec  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:26:26.0990 0x11ec  ql2300 - ok
10:26:27.0005 0x11ec  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:26:27.0005 0x11ec  ql40xx - ok
10:26:27.0021 0x11ec  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:26:27.0037 0x11ec  QWAVE - ok
10:26:27.0037 0x11ec  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:26:27.0052 0x11ec  QWAVEdrv - ok
10:26:27.0052 0x11ec  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:26:27.0052 0x11ec  RasAcd - ok
10:26:27.0068 0x11ec  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:26:27.0068 0x11ec  RasAgileVpn - ok
10:26:27.0099 0x11ec  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:26:27.0099 0x11ec  RasAuto - ok
10:26:27.0115 0x11ec  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:26:27.0115 0x11ec  Rasl2tp - ok
10:26:27.0146 0x11ec  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:26:27.0146 0x11ec  RasMan - ok
10:26:27.0161 0x11ec  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:26:27.0161 0x11ec  RasPppoe - ok
10:26:27.0161 0x11ec  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:26:27.0177 0x11ec  RasSstp - ok
10:26:27.0177 0x11ec  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:26:27.0193 0x11ec  rdbss - ok
10:26:27.0193 0x11ec  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
10:26:27.0193 0x11ec  rdpbus - ok
10:26:27.0224 0x11ec  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:26:27.0224 0x11ec  RDPCDD - ok
10:26:27.0239 0x11ec  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:26:27.0239 0x11ec  RDPDR - ok
10:26:27.0255 0x11ec  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:26:27.0255 0x11ec  RDPENCDD - ok
10:26:27.0271 0x11ec  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:26:27.0271 0x11ec  RDPREFMP - ok
10:26:27.0317 0x11ec  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:26:27.0317 0x11ec  RDPWD - ok
10:26:27.0349 0x11ec  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:26:27.0349 0x11ec  rdyboost - ok
10:26:27.0380 0x11ec  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:26:27.0380 0x11ec  RemoteAccess - ok
10:26:27.0395 0x11ec  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:26:27.0411 0x11ec  RemoteRegistry - ok
10:26:27.0411 0x11ec  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:26:27.0411 0x11ec  RpcEptMapper - ok
10:26:27.0427 0x11ec  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:26:27.0427 0x11ec  RpcLocator - ok
10:26:27.0458 0x11ec  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:26:27.0458 0x11ec  RpcSs - ok
10:26:27.0473 0x11ec  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:26:27.0473 0x11ec  rspndr - ok
10:26:27.0505 0x11ec  [ C0D62EC15D093D0D12C47BC451A24047, A31C2EA9E97DA0D0D03992E024DD8B1699D5EA0AE483482EB10740C728778C31 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
10:26:27.0505 0x11ec  RSUSBSTOR - ok
10:26:27.0567 0x11ec  [ 39A719875F572241C585A629EE62EB14, EE42DB11710374A2A97ED5B58A9DA0AECC8AB0DF4DEEAC5970F33046255CE2F9 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:26:27.0583 0x11ec  RTL8167 - ok
10:26:27.0614 0x11ec  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:26:27.0614 0x11ec  s3cap - ok
10:26:27.0645 0x11ec  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs           C:\Windows\system32\lsass.exe
10:26:27.0645 0x11ec  SamSs - ok
10:26:27.0676 0x11ec  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:26:27.0676 0x11ec  sbp2port - ok
10:26:27.0692 0x11ec  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:26:27.0692 0x11ec  SCardSvr - ok
10:26:27.0707 0x11ec  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:26:27.0707 0x11ec  scfilter - ok
10:26:27.0785 0x11ec  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
10:26:27.0801 0x11ec  Schedule - ok
10:26:27.0832 0x11ec  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:26:27.0832 0x11ec  SCPolicySvc - ok
10:26:27.0848 0x11ec  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:26:27.0848 0x11ec  SDRSVC - ok
10:26:27.0863 0x11ec  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:26:27.0863 0x11ec  secdrv - ok
10:26:27.0879 0x11ec  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:26:27.0879 0x11ec  seclogon - ok
10:26:27.0895 0x11ec  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:26:27.0910 0x11ec  SENS - ok
10:26:27.0910 0x11ec  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:26:27.0910 0x11ec  SensrSvc - ok
10:26:27.0957 0x11ec  [ D666EBEC6374B2018CF61EE204C3CF50, 4BA0C0370F0C13AADBAE9724660F13210554B0B84C405494521502C2F6DEF27E ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
10:26:27.0957 0x11ec  Ser2pl - ok
10:26:27.0988 0x11ec  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:26:27.0988 0x11ec  Serenum - ok
10:26:28.0019 0x11ec  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
10:26:28.0035 0x11ec  Serial - ok
10:26:28.0051 0x11ec  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:26:28.0051 0x11ec  sermouse - ok
10:26:28.0082 0x11ec  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:26:28.0082 0x11ec  SessionEnv - ok
10:26:28.0097 0x11ec  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:26:28.0097 0x11ec  sffdisk - ok
10:26:28.0113 0x11ec  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:26:28.0113 0x11ec  sffp_mmc - ok
10:26:28.0113 0x11ec  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:26:28.0113 0x11ec  sffp_sd - ok
10:26:28.0129 0x11ec  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:26:28.0129 0x11ec  sfloppy - ok
10:26:28.0160 0x11ec  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:26:28.0160 0x11ec  SharedAccess - ok
10:26:28.0191 0x11ec  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:26:28.0191 0x11ec  ShellHWDetection - ok
10:26:28.0207 0x11ec  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:26:28.0207 0x11ec  SiSRaid2 - ok
10:26:28.0222 0x11ec  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:26:28.0222 0x11ec  SiSRaid4 - ok
10:26:28.0285 0x11ec  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:26:28.0300 0x11ec  SkypeUpdate - ok
10:26:28.0331 0x11ec  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:26:28.0331 0x11ec  Smb - ok
10:26:28.0363 0x11ec  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:26:28.0363 0x11ec  SNMPTRAP - ok
10:26:28.0363 0x11ec  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:26:28.0363 0x11ec  spldr - ok
10:26:28.0394 0x11ec  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:26:28.0409 0x11ec  Spooler - ok
10:26:28.0487 0x11ec  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:26:28.0581 0x11ec  sppsvc - ok
10:26:28.0597 0x11ec  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:26:28.0597 0x11ec  sppuinotify - ok
10:26:28.0628 0x11ec  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:26:28.0643 0x11ec  srv - ok
10:26:28.0659 0x11ec  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:26:28.0675 0x11ec  srv2 - ok
10:26:28.0675 0x11ec  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:26:28.0690 0x11ec  srvnet - ok
10:26:28.0706 0x11ec  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:26:28.0706 0x11ec  SSDPSRV - ok
10:26:28.0721 0x11ec  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:26:28.0721 0x11ec  SstpSvc - ok
10:26:28.0753 0x11ec  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:26:28.0753 0x11ec  stexstor - ok
10:26:28.0784 0x11ec  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:26:28.0784 0x11ec  stisvc - ok
10:26:28.0815 0x11ec  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:26:28.0815 0x11ec  storflt - ok
10:26:28.0831 0x11ec  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
10:26:28.0831 0x11ec  StorSvc - ok
10:26:28.0846 0x11ec  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:26:28.0846 0x11ec  storvsc - ok
10:26:28.0846 0x11ec  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:26:28.0846 0x11ec  swenum - ok
10:26:28.0877 0x11ec  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:26:28.0877 0x11ec  swprv - ok
10:26:28.0971 0x11ec  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
10:26:29.0018 0x11ec  SysMain - ok
10:26:29.0018 0x11ec  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:26:29.0033 0x11ec  TabletInputService - ok
10:26:29.0080 0x11ec  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
10:26:29.0080 0x11ec  tap0901 - ok
10:26:29.0096 0x11ec  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:26:29.0111 0x11ec  TapiSrv - ok
10:26:29.0127 0x11ec  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:26:29.0127 0x11ec  TBS - ok
10:26:29.0205 0x11ec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:26:29.0267 0x11ec  Tcpip - ok
10:26:29.0330 0x11ec  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:26:29.0345 0x11ec  TCPIP6 - ok
10:26:29.0377 0x11ec  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:26:29.0377 0x11ec  tcpipreg - ok
10:26:29.0392 0x11ec  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:26:29.0392 0x11ec  TDPIPE - ok
10:26:29.0408 0x11ec  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:26:29.0423 0x11ec  TDTCP - ok
10:26:29.0455 0x11ec  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:26:29.0470 0x11ec  tdx - ok
10:26:29.0642 0x11ec  [ FC8DC5DB5F707C96FEBC526AA4CE562A, AB97B53EA9E8C55A18733A6A3DE42E6EBC8BA9150796338DF04AB2DDA5124E1A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
10:26:29.0720 0x11ec  TeamViewer - ok
10:26:29.0751 0x11ec  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:26:29.0751 0x11ec  TermDD - ok
10:26:29.0798 0x11ec  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:26:29.0829 0x11ec  TermService - ok
10:26:29.0845 0x11ec  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:26:29.0845 0x11ec  Themes - ok
10:26:29.0860 0x11ec  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:26:29.0860 0x11ec  THREADORDER - ok
10:26:29.0938 0x11ec  [ FBD16717FD68B206C4CE3BB3C9EE5CB3, 88F1DE05644CA36C439D8BFBB14F46BA168665A9F42BB0A00C943F95EE19755C ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
10:26:29.0954 0x11ec  TomTomHOMEService - ok
10:26:29.0969 0x11ec  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:26:29.0969 0x11ec  TrkWks - ok
10:26:30.0016 0x11ec  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:26:30.0016 0x11ec  TrustedInstaller - ok
10:26:30.0063 0x11ec  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:26:30.0063 0x11ec  tssecsrv - ok
10:26:30.0094 0x11ec  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:26:30.0094 0x11ec  TsUsbFlt - ok
10:26:30.0110 0x11ec  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:26:30.0110 0x11ec  TsUsbGD - ok
10:26:30.0141 0x11ec  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:26:30.0141 0x11ec  tunnel - ok
10:26:30.0172 0x11ec  TVicPort - ok
10:26:30.0203 0x11ec  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:26:30.0203 0x11ec  uagp35 - ok
10:26:30.0219 0x11ec  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:26:30.0235 0x11ec  udfs - ok
10:26:30.0250 0x11ec  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:26:30.0266 0x11ec  UI0Detect - ok
10:26:30.0281 0x11ec  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:26:30.0281 0x11ec  uliagpkx - ok
10:26:30.0313 0x11ec  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:26:30.0313 0x11ec  umbus - ok
10:26:30.0328 0x11ec  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:26:30.0328 0x11ec  UmPass - ok
10:26:30.0344 0x11ec  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:26:30.0344 0x11ec  UmRdpService - ok
10:26:30.0406 0x11ec  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:26:30.0422 0x11ec  UMVPFSrv - ok
10:26:30.0437 0x11ec  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:26:30.0453 0x11ec  upnphost - ok
10:26:30.0484 0x11ec  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:26:30.0484 0x11ec  usbaudio - ok
10:26:30.0500 0x11ec  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:26:30.0515 0x11ec  usbccgp - ok
10:26:30.0515 0x11ec  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:26:30.0515 0x11ec  usbcir - ok
10:26:30.0547 0x11ec  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:26:30.0547 0x11ec  usbehci - ok
10:26:30.0578 0x11ec  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:26:30.0578 0x11ec  usbhub - ok
10:26:30.0593 0x11ec  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:26:30.0593 0x11ec  usbohci - ok
10:26:30.0609 0x11ec  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:26:30.0609 0x11ec  usbprint - ok
10:26:30.0625 0x11ec  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:26:30.0625 0x11ec  USBSTOR - ok
10:26:30.0640 0x11ec  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:26:30.0640 0x11ec  usbuhci - ok
10:26:30.0687 0x11ec  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:26:30.0687 0x11ec  usbvideo - ok
10:26:30.0718 0x11ec  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:26:30.0718 0x11ec  UxSms - ok
10:26:30.0843 0x11ec  [ 78CE11B76B63936CE59A2713163CC79D, 60DD2E23C8FC882BE43F29BEA38B87237F18036146A4BEA62ED19DE971466371 ] uzsvc           C:\Program Files (x86)\UltraZip\uzsvc.exe
10:26:30.0859 0x11ec  uzsvc - ok
10:26:30.0937 0x11ec  [ 381DEE8AF52DEB3BD8F6390DAB4EF613, 22613C71979694E72EE31BA11F8126FF3203B769E47F09C33CE071AAA03C1849 ] uzupd           C:\Program Files (x86)\UltraZip\uzupd.exe
10:26:30.0937 0x11ec  uzupd - ok
10:26:30.0952 0x11ec  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc        C:\Windows\system32\lsass.exe
10:26:30.0952 0x11ec  VaultSvc - ok
10:26:30.0968 0x11ec  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:26:30.0968 0x11ec  vdrvroot - ok
10:26:30.0999 0x11ec  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:26:31.0015 0x11ec  vds - ok
10:26:31.0046 0x11ec  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:26:31.0046 0x11ec  vga - ok
10:26:31.0046 0x11ec  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:26:31.0061 0x11ec  VgaSave - ok
10:26:31.0077 0x11ec  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:26:31.0093 0x11ec  vhdmp - ok
10:26:31.0108 0x11ec  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:26:31.0108 0x11ec  viaide - ok
10:26:31.0124 0x11ec  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:26:31.0139 0x11ec  vmbus - ok
10:26:31.0155 0x11ec  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:26:31.0155 0x11ec  VMBusHID - ok
10:26:31.0171 0x11ec  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:26:31.0171 0x11ec  volmgr - ok
10:26:31.0202 0x11ec  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:26:31.0217 0x11ec  volmgrx - ok
10:26:31.0233 0x11ec  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:26:31.0249 0x11ec  volsnap - ok
10:26:31.0264 0x11ec  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:26:31.0264 0x11ec  vsmraid - ok
10:26:31.0327 0x11ec  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:26:31.0389 0x11ec  VSS - ok
10:26:31.0405 0x11ec  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:26:31.0405 0x11ec  vwifibus - ok
10:26:31.0436 0x11ec  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:26:31.0436 0x11ec  W32Time - ok
10:26:31.0451 0x11ec  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:26:31.0451 0x11ec  WacomPen - ok
10:26:31.0483 0x11ec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:26:31.0483 0x11ec  WANARP - ok
10:26:31.0483 0x11ec  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:26:31.0483 0x11ec  Wanarpv6 - ok
10:26:31.0561 0x11ec  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:26:31.0607 0x11ec  WatAdminSvc - ok
10:26:31.0654 0x11ec  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:26:31.0701 0x11ec  wbengine - ok
10:26:31.0717 0x11ec  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:26:31.0717 0x11ec  WbioSrvc - ok
10:26:31.0748 0x11ec  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:26:31.0763 0x11ec  wcncsvc - ok
10:26:31.0779 0x11ec  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:26:31.0795 0x11ec  WcsPlugInService - ok
10:26:31.0795 0x11ec  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:26:31.0795 0x11ec  Wd - ok
10:26:31.0873 0x11ec  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:26:31.0904 0x11ec  Wdf01000 - ok
10:26:31.0919 0x11ec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:26:31.0919 0x11ec  WdiServiceHost - ok
10:26:31.0919 0x11ec  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:26:31.0935 0x11ec  WdiSystemHost - ok
10:26:31.0966 0x11ec  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
10:26:31.0982 0x11ec  WebClient - ok
10:26:31.0997 0x11ec  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:26:32.0013 0x11ec  Wecsvc - ok
10:26:32.0029 0x11ec  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:26:32.0029 0x11ec  wercplsupport - ok
10:26:32.0060 0x11ec  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:26:32.0075 0x11ec  WerSvc - ok
10:26:32.0091 0x11ec  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:26:32.0091 0x11ec  WfpLwf - ok
10:26:32.0107 0x11ec  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:26:32.0107 0x11ec  WIMMount - ok
10:26:32.0122 0x11ec  WinDefend - ok
10:26:32.0138 0x11ec  WinHttpAutoProxySvc - ok
10:26:32.0185 0x11ec  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:26:32.0185 0x11ec  Winmgmt - ok
10:26:32.0294 0x11ec  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
10:26:32.0356 0x11ec  WinRM - ok
10:26:32.0419 0x11ec  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:26:32.0419 0x11ec  WinUsb - ok
10:26:32.0450 0x11ec  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:26:32.0481 0x11ec  Wlansvc - ok
10:26:32.0497 0x11ec  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:26:32.0497 0x11ec  WmiAcpi - ok
10:26:32.0528 0x11ec  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:26:32.0528 0x11ec  wmiApSrv - ok
10:26:32.0543 0x11ec  WMPNetworkSvc - ok
10:26:32.0575 0x11ec  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:26:32.0575 0x11ec  WPCSvc - ok
10:26:32.0590 0x11ec  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:26:32.0606 0x11ec  WPDBusEnum - ok
10:26:32.0621 0x11ec  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:26:32.0621 0x11ec  ws2ifsl - ok
10:26:32.0637 0x11ec  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:26:32.0637 0x11ec  wscsvc - ok
10:26:32.0637 0x11ec  WSearch - ok
10:26:32.0746 0x11ec  [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv        C:\Windows\system32\wuaueng.dll
10:26:32.0809 0x11ec  wuauserv - ok
10:26:32.0824 0x11ec  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:26:32.0840 0x11ec  WudfPf - ok
10:26:32.0855 0x11ec  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:26:32.0871 0x11ec  WUDFRd - ok
10:26:32.0887 0x11ec  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:26:32.0887 0x11ec  wudfsvc - ok
10:26:32.0918 0x11ec  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:26:32.0918 0x11ec  WwanSvc - ok
10:26:32.0933 0x11ec  ================ Scan global ===============================
10:26:32.0980 0x11ec  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:26:33.0027 0x11ec  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
10:26:33.0043 0x11ec  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
10:26:33.0058 0x11ec  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:26:33.0089 0x11ec  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:26:33.0105 0x11ec  [ Global ] - ok
10:26:33.0105 0x11ec  ================ Scan MBR ==================================
10:26:33.0105 0x11ec  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:26:33.0308 0x11ec  \Device\Harddisk0\DR0 - ok
10:26:33.0308 0x11ec  ================ Scan VBR ==================================
10:26:33.0308 0x11ec  [ AC6AB71936115E79F526BC1AD18A333B ] \Device\Harddisk0\DR0\Partition1
10:26:33.0323 0x11ec  \Device\Harddisk0\DR0\Partition1 - ok
10:26:33.0323 0x11ec  [ AC21FAE61C591C61958E9DF9D6EC204F ] \Device\Harddisk0\DR0\Partition2
10:26:33.0323 0x11ec  \Device\Harddisk0\DR0\Partition2 - ok
10:26:33.0339 0x11ec  [ 1681FF003142C80F27C891477D41B56C ] \Device\Harddisk0\DR0\Partition3
10:26:33.0339 0x11ec  \Device\Harddisk0\DR0\Partition3 - ok
10:26:33.0339 0x11ec  ================ Scan generic autorun ======================
10:26:33.0370 0x11ec  [ 341BF37F8B038174F31BD4F84BBD679B, 71A496285158FC093980B6AB810D260EA9F9DC3A5C1FAE7B1EA1B43A9CF76E46 ] C:\Windows\system32\igfxtray.exe
10:26:33.0370 0x11ec  IgfxTray - ok
10:26:33.0386 0x11ec  [ FFD23B7EAA3FDD744C96171B107A5C8E, DB767975085F81B2BDC3CAC3C9A69824DB49489533D5ED6C1E51FF26180ECBEA ] C:\Windows\system32\hkcmd.exe
10:26:33.0401 0x11ec  HotKeysCmds - ok
10:26:33.0417 0x11ec  [ F005C9F0F7600B12D4A9BB19C5A23220, 09F8EE0E06B5200DEA1D7C645F76EAF2F88F20F1313308325893448ED64D57EB ] C:\Windows\system32\igfxpers.exe
10:26:33.0433 0x11ec  Persistence - ok
10:26:33.0479 0x11ec  MfeEpePcMonitor - ok
10:26:33.0526 0x11ec  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:26:33.0526 0x11ec  Logitech Download Assistant - ok
10:26:33.0589 0x11ec  [ BE173815C4F7C3C8193180AFC3F05DE3, 83519FA38DF356AC61FF195D87F61FF17D8B8A89C17B2D74DCFC1137AEB4D9E8 ] C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
10:26:33.0604 0x11ec  HP KEYBOARDx - ok
10:26:33.0651 0x11ec  [ 0E99A737F105F227521D944A6726736C, 42F463DBB6C3607EBA89E141AC77A33F3108E048A5219363F0989112AB27A7B4 ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
10:26:33.0667 0x11ec  PDF Complete - ok
10:26:33.0963 0x11ec  [ A48BA8EFDC3FAD1E5E284CE89A6F677D, 6AF63C51D14F112A3E5B9B3D4EDAC00A2F9E8DBFD9D149A9CE46ACCBC5842433 ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
10:26:34.0135 0x11ec  File Sanitizer - ok
10:26:34.0197 0x11ec  [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
10:26:34.0213 0x11ec  avgnt - ok
10:26:34.0259 0x11ec  [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
10:26:34.0259 0x11ec  LifeCam - ok
10:26:34.0322 0x11ec  [ 1606A7B4DA56B3BA369FC612F45A3362, A50B1FADEA3DB60E8D5F18390FD34D8F95D3F0C2C4F78F3791177FCD9CFB21F0 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
10:26:34.0337 0x11ec  FreePDF Assistant - ok
10:26:34.0369 0x11ec  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:26:34.0384 0x11ec  SunJavaUpdateSched - ok
10:26:34.0447 0x11ec  [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
10:26:34.0447 0x11ec  Avira SystrayStartTrigger - ok
10:26:34.0509 0x11ec  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:26:34.0556 0x11ec  Sidebar - ok
10:26:34.0587 0x11ec  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:26:34.0587 0x11ec  mctadmin - ok
10:26:34.0634 0x11ec  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:26:34.0665 0x11ec  Sidebar - ok
10:26:34.0665 0x11ec  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:26:34.0665 0x11ec  mctadmin - ok
10:26:34.0790 0x11ec  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
10:26:34.0790 0x11ec  Dropbox Update - ok
10:26:34.0930 0x11ec  [ 005B2B63719E6B3E8E2E1446A9278F8E, 0A34046B0205A2FEEE5E2867765D171D7BA420A1527E49472A35B484219BD377 ] C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:26:34.0961 0x11ec  Spotify Web Helper - ok
10:26:35.0039 0x11ec  [ 77C01F1850E55373280A1B865D824F58, EE1535A11A49BF578FC4D00096508FFD0C4E20EC164B3ABB92ED6E2800F831C8 ] C:\Users\Peter\AppData\Local\Microsoft\BingSvc\BingSvc.exe
10:26:35.0039 0x11ec  BingSvc - ok
10:26:35.0071 0x11ec  [ 49AD8709B96741F9C3C5A98CBBAB0777, F7AC39483908600227E9A9001B2FD587F6E6F26917E05153E935F743715B22F5 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
10:26:35.0071 0x11ec  TomTomHOME.exe - ok
10:26:35.0071 0x11ec  Waiting for KSN requests completion. In queue: 56
10:26:36.0085 0x11ec  Waiting for KSN requests completion. In queue: 56
10:26:37.0099 0x11ec  Waiting for KSN requests completion. In queue: 56
10:26:38.0175 0x11ec  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
10:26:38.0191 0x11ec  Win FW state via NFP2: enabled ( trusted )
10:26:41.0045 0x11ec  ============================================================
10:26:41.0045 0x11ec  Scan finished
10:26:41.0045 0x11ec  ============================================================
10:26:41.0045 0x0ed8  Detected object count: 0
10:26:41.0045 0x0ed8  Actual detected object count: 0
10:27:04.0695 0x0f50  Deinitialize success
         
LG
Peter


Alt 11.10.2015, 10:37   #6
IN3BQX
 
SPAMHAUS blockiert meine ausgehenden mails - Standard

AVIRA-Fundmeldung



Der AVIRA-Scanner war während der beiden RootKit-Scans aktiv (weil ich ihn ja, wie oben erwähnt, nicht abschalten kann) und hat die beiliegende Meldung produziert
Hab mit "Entfernen" geantwortet.

LG
Peter
Miniaturansicht angehängter Grafiken
SPAMHAUS blockiert meine ausgehenden mails-avira-fund_waehrend_mbar-scan.jpg  

Alt 11.10.2015, 21:08   #7
schrauber
/// the machine
/// TB-Ausbilder
 

SPAMHAUS blockiert meine ausgehenden mails - Standard

SPAMHAUS blockiert meine ausgehenden mails



Avira deinstallieren.

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu SPAMHAUS blockiert meine ausgehenden mails
aktiviert, anweisung, ausführen, ausgeführt, ausgehende, blockiert, deaktivieren, entferne, entfernen, gelöscht, hilfesuche, ignoriert, klicke, klicken, konnte, liste, mail, mails, schutz, schwarze, spamhaus, verlangt, verschickt, verschwindet, versenden



Ähnliche Themen: SPAMHAUS blockiert meine ausgehenden mails


  1. Malware? SPAM-Mails in meinem Namen an meine Kontakte
    Log-Analyse und Auswertung - 28.09.2015 (10)
  2. Yahoo: Gefälschte Mailadresse versendet Mails an meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 02.02.2015 (5)
  3. Spam mails über meine Email Adresse
    Plagegeister aller Art und deren Bekämpfung - 06.05.2013 (12)
  4. Malwarebytes hat ausgehenden port 8 blockiert - avast hat im win temp Ordner Win32:Downloader-MIU gefunden
    Log-Analyse und Auswertung - 23.12.2012 (14)
  5. Mail Trojaner Malwarebytes auswertung, wie bekomme ich meine Mails
    Log-Analyse und Auswertung - 05.11.2012 (17)
  6. E-Mail Account bei gmx.de verschickt Mails an alle meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  7. Spamhaus Virus, "IP adress was blocked", einige Internetseiten blockiert
    Log-Analyse und Auswertung - 27.06.2012 (21)
  8. Automatische Spam-Mails an alle meine Kontakte (live.de)
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (3)
  9. Meine Gmx-Mail Adresser verschickt Spam-Mails
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (1)
  10. Es kommen extrem viele Spam Mails auf meine Email.
    Überwachung, Datenschutz und Spam - 14.01.2012 (3)
  11. Liest da jemand meine Mails mit?
    Überwachung, Datenschutz und Spam - 04.09.2011 (20)
  12. Facebook versendet an alle meine Kontakte Spam mails
    Log-Analyse und Auswertung - 15.08.2011 (1)
  13. Verschicke Spam-Mails an meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (6)
  14. Spam-Mails über meine Mail-Adresse auf meine Kontakte geschickt!
    Log-Analyse und Auswertung - 28.11.2010 (1)
  15. kann keine emails mehr senden, spamhaus blockiert
    Plagegeister aller Art und deren Bekämpfung - 26.01.2009 (4)
  16. Meine eigenen E-Mails landen im Spam!
    Überwachung, Datenschutz und Spam - 26.10.2007 (10)
  17. Ausgehenden Internetverkehr kontrollieren
    Antiviren-, Firewall- und andere Schutzprogramme - 08.08.2006 (6)

Zum Thema SPAMHAUS blockiert meine ausgehenden mails - Seit geraumer Zeit kann ich keine mails mehr von meinen xxx@timetronic.it-Konten mehr versenden, sondern bekomme die beiliegende Fehlermeldung. Ich vermute, daß ein Schadprogramm heimlich Spam-mails mit diesen Absenderadressen verschickt hat - SPAMHAUS blockiert meine ausgehenden mails...
Archiv
Du betrachtest: SPAMHAUS blockiert meine ausgehenden mails auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.