| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Redirekt VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.10.2012, 09:30
| #1 |
 |  Redirekt Virus Hallo, diese Redirect Viren sind ja echt hartnäckig! Ich bekomme meinen überhaupt nicht weg, obwohl ich Malwarebytes Anti Malware und Hitman Pro installiert habe und laufen lasse. Auch Spybot Search & Destroy, TDSSKiller schlagen nicht an. Es gibt weitere Versuche von mir den Dreck zu finden und zu löschen. Aufgrund vorheriger Forum-Tasks habe ich jetzt OTL und aswMBR als Administrator laufen lassen und poste sie hier in der Hoffnung, hier eine Lösung zu finden. Vielen Dank für Eure Bemühungen. |
|
12.10.2012, 16:35
| #2 |
| | Redirekt Virus Oh Sorry,
__________________Mein Betriebssystem ist natürlich Windows 7 (64Bit)  |
|
15.10.2012, 13:27
| #3 |
| | Redirekt Virus Hier noch ein paar Informationen zum System:
__________________Betriebssystemname Microsoft Windows 7 Ultimate Version 6.1.7601 Service Pack 1 Build 7601 Zusätzliche Betriebssystembeschreibung Nicht verfügbar Betriebssystemhersteller Microsoft Corporation Systemname BOVN2012-OBEN Systemhersteller Gigabyte Technology Co., Ltd. Systemmodell P35-DS3 Systemtyp x64-basierter PC Prozessor Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 2667 MHz, 2 Kern(e), 2 logische(r) Prozessor(en) BIOS-Version/-Datum Award Software International, Inc. F14, 18.06.2009 SMBIOS-Version 2.4 Windows-Verzeichnis C:\Windows Systemverzeichnis C:\Windows\system32 Startgerät \Device\HarddiskVolume5 Gebietsschema Deutschland Hardwareabstraktionsebene Version = "6.1.7601.17514" Benutzername Bovn2012-oben\Berni Zeitzone Mitteleuropäische Sommerzeit Installierter physikalischer Speicher (RAM) 8,00 GB Gesamter realer Speicher 8,00 GB Verfügbarer realer Speicher 5,85 GB Gesamter virtueller Speicher 16,0 GB Verfügbarer virtueller Speicher 13,1 GB Größe der Auslagerungsdatei 8,00 GB Auslagerungsdatei C:\pagefile.sys |
|
15.10.2012, 15:11
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Redirekt Virus Ohne die Logs von Malwarebytes und Co wird das hier nichts.  Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.10.2012, 07:06
| #5 |
| | Redirekt Virus Guten Morgen und vielen Dank dass sich einer meines Problemes angenommen hat. Eigentlich hatte ich bis auf das MBAM Log alles bei gepackt (dachte ich?). Ich hoffe, dass Ihr mit den folgenden Logs etwas anfangen könnt: 1. Malwarebyte: Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.14.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Berni :: BOVN2012-OBEN [Administrator] Schutz: Aktiviert 15.10.2012 22:57:49 mbam-log-2012-10-15 (22-57-49).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 729802 Laufzeit: 1 Stunde(n), 17 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) 2. OTL -Logs: OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.10.2012 10:07:25 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Berni\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,03% Memory free 16,00 Gb Paging File | 13,75 Gb Available in Paging File | 85,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,69 Gb Total Space | 58,03 Gb Free Space | 51,96% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 881,91 Gb Free Space | 94,68% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 276,60 Gb Free Space | 29,69% Space Free | Partition Type: NTFS Drive F: | 244,14 Gb Total Space | 74,07 Gb Free Space | 30,34% Space Free | Partition Type: NTFS Drive G: | 128,46 Gb Total Space | 27,56 Gb Free Space | 21,45% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: BOVN2012-OBEN | User Name: Berni | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.10 17:20:25 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe PRC - [2012.10.10 17:04:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Berni\Desktop\OTL.exe PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- D:\Programme (x86)\Mozilla Firefox\firefox.exe PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.07.11 10:24:24 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2012.06.13 15:23:30 | 003,540,992 | ---- | M] (sw4you, Siegfried Weckmann) -- C:\Program Files (x86)\Hardcopy\hardcopy.exe PRC - [2012.04.20 07:59:04 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe PRC - [2012.04.20 07:59:02 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe PRC - [2012.01.19 11:06:50 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe PRC - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011.04.08 08:50:36 | 001,406,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe PRC - [2010.11.20 14:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\snmp.exe PRC - [2009.10.08 14:12:06 | 000,049,152 | ---- | M] (Samsung) -- C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe PRC - [2009.10.05 13:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008.03.25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe ========== Modules (No Company Name) ========== MOD - [2012.10.10 17:20:24 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- D:\Programme (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.08.30 10:39:42 | 000,374,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012.06.13 15:09:18 | 002,941,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDllS.dll MOD - [2012.03.09 09:46:20 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDLL2_36_Win32.dll MOD - [2012.01.19 11:06:50 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe MOD - [2012.01.07 10:54:16 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hardcopy_04.dll MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2010.12.21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll MOD - [2009.10.05 13:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe MOD - [2009.03.04 16:03:58 | 002,191,437 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll MOD - [2009.03.03 14:24:44 | 000,327,753 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll MOD - [2009.02.20 10:48:10 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL MOD - [2009.02.12 21:47:40 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll MOD - [2009.02.12 14:41:22 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll MOD - [2008.12.19 18:05:54 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll MOD - [2008.10.24 16:06:46 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll MOD - [2008.09.01 14:26:32 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll MOD - [2008.05.07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll MOD - [2008.03.25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe MOD - [2003.02.14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.11.20 15:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.10.11 08:45:05 | 000,108,392 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Programme\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV - [2012.10.10 17:20:25 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012.09.12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.04.20 07:59:04 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate) SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc) SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme (x86)\Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010.11.20 14:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.09.29 16:11:41 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon) DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.08.30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.07.20 17:36:09 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2012.07.20 17:05:03 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune) DRV:64bit: - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (Magic Tune) DRV - [2012.10.12 09:31:31 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2012.10.12 09:31:26 | 000,024,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.05.10 15:05:38 | 000,030,592 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Programme\HWiNFO64\HWiNFO64A.SYS -- (HWiNFO32) DRV - [2011.06.02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64) DRV - [2010.01.29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2004.04.01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F3 F5 05 15 37 45 CD 01 [binary data] IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110823&tt=270912_ctrl2_3912_8&babsrc=SP_ss&mntrId=206ce36c000000000000001a4d50d3c5 IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE487 IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/ IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F3 F5 05 15 37 45 CD 01 [binary data] IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE487 IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/" FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.7.1.62 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.11 10:24:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.17 13:20:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: D:\Programme (x86)\Mozilla Firefox\components [2012.10.07 14:16:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: D:\Programme (x86)\Mozilla Firefox\plugins [2012.08.17 11:03:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\s04otwx7.default\extensions\extension@preispilot.com FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\s04otwx7.default\extensions\firejump@firejump.net [2012.06.08 12:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Extensions [2012.06.08 12:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.07.10 08:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\extensions [2012.07.10 08:21:27 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\extensions\plugin@yontoo.com [2012.06.15 13:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions [2012.06.15 13:06:19 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012.06.15 13:06:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.06.15 13:06:17 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2012.06.13 16:58:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\s04otwx7.default - Original\extensions [2012.10.04 13:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\s04otwx7.default\extensions [2012.10.04 13:29:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\s04otwx7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.09.27 09:43:39 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\s04otwx7.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2012.07.03 09:07:17 | 000,004,819 | ---- | M] () (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\s04otwx7.default\extensions\LX8CTlVhKKEeMCweV@kvThSnVBDi.com.xpi [2012.10.04 13:29:17 | 000,057,702 | ---- | M] () (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\s04otwx7.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi [2011.11.17 19:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\Backups\c5txultq.default - Original\searchplugins\askcom.xml [2012.04.24 13:49:24 | 000,002,389 | ---- | M] () -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\Backups\c5txultq.default - Original\searchplugins\SearchTheWeb.xml File not found (No name found) -- C:\USERS\BERNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\C5TXULTQ.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} O1 HOSTS File: ([2012.09.18 11:36:53 | 000,444,301 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 15258 more lines... O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme (x86)\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme (x86)\Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\Toolbar\ShellBrowser: (no name) - {61628E2A-4FF9-4454-992D-D92A8CD27399} - No CLSID value found. O3:64bit: - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [MagicTuneEngine] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe () O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AnySend Updater] C:\Program Files (x86)\AnySend\AnySendUpdater.exe File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BCSSync] D:\Programme (x86)\Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe () O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe (Samsung Electronics, Inc.) O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [Driver Mender] C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe (PC Drivers Headquarters) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [videoppack] "C:\Users\Berni\AppData\Roaming\videoppack.exe" -autorun File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme (x86)\Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme (x86)\Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programme (x86)\Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programme (x86)\Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control) O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1A7B0AA-A399-464F-BD84-285456E18B69}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme (x86)\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.12 09:11:59 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\02 Rechnerinfektionen [2012.10.10 17:07:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Berni\Desktop\aswMBR.exe [2012.10.10 17:07:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Berni\Desktop\OTL.exe [2012.10.10 16:06:19 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.10.10 16:06:19 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.10.10 16:06:18 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.10.10 16:06:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.10.10 16:06:15 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.10.10 16:06:15 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.10.10 16:06:15 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.10.10 16:06:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.10.10 16:06:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.10.10 16:06:14 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.10.10 16:06:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.10.10 16:06:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.10.10 16:06:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.10.10 16:06:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.10.10 16:06:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.10.10 16:06:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 16:06:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.10.10 16:06:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.10.10 16:06:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 16:06:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.10.10 16:06:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 16:06:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 16:06:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 16:06:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 16:06:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.10.10 16:06:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.10.10 16:06:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.10.10 16:06:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.10.10 16:06:07 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.10.10 16:05:59 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.10.10 16:05:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.10.07 14:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.10.02 19:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoner [2012.10.02 19:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phoner [2012.10.01 09:53:08 | 000,024,104 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2012.09.29 16:13:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IO [2012.09.29 15:42:11 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012.09.29 14:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2012.09.29 14:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2012.09.29 14:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012.09.29 14:04:54 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Local\SlimWare Utilities Inc [2012.09.29 13:59:26 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\Downloaded Installers [2012.09.28 15:45:35 | 000,000,000 | ---D | C] -- C:\Users\Berni\Start Menu [2012.09.28 15:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLVPlayer [2012.09.28 03:00:57 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.09.28 03:00:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.09.28 03:00:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.09.28 03:00:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.09.28 03:00:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.09.28 03:00:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.09.28 03:00:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.09.28 03:00:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.09.28 03:00:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.09.28 03:00:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.09.28 03:00:54 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.09.28 03:00:54 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.09.28 03:00:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.09.28 03:00:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.09.28 03:00:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.09.27 09:26:05 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\Manuals [2012.09.27 08:39:02 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012.09.19 13:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagrand [2012.09.19 13:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagrand [2012.09.19 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\Opera [2012.09.19 13:48:31 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\Windows\SysWow64\dhRichClient3.dll [2012.09.19 13:48:28 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\OCS [2012.09.19 13:48:27 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\DesktopIconForAmazon [2012.09.19 13:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Electronics Ltd [2012.09.19 13:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\MagicTune Premium [2012.09.18 16:09:47 | 000,000,000 | ---D | C] -- C:\temp [2012.09.18 16:09:02 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.09.18 16:09:02 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.09.18 16:09:02 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.09.18 16:09:02 | 018,229,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.09.18 16:09:02 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.09.18 16:09:02 | 015,291,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012.09.18 16:09:02 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.09.18 16:09:02 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.09.18 16:09:02 | 007,397,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2012.09.18 16:09:02 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2012.09.18 16:09:02 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.09.18 16:09:02 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.09.18 16:09:02 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.09.18 16:09:02 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.09.18 16:09:02 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.09.18 16:08:16 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012.09.18 09:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.09.18 09:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.09.18 09:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012.09.14 10:55:44 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\0 Otti [2012.09.14 10:44:00 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\RealNetworks [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.12 10:10:43 | 000,034,593 | ---- | M] () -- C:\Windows\SysWow64\jcsball.dat [2012.10.12 10:10:43 | 000,014,097 | ---- | M] () -- C:\Windows\SysWow64\jcsb.new [2012.10.12 10:10:43 | 000,009,182 | ---- | M] () -- C:\Windows\SysWow64\jerror.dat [2012.10.12 09:38:27 | 000,014,912 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.12 09:38:27 | 000,014,912 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.12 09:37:02 | 001,507,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.12 09:37:02 | 000,657,438 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.12 09:37:02 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.12 09:37:02 | 000,130,810 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.12 09:37:02 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.12 09:31:31 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys [2012.10.12 09:31:31 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref [2012.10.12 09:31:26 | 000,024,104 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2012.10.12 09:31:12 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.12 09:30:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.12 09:30:56 | 1211,136,225 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.10.12 09:30:54 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys [2012.10.12 09:26:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.12 09:24:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job [2012.10.12 09:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.10 17:20:25 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.10.10 17:20:25 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.10.10 17:06:16 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Berni\Desktop\aswMBR.exe [2012.10.10 17:04:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Berni\Desktop\OTL.exe [2012.10.02 19:06:52 | 000,000,990 | ---- | M] () -- C:\Users\Berni\Desktop\Phoner.lnk [2012.10.02 03:00:53 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012.10.01 09:51:03 | 000,000,338 | ---- | M] () -- C:\Windows\SysNative\.crusader [2012.09.29 16:11:41 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys [2012.09.29 14:16:05 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2012.09.28 15:45:09 | 000,001,032 | ---- | M] () -- C:\Users\Berni\Desktop\FLV Player.lnk [2012.09.21 08:14:55 | 000,441,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.09.19 13:48:28 | 000,001,458 | ---- | M] () -- C:\Users\Berni\Desktop\Amazon.lnk [2012.09.19 13:48:07 | 000,001,647 | ---- | M] () -- C:\Users\Public\Desktop\MagicTunePremium.lnk [2012.09.19 13:48:03 | 000,001,467 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk [2012.09.18 11:36:53 | 000,444,301 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012.09.18 10:26:43 | 000,000,523 | ---- | M] () -- C:\Windows\wininit.ini [2012.09.18 09:32:57 | 000,001,269 | ---- | M] () -- C:\Users\Berni\Desktop\Spybot - Search & Destroy.lnk [2012.09.17 13:29:51 | 000,001,934 | ---- | M] () -- C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2012.09.13 11:48:54 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.12 09:31:31 | 000,034,592 | ---- | C] () -- C:\Windows\SysWow64\jcsball.dat [2012.10.12 09:31:31 | 000,014,097 | ---- | C] () -- C:\Windows\SysWow64\jcsb.new [2012.10.12 09:31:31 | 000,009,182 | ---- | C] () -- C:\Windows\SysWow64\jerror.dat [2012.10.07 14:17:02 | 000,000,829 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.02 19:06:52 | 000,000,990 | ---- | C] () -- C:\Users\Berni\Desktop\Phoner.lnk [2012.10.01 09:51:03 | 000,000,338 | ---- | C] () -- C:\Windows\SysNative\.crusader [2012.09.29 14:16:05 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2012.09.29 14:04:57 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys [2012.09.28 15:45:09 | 000,001,032 | ---- | C] () -- C:\Users\Berni\Desktop\FLV Player.lnk [2012.09.19 13:48:31 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2012.09.19 13:48:28 | 000,001,458 | ---- | C] () -- C:\Users\Berni\Desktop\Amazon.lnk [2012.09.19 13:48:07 | 000,001,647 | ---- | C] () -- C:\Users\Public\Desktop\MagicTunePremium.lnk [2012.09.19 13:48:03 | 000,001,467 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk [2012.09.18 10:26:42 | 000,000,523 | ---- | C] () -- C:\Windows\wininit.ini [2012.09.18 09:32:57 | 000,001,269 | ---- | C] () -- C:\Users\Berni\Desktop\Spybot - Search & Destroy.lnk [2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.07.11 14:44:34 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.07.11 10:54:58 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012.07.11 09:35:28 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012.07.02 12:46:41 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012.06.13 17:35:36 | 000,059,232 | ---- | C] () -- C:\Windows\SysWow64\CNC8100W.DAT [2012.06.06 21:47:56 | 001,532,588 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.06.06 21:25:12 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2012.06.06 21:16:42 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\usetup.exe [2012.06.06 21:15:40 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\CTray.exe [2012.06.06 21:15:40 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\FlashDLL.dll [2012.06.06 21:15:40 | 000,166,720 | ---- | C] () -- C:\Windows\SysWow64\DrvInfo.dll [2012.06.06 21:15:40 | 000,154,432 | ---- | C] () -- C:\Windows\SysWow64\HwInfo.dll [2012.06.06 21:15:40 | 000,146,240 | ---- | C] () -- C:\Windows\SysWow64\DTInfo.dll [2012.06.06 21:15:40 | 000,133,952 | ---- | C] () -- C:\Windows\SysWow64\HWM.dll [2012.06.06 21:15:40 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\SInfo.dll [2012.06.06 21:15:40 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\Rcontrolagent.dll [2012.06.06 21:15:40 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\CmosDLL.dll [2012.06.06 21:15:40 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\MarkFunDrv.dll [2012.06.06 21:15:40 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\Flash.dll [2012.06.06 21:15:40 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\GMail.dll [2012.06.06 21:15:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\RecvMsgDLL.dll [2012.06.06 21:15:40 | 000,101,184 | ---- | C] () -- C:\Windows\SysWow64\COM_ycc.dll [2012.06.06 21:15:40 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\ycc.dll [2012.06.06 21:15:40 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\w83781d.dll [2012.06.06 21:15:40 | 000,060,224 | ---- | C] () -- C:\Windows\SysWow64\HUADRV.DLL [2012.06.06 21:15:40 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\FLASHFUN.DLL [2012.06.06 21:15:40 | 000,047,936 | ---- | C] () -- C:\Windows\SysWow64\IOInfo.dll [2012.06.06 21:15:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\GSCM2.dll [2012.06.06 21:15:40 | 000,043,840 | ---- | C] () -- C:\Windows\SysWow64\SysConfig.dll [2012.06.06 21:15:40 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\DeviceID.dll [2012.06.06 21:15:40 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\GSCM.dll [2012.06.06 21:15:40 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\HWAgent.dll [2012.06.06 21:15:40 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\GCSVR.exe [2012.06.06 21:15:40 | 000,004,303 | ---- | C] () -- C:\Windows\SysWow64\Mem.dat [2012.06.06 21:15:40 | 000,000,660 | ---- | C] () -- C:\Windows\SysWow64\Cmos.dat [2012.06.06 21:04:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > [/code] Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 12.10.2012 10:07:25 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Berni\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,03% Memory free
16,00 Gb Paging File | 13,75 Gb Available in Paging File | 85,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 58,03 Gb Free Space | 51,96% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 881,91 Gb Free Space | 94,68% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 276,60 Gb Free Space | 29,69% Space Free | Partition Type: NTFS
Drive F: | 244,14 Gb Total Space | 74,07 Gb Free Space | 30,34% Space Free | Partition Type: NTFS
Drive G: | 128,46 Gb Total Space | 27,56 Gb Free Space | 21,45% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BOVN2012-OBEN | User Name: Berni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C43C5F0-6CB4-4A2B-A496-5E5A5AF4DD03}" = rport=445 | protocol=6 | dir=out | app=system |
"{1A534434-30C5-4E14-B00B-A43D3DAAB2F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F75D8E5-D4F4-4879-8B37-455CF727E46C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{29A411F9-CE5F-4892-BC59-9B1EC114BD95}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{300C384A-6C65-4464-B9BC-CB7316B90BF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3FCA7B9E-F67A-4C5F-B0F7-008EFE76B44B}" = rport=137 | protocol=17 | dir=out | app=system |
"{4071D3CF-8B5A-4961-952C-398EA99932EA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4527D26B-C800-4965-A19C-B0E668F611DC}" = lport=137 | protocol=17 | dir=in | app=system |
"{463C7A37-FC0B-41B4-A397-87AF46B66F33}" = lport=138 | protocol=17 | dir=in | app=system |
"{486B6F19-E0EA-40A0-BE7E-DB261D04F558}" = lport=445 | protocol=6 | dir=in | app=system |
"{4B3BD6A5-EFF1-4F95-B836-B7B2A5F981B8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5095308D-E470-4C53-ACE0-A50472478376}" = rport=10243 | protocol=6 | dir=out | app=system |
"{57AD81F5-AEA6-4F92-ADBF-2C24C73CBAF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5C97013A-928B-416C-BAEA-7880D7D491CA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D473F0C-8E3F-4ED9-B5A2-F4AF9B4CAC07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{650B449B-C788-4890-8175-C58F3FB5B261}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72967A5D-BEDB-479C-A8C9-AC3C5B9E091E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7786CA26-CBA8-4338-9109-4061BE23BB54}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{826CAAB6-1459-428A-A3CC-A75C615C36F8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8E8CB642-A98F-4600-8F5F-5F1478F22BB5}" = lport=6004 | protocol=17 | dir=in | app=d:\programme (x86)\office\office14\outlook.exe |
"{923481CA-3081-4C89-A8FC-A91765287C34}" = rport=138 | protocol=17 | dir=out | app=system |
"{935EA528-B1E7-4E2C-B849-8A95E777FE3A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F2BD98D-90C9-4C12-AFA8-3359AD74B4A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A20F4608-BC08-4990-A344-118E89C9C2BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AD75469F-CABD-4669-82D8-ECFC6503778E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AE9A4B56-8D99-4699-B524-3017D8E38C29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B343434A-11F7-443A-A827-734A590253DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B40F4258-1D62-48F5-AF3E-F74D89D2893C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B920C23E-42A3-4D52-AF55-3395FDE5EEDE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D855A979-7907-44C5-96DE-28AE94824E11}" = lport=139 | protocol=6 | dir=in | app=system |
"{D92202B6-6142-4EBC-8247-FF9A42C020B0}" = rport=139 | protocol=6 | dir=out | app=system |
"{F82C941D-7A48-43CB-84B3-D17BC51C258B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11028737-6EBE-41C4-86C3-7064A57A92AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{15A8C9C4-4771-43AC-BC1D-B4B1292D74EE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1EAE78DA-F66C-44D4-9ABE-0858CC7E68B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{311910FA-E219-4DAA-B593-DE93A6E199C5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3B087F19-0DA9-4872-A25C-889887E4A3B3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{41B18D73-5B7A-4877-A0FC-AB97F57A4DD8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4BAAA787-E443-486D-8ADD-5A2CF1217408}" = protocol=6 | dir=in | app=d:\programme (x86)\office\office14\onenote.exe |
"{56432009-E092-4639-9440-CEA568B8FD04}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58BA1864-1D8B-4019-959A-D7208B7B63C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A6B492B-44C5-4241-AA40-6515EBE4CFE6}" = protocol=6 | dir=out | app=system |
"{67FBAEBC-8AFA-43BF-A4C0-F5D174832D12}" = protocol=17 | dir=in | app=d:\programme (x86)\office\office14\groove.exe |
"{70562AB4-83FF-4B08-80FC-42DECCD7F664}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{70B5F80C-3B31-4929-A98B-7C30AE922037}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7DA3730B-A8BB-45CE-B811-23364168CF7C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8A295C03-58FD-4CE6-9EB8-B84A8823EA10}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9DE20CDD-1A6F-414D-9F29-AD6C095A98FF}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
"{9E54D5F1-6114-4CE9-8DFB-B2854819D557}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{ABB9BAE6-0645-4F0F-AA89-C45E4613DEE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ADC32D6C-B5CB-4E61-BF1D-DAFACA3FE168}" = protocol=6 | dir=in | app=d:\programme (x86)\office\office14\groove.exe |
"{BCBF8A70-46FB-4833-81CA-728867FE95D7}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
"{BCE79934-7E99-4FC0-AAB3-FB0A31F2FA3D}" = protocol=17 | dir=in | app=d:\programme (x86)\office\office14\onenote.exe |
"{D671A83B-EEA3-4AE6-B945-C3F892289360}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB8F2711-FB40-4CFF-9B66-DA85F65CDC8B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E595DAEE-178B-4ECE-9778-D9CBB15F0D68}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E973E9DE-8B85-49EF-B3A7-579F62CBE9AF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F55A32B5-5BE0-40DF-AA81-909A5B89030A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE32C336-08C0-4FCD-AB6F-082934D1DB3F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{07DE188B-CCD9-464A-8C37-DE9712C61E55}D:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe |
"TCP Query User{34551788-17A6-47C1-8CF5-42EDF169DDB3}D:\programme (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=d:\programme (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{5321CFE2-1326-4F78-B307-3E4491D47D72}C:\program files\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"TCP Query User{6E0E31A6-6DB4-4B9A-B649-16E0363EE73C}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
"TCP Query User{814C93B5-84E8-481B-ADCD-48BCA39F1FFE}C:\program files (x86)\phoner\phoner.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"TCP Query User{AA4A8079-1FA4-4592-BDCE-9AE8197B1495}C:\windows\syswow64\recvmessage.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\recvmessage.exe |
"TCP Query User{C04C03E3-C594-4757-A391-0330248A6276}C:\windows\syswow64\recvmessage.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\recvmessage.exe |
"TCP Query User{C7146429-73C8-48B2-9819-5789B12CB58A}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{F4A58817-9265-456A-9478-503C74BB29DB}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{2F5B7E28-4D62-47CD-8666-2ABB687A70EC}C:\windows\syswow64\recvmessage.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\recvmessage.exe |
"UDP Query User{3861CD2A-3890-4A01-9D7B-89F3CF15B982}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{C1557251-B91E-46BF-A289-815286708310}C:\windows\syswow64\recvmessage.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\recvmessage.exe |
"UDP Query User{D0FD8B1D-1246-4BCB-9505-1DDEA4ABC436}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{DC45D67B-CA56-4521-A2F7-C187A9326456}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
"UDP Query User{E6E037F0-9D84-49BC-BFB4-5414301CC45E}C:\program files (x86)\phoner\phoner.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"UDP Query User{E9C823FE-259B-4FFB-98A3-F994E6179BC8}C:\program files\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"UDP Query User{EA509B37-59BC-4C23-BA6E-16CDF72CCB33}D:\programme (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=d:\programme (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{FF30972D-6EFC-41EB-9CFB-E121B474E946}D:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1241CE77-0B65-40A0-B893-02EA49E35332}" = HP Officejet Pro 8600 - Grundlegende Software für das Gerät
"{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}" = Dolby Control Center
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4DF1691E-8012-4E7C-89CF-3F7B9146DA6E}" = Studie zur Verbesserung von HP Officejet Pro 8600 Produkten
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb" = Adobe Audition 3.0 Vista Compatibility
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DesktopIconAmazon" = Desktop Icon für Amazon
"FinePrint" = FinePrint
"HitmanPro36" = HitmanPro 3.6
"HWiNFO64_is1" = HWiNFO64 Version 4.00
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.0.2 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"sp6" = Logitech SetPoint 6.32
"VLC media player" = VLC media player 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{0513E822-B785-4E9C-B8C0-4861F5A04D9F}" = capella reader 6.0
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08FB25AA-28D4-475E-883D-2376ED114C90}" = capella 7
"{0D8E6567-7082-48DB-A305-293873AC8B39}_is1" = Preispilot für Firefox
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{107DEB07-0D8C-4E2D-8DEA-1EFCD968F1F1}" = capella 2008
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15e13d3b-4b57-4f68-9ba4-5d86c0931833}" = Pixia
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25819AEA-328B-4F18-A53C-EAAAFFF0DBEF}" = EasyFit
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{30FD541D-3C9D-41C4-B240-A994EE4E0231}" = Adobe Audition CS6
"{31DBA23B-55DA-48F5-B5B4-A031B722F648}" = MagicRotation
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{36415915-0B92-4F82-A240-42D3C14304F0}" = Driver Mender
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B8.0717.01
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0304.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FE2F5A6-8DC6-41B9-84AE-9FB32BCF7C02}" = Natural Color Pro
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}" = Pixia
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.05
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}" = HP Officejet Pro 8600 Hilfe
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller
"{E76FCE6B-9999-4250-8C75-B2DA4AD41268}" = Face_Wizard B08.0908.01
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F308B531-AB20-4A79-8F5E-83071FE5BE60}" = Q-Share Ver.1.1
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"DivX Setup" = DivX-Setup
"DVD Audio Extractor_is1" = DVD Audio Extractor 6.3.0
"G.O.M" = G.O.M
"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)
"HP Photo Creations" = HP Photo Creations
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0304.1
"InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"IsoBuster_is1" = IsoBuster 3.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.9.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Phoner_is1" = Phoner 2.75
"RealPlayer 15.0" = RealPlayer
"TomTom HOME" = TomTom HOME 2.8.4.2596
"UltraISO_is1" = UltraISO Premium V9.52
"VLC media player" = VLC media player 2.0.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FLV Player" = FLV Player
"Video Converter" = Video Converter
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Video Converter" = Video Converter
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.10.2012 18:20:21 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 02.10.2012 13:35:42 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 03.10.2012 08:21:27 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 04.10.2012 03:12:26 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 06.10.2012 08:00:36 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 07.10.2012 08:45:09 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 08.10.2012 16:04:06 | Computer Name = Bovn2012-oben | Source = .NET Runtime | ID = 1022
Description =
Error - 08.10.2012 16:27:54 | Computer Name = Bovn2012-oben | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DivX Plus Player.exe, Version: 10.3.3.16,
Zeitstempel: 0x50180d3e Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.5.0.0,
Zeitstempel: 0x49a6280b Ausnahmecode: 0xc0000005 Fehleroffset: 0x000e1b16 ID des fehlerhaften
Prozesses: 0xe08 Startzeit der fehlerhaften Anwendung: 0x01cda5932a0830bd Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus
Player.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\DivX
Shared\Qt4.5\QtCore4.dll Berichtskennung: a336912b-1186-11e2-bec6-001a4d50d3c5
Error - 08.10.2012 16:45:56 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10.10.2012 10:56:28 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 11.10.2012 05:37:12 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 11.10.2012 02:44:50 | Computer Name = Bovn2012-oben | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
ist ein Fehler aufgetreten.
Error - 11.10.2012 02:44:49 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MagicTune
Error - 11.10.2012 05:45:03 | Computer Name = Bovn2012-oben | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
Firmware verfügbar ist.
Error - 12.10.2012 02:50:59 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7034
Description = Dienst "Google Update Service (gupdate)" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 12.10.2012 02:51:29 | Computer Name = Bovn2012-oben | Source = DCOM | ID = 10010
Description =
Error - 12.10.2012 03:30:58 | Computer Name = Bovn2012-oben | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?12.?10.?2012 um 09:29:52 unerwartet heruntergefahren.
Error - 12.10.2012 03:30:59 | Computer Name = Bovn2012-oben | Source = BugCheck | ID = 1001
Description =
Error - 12.10.2012 03:31:01 | Computer Name = Bovn2012-oben | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
ist ein Fehler aufgetreten.
Error - 12.10.2012 03:31:08 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MagicTune
Error - 12.10.2012 03:35:25 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde nicht
richtig gestartet.
< End of report >
Mit freundlichem Gruß aus der Wesermarsch Bernhard Bahr |
|
16.10.2012, 07:11
| #6 |
| | Redirekt Virus aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-12 08:52:45
-----------------------------
08:52:45.309 OS Version: Windows x64 6.1.7601 Service Pack 1
08:52:45.309 Number of processors: 2 586 0xF0B
08:52:45.309 ComputerName: BOVN2012-OBEN UserName: Berni
08:52:45.590 Initialize success
08:53:40.490 AVAST engine defs: 12101101
08:57:14.079 Disk 0 \Device\Harddisk0\DR0 -> \Device\Scsi\JRAID1Port0Path0Target0Lun0
08:57:14.095 Disk 0 Vendor: WDC_____ 150. Size: 953869MB BusType: 8
08:57:14.095 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
08:57:14.095 Disk 1 Vendor: SAMSUNG_HD403LJ CT100-10 Size: 381553MB BusType: 3
08:57:14.095 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
08:57:14.095 Disk 2 Vendor: Corsair_Force_3_SSD 1.3.3 Size: 114473MB BusType: 3
08:57:14.110 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP1T0L0-1
08:57:14.110 Disk 3 Vendor: Size: 114473MB BusType: 0
08:57:14.110 Disk 2 MBR read successfully
08:57:14.110 Disk 2 MBR scan
08:57:14.126 Disk 2 Windows 7 default MBR code
08:57:14.126 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:57:14.157 Disk 2 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
08:57:14.204 Disk 2 scanning C:\Windows\system32\drivers
08:57:20.163 Service scanning
08:57:38.897 Modules scanning
08:57:38.897 Disk 2 trace - called modules:
08:57:38.907
08:57:39.277 AVAST engine scan C:\Windows
08:57:40.927 AVAST engine scan C:\Windows\system32
09:00:03.686 AVAST engine scan C:\Windows\system32\drivers
09:00:11.127 AVAST engine scan C:\Users\Berni
09:05:11.311 AVAST engine scan C:\ProgramData
09:05:51.418 Scan finished successfully
09:12:57.626 Disk 2 MBR has been saved successfully to "D:\Benutzer\Public\Documents\02 Rechnerinfektionen\2012-10-12\MBR.dat"
09:12:57.898 The log file has been saved successfully to "D:\Benutzer\Public\Documents\02 Rechnerinfektionen\2012-10-12\aswMBR.log"
TDDSKiller (Teil 1): Code:
ATTFilter 14:58:28.0341 3656 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
14:58:28.0590 3656 ============================================================
14:58:28.0590 3656 Current date / time: 2012/10/07 14:58:28.0590
14:58:28.0590 3656 SystemInfo:
14:58:28.0590 3656
14:58:28.0590 3656 OS Version: 6.1.7601 ServicePack: 1.0
14:58:28.0590 3656 Product type: Workstation
14:58:28.0590 3656 ComputerName: BOVN2012-OBEN
14:58:28.0590 3656 UserName: Berni
14:58:28.0590 3656 Windows directory: C:\Windows
14:58:28.0590 3656 System windows directory: C:\Windows
14:58:28.0590 3656 Running under WOW64
14:58:28.0590 3656 Processor architecture: Intel x64
14:58:28.0590 3656 Number of processors: 2
14:58:28.0590 3656 Page size: 0x1000
14:58:28.0590 3656 Boot type: Normal boot
14:58:28.0590 3656 ============================================================
14:58:29.0277 3656 BG loaded
14:58:29.0464 3656 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
14:58:29.0464 3656 Drive \Device\Harddisk1\DR1 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:58:29.0479 3656 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:58:29.0479 3656 Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:58:29.0495 3656 ============================================================
14:58:29.0495 3656 \Device\Harddisk0\DR0:
14:58:29.0495 3656 MBR partitions:
14:58:29.0495 3656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
14:58:29.0495 3656 \Device\Harddisk1\DR1:
14:58:29.0495 3656 MBR partitions:
14:58:29.0495 3656 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E849D80
14:58:29.0495 3656 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E849DFE, BlocksNum 0x100EA002
14:58:29.0495 3656 \Device\Harddisk3\DR3:
14:58:29.0495 3656 MBR partitions:
14:58:29.0495 3656 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
14:58:29.0495 3656 \Device\Harddisk2\DR2:
14:58:29.0495 3656 MBR partitions:
14:58:29.0495 3656 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:58:29.0495 3656 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
14:58:29.0495 3656 ============================================================
14:58:29.0495 3656 C: <-> \Device\Harddisk2\DR2\Partition2
14:58:29.0511 3656 D: <-> \Device\Harddisk0\DR0\Partition1
14:58:29.0511 3656 E: <-> \Device\Harddisk3\DR3\Partition1
14:58:29.0526 3656 F: <-> \Device\Harddisk1\DR1\Partition1
14:58:29.0526 3656 G: <-> \Device\Harddisk1\DR1\Partition2
14:58:29.0526 3656 ============================================================
14:58:29.0526 3656 Initialize success
14:58:29.0526 3656 ============================================================
14:58:38.0773 1480 ============================================================
14:58:38.0773 1480 Scan started
14:58:38.0773 1480 Mode: Manual; SigCheck; TDLFS;
14:58:38.0773 1480 ============================================================
14:58:39.0662 1480 ================ Scan system memory ========================
14:58:39.0662 1480 System memory - ok
14:58:39.0662 1480 ================ Scan services =============================
14:58:39.0709 1480 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:58:39.0912 1480 1394ohci - ok
14:58:39.0990 1480 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:58:40.0005 1480 ACPI - ok
14:58:40.0005 1480 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:58:40.0115 1480 AcpiPmi - ok
14:58:40.0146 1480 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:58:40.0161 1480 AdobeARMservice - ok
14:58:40.0239 1480 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:58:40.0271 1480 AdobeFlashPlayerUpdateSvc - ok
14:58:40.0317 1480 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:58:40.0349 1480 adp94xx - ok
14:58:40.0364 1480 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:58:40.0411 1480 adpahci - ok
14:58:40.0427 1480 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:58:40.0520 1480 adpu320 - ok
14:58:40.0567 1480 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:58:41.0097 1480 AeLookupSvc - ok
14:58:41.0160 1480 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:58:41.0331 1480 AFD - ok
14:58:41.0347 1480 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:58:41.0394 1480 agp440 - ok
14:58:41.0394 1480 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:58:41.0581 1480 ALG - ok
14:58:41.0628 1480 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:58:41.0643 1480 aliide - ok
14:58:41.0643 1480 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:58:41.0659 1480 amdide - ok
14:58:41.0675 1480 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:58:42.0049 1480 AmdK8 - ok
14:58:42.0049 1480 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:58:42.0408 1480 AmdPPM - ok
14:58:42.0408 1480 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:58:42.0486 1480 amdsata - ok
14:58:42.0642 1480 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:58:42.0673 1480 amdsbs - ok
14:58:42.0673 1480 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:58:42.0689 1480 amdxata - ok
14:58:42.0689 1480 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:58:43.0297 1480 AppID - ok
14:58:43.0313 1480 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:58:43.0656 1480 AppIDSvc - ok
14:58:43.0656 1480 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:58:44.0249 1480 Appinfo - ok
14:58:44.0249 1480 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:58:44.0420 1480 AppMgmt - ok
14:58:44.0436 1480 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:58:44.0451 1480 arc - ok
14:58:44.0451 1480 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:58:44.0467 1480 arcsas - ok
14:58:44.0467 1480 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:58:44.0685 1480 AsyncMac - ok
14:58:44.0701 1480 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:58:44.0701 1480 atapi - ok
14:58:44.0717 1480 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:58:45.0013 1480 AudioEndpointBuilder - ok
14:58:45.0013 1480 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:58:45.0075 1480 AudioSrv - ok
14:58:45.0091 1480 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:58:45.0231 1480 AxInstSV - ok
14:58:45.0247 1480 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:58:45.0325 1480 b06bdrv - ok
14:58:45.0341 1480 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:58:45.0434 1480 b57nd60a - ok
14:58:45.0450 1480 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
14:58:45.0465 1480 BBSvc - ok
14:58:45.0465 1480 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
14:58:45.0481 1480 BBUpdate - ok
14:58:45.0481 1480 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:58:45.0621 1480 BDESVC - ok
14:58:45.0621 1480 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:58:45.0699 1480 Beep - ok
14:58:45.0715 1480 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:58:45.0824 1480 BFE - ok
14:58:45.0840 1480 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:58:45.0902 1480 BITS - ok
14:58:45.0902 1480 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:58:45.0949 1480 blbdrive - ok
14:58:45.0949 1480 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:58:45.0980 1480 bowser - ok
14:58:45.0980 1480 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:58:46.0121 1480 BrFiltLo - ok
14:58:46.0121 1480 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:58:46.0183 1480 BrFiltUp - ok
14:58:46.0183 1480 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:58:46.0292 1480 Browser - ok
14:58:46.0292 1480 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:58:46.0417 1480 Brserid - ok
14:58:46.0417 1480 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:58:46.0448 1480 BrSerWdm - ok
14:58:46.0464 1480 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:58:46.0479 1480 BrUsbMdm - ok
14:58:46.0495 1480 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:58:46.0495 1480 BrUsbSer - ok
14:58:46.0511 1480 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:58:46.0526 1480 BTHMODEM - ok
14:58:46.0526 1480 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:58:46.0557 1480 bthserv - ok
14:58:46.0573 1480 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:58:46.0604 1480 cdfs - ok
14:58:46.0604 1480 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:58:46.0620 1480 cdrom - ok
14:58:46.0635 1480 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:58:46.0682 1480 CertPropSvc - ok
14:58:46.0682 1480 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:58:46.0713 1480 circlass - ok
14:58:46.0713 1480 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:58:46.0729 1480 CLFS - ok
14:58:46.0745 1480 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:58:46.0776 1480 clr_optimization_v2.0.50727_32 - ok
14:58:46.0776 1480 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:58:46.0791 1480 clr_optimization_v2.0.50727_64 - ok
14:58:46.0791 1480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:58:46.0807 1480 clr_optimization_v4.0.30319_32 - ok
14:58:46.0823 1480 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:58:46.0838 1480 clr_optimization_v4.0.30319_64 - ok
14:58:46.0854 1480 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:58:46.0901 1480 CmBatt - ok
14:58:46.0901 1480 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:58:46.0916 1480 cmdide - ok
14:58:46.0932 1480 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:58:46.0963 1480 CNG - ok
14:58:46.0963 1480 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:58:46.0979 1480 Compbatt - ok
14:58:46.0994 1480 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:58:47.0025 1480 CompositeBus - ok
14:58:47.0041 1480 COMSysApp - ok
14:58:47.0041 1480 [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
14:58:47.0057 1480 cpudrv64 - ok
14:58:47.0057 1480 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:58:47.0072 1480 crcdisk - ok
14:58:47.0088 1480 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:58:47.0103 1480 CryptSvc - ok
14:58:47.0103 1480 CrystalSysInfo - ok
14:58:47.0119 1480 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:58:47.0166 1480 CSC - ok
14:58:47.0181 1480 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:58:47.0197 1480 CscService - ok
14:58:47.0228 1480 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:58:47.0259 1480 DcomLaunch - ok
14:58:47.0275 1480 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:58:47.0306 1480 defragsvc - ok
14:58:47.0322 1480 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:58:47.0353 1480 DfsC - ok
14:58:47.0369 1480 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:58:47.0400 1480 Dhcp - ok
14:58:47.0400 1480 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:58:47.0447 1480 discache - ok
14:58:47.0447 1480 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:58:47.0462 1480 Disk - ok
14:58:47.0478 1480 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:58:47.0493 1480 Dnscache - ok
14:58:47.0493 1480 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:58:47.0556 1480 dot3svc - ok
14:58:47.0556 1480 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:58:47.0727 1480 DPS - ok
14:58:47.0759 1480 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:58:47.0790 1480 drmkaud - ok
14:58:47.0805 1480 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:58:47.0837 1480 DXGKrnl - ok
14:58:47.0837 1480 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:58:47.0883 1480 EapHost - ok
14:58:47.0930 1480 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:58:48.0008 1480 ebdrv - ok
14:58:48.0008 1480 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:58:48.0086 1480 EFS - ok
14:58:48.0102 1480 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:58:48.0149 1480 ehRecvr - ok
14:58:48.0149 1480 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:58:48.0164 1480 ehSched - ok
14:58:48.0180 1480 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:58:48.0195 1480 elxstor - ok
14:58:48.0211 1480 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:58:48.0242 1480 ErrDev - ok
14:58:48.0258 1480 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:58:48.0289 1480 EventSystem - ok
14:58:48.0289 1480 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:58:48.0336 1480 exfat - ok
14:58:48.0336 1480 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:58:48.0445 1480 fastfat - ok
14:58:48.0445 1480 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:58:48.0523 1480 Fax - ok
14:58:48.0539 1480 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:58:48.0554 1480 fdc - ok
14:58:48.0554 1480 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:58:48.0601 1480 fdPHost - ok
14:58:48.0601 1480 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:58:48.0648 1480 FDResPub - ok
14:58:48.0663 1480 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:58:48.0679 1480 FileInfo - ok
14:58:48.0679 1480 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:58:48.0757 1480 Filetrace - ok
14:58:48.0773 1480 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:58:48.0788 1480 flpydisk - ok
14:58:48.0788 1480 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:58:48.0804 1480 FltMgr - ok
14:58:48.0819 1480 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:58:48.0851 1480 FontCache - ok
14:58:48.0851 1480 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:58:48.0866 1480 FontCache3.0.0.0 - ok
14:58:48.0866 1480 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:58:48.0882 1480 FsDepends - ok
14:58:48.0913 1480 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:58:48.0929 1480 Fs_Rec - ok
14:58:48.0929 1480 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:58:48.0944 1480 fvevol - ok
14:58:48.0960 1480 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:58:48.0960 1480 gagp30kx - ok
14:58:48.0975 1480 [ 6275303610285B57361F03A375062FBA ] gdrv C:\Windows\gdrv.sys
14:58:48.0975 1480 gdrv - ok
14:58:48.0991 1480 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:58:49.0022 1480 gpsvc - ok
14:58:49.0038 1480 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:49.0053 1480 gupdate - ok
14:58:49.0053 1480 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:49.0069 1480 gupdatem - ok
14:58:49.0069 1480 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:58:49.0085 1480 gusvc - ok
14:58:49.0085 1480 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
14:58:49.0100 1480 GVTDrv64 - ok
14:58:49.0100 1480 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:58:49.0116 1480 hcw85cir - ok
14:58:49.0131 1480 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:58:49.0147 1480 HdAudAddService - ok
14:58:49.0163 1480 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:58:49.0178 1480 HDAudBus - ok
14:58:49.0178 1480 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:58:49.0194 1480 HidBatt - ok
14:58:49.0209 1480 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:58:49.0241 1480 HidBth - ok
14:58:49.0241 1480 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:58:49.0272 1480 HidIr - ok
14:58:49.0272 1480 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:58:49.0319 1480 hidserv - ok
14:58:49.0319 1480 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:58:49.0334 1480 HidUsb - ok
14:58:49.0350 1480 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\Windows\system32\drivers\hitmanpro36.sys
14:58:49.0365 1480 hitmanpro36 - ok
14:58:49.0365 1480 [ 0926C3B5CBF64C88F432FF449B211807 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
14:58:49.0381 1480 HitmanProScheduler - ok
14:58:49.0397 1480 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:58:49.0443 1480 hkmsvc - ok
14:58:49.0443 1480 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:58:49.0459 1480 HomeGroupListener - ok
14:58:49.0475 1480 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:58:49.0490 1480 HomeGroupProvider - ok
14:58:49.0490 1480 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:58:49.0506 1480 HpSAMD - ok
14:58:49.0506 1480 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:58:49.0553 1480 HTTP - ok
14:58:49.0553 1480 [ F78FF50C486D530504B7D2BB36B1ED22 ] HWiNFO32 C:\Program Files\HWiNFO64\HWiNFO64A.SYS
14:58:49.0568 1480 HWiNFO32 - ok
14:58:49.0568 1480 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:58:49.0584 1480 hwpolicy - ok
14:58:49.0584 1480 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:58:49.0599 1480 i8042prt - ok
14:58:49.0615 1480 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:58:49.0631 1480 iaStorV - ok
14:58:49.0646 1480 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:58:49.0677 1480 idsvc - ok
14:58:49.0677 1480 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:58:49.0693 1480 iirsp - ok
14:58:49.0693 1480 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:58:49.0740 1480 IKEEXT - ok
14:58:49.0802 1480 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:58:49.0849 1480 IntcAzAudAddService - ok
14:58:49.0865 1480 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:58:49.0880 1480 intelide - ok
14:58:49.0880 1480 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:58:49.0896 1480 intelppm - ok
14:58:49.0911 1480 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:58:49.0974 1480 IPBusEnum - ok
14:58:49.0974 1480 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:58:50.0021 1480 IpFilterDriver - ok
14:58:50.0021 1480 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:58:50.0067 1480 iphlpsvc - ok
14:58:50.0067 1480 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:58:50.0099 1480 IPMIDRV - ok
14:58:50.0099 1480 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:58:50.0145 1480 IPNAT - ok
14:58:50.0145 1480 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:58:50.0192 1480 IRENUM - ok
14:58:50.0208 1480 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:58:50.0223 1480 isapnp - ok
14:58:50.0223 1480 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:58:50.0239 1480 iScsiPrt - ok
14:58:50.0255 1480 [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys
14:58:50.0255 1480 ISODrive - ok
14:58:50.0270 1480 [ C0D9BA660A41EE8A269EF804E6CD0D7B ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
14:58:50.0270 1480 JRAID - ok
14:58:50.0286 1480 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:58:50.0286 1480 kbdclass - ok
14:58:50.0301 1480 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:58:50.0301 1480 kbdhid - ok
14:58:50.0317 1480 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:58:50.0333 1480 KeyIso - ok
14:58:50.0333 1480 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:58:50.0348 1480 KSecDD - ok
14:58:50.0348 1480 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:58:50.0364 1480 KSecPkg - ok
14:58:50.0364 1480 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:58:50.0395 1480 ksthunk - ok
14:58:50.0411 1480 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:58:50.0442 1480 KtmRm - ok
14:58:50.0457 1480 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:58:50.0489 1480 LanmanServer - ok
14:58:50.0489 1480 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:58:50.0520 1480 LanmanWorkstation - ok
14:58:50.0535 1480 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:58:50.0551 1480 LBTServ - ok
14:58:50.0551 1480 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:58:50.0567 1480 LHidFilt - ok
14:58:50.0567 1480 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:58:50.0598 1480 lltdio - ok
14:58:50.0613 1480 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:58:50.0645 1480 lltdsvc - ok
14:58:50.0645 1480 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:58:50.0676 1480 lmhosts - ok
14:58:50.0691 1480 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:58:50.0691 1480 LMouFilt - ok
14:58:50.0707 1480 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:58:50.0723 1480 LSI_FC - ok
14:58:50.0723 1480 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:58:50.0738 1480 LSI_SAS - ok
14:58:50.0754 1480 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:58:50.0754 1480 LSI_SAS2 - ok
14:58:50.0769 1480 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:58:50.0785 1480 LSI_SCSI - ok
14:58:50.0785 1480 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:58:50.0816 1480 luafv - ok
14:58:50.0816 1480 [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] Magic Tune C:\Windows\system32\Drivers\MtiCtwl.sys
14:58:50.0832 1480 Magic Tune - ok
14:58:50.0832 1480 [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] MagicTune C:\Windows\system32\drivers\MTiCtwl.sys
14:58:50.0832 1480 MagicTune - ok
14:58:50.0847 1480 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:58:50.0847 1480 MBAMProtector - ok
14:58:50.0863 1480 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:58:50.0879 1480 MBAMScheduler - ok
14:58:50.0879 1480 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:58:50.0910 1480 MBAMService - ok
14:58:50.0910 1480 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:58:50.0925 1480 Mcx2Svc - ok
14:58:50.0925 1480 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:58:50.0941 1480 megasas - ok
14:58:50.0957 1480 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:58:50.0957 1480 MegaSR - ok
14:58:50.0972 1480 Microsoft SharePoint Workspace Audit Service - ok
14:58:50.0972 1480 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:58:51.0003 1480 MMCSS - ok
14:58:51.0019 1480 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:58:51.0050 1480 Modem - ok
14:58:51.0050 1480 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:58:51.0066 1480 monitor - ok
14:58:51.0081 1480 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:58:51.0081 1480 mouclass - ok
14:58:51.0097 1480 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:58:51.0097 1480 mouhid - ok
14:58:51.0113 1480 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:58:51.0113 1480 mountmgr - ok
14:58:51.0128 1480 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:58:51.0128 1480 MozillaMaintenance - ok
14:58:51.0144 1480 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:58:51.0159 1480 MpFilter - ok
14:58:51.0159 1480 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:58:51.0175 1480 mpio - ok
14:58:51.0175 1480 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:58:51.0206 1480 mpsdrv - ok
14:58:51.0222 1480 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:58:51.0253 1480 MpsSvc - ok
14:58:51.0269 1480 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:58:51.0284 1480 MRxDAV - ok
14:58:51.0284 1480 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:58:51.0300 1480 mrxsmb - ok
14:58:51.0315 1480 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:58:51.0315 1480 mrxsmb10 - ok
14:58:51.0331 1480 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:58:51.0331 1480 mrxsmb20 - ok
14:58:51.0347 1480 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:58:51.0347 1480 msahci - ok
14:58:51.0362 1480 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:58:51.0378 1480 msdsm - ok
14:58:51.0378 1480 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:58:51.0393 1480 MSDTC - ok
14:58:51.0393 1480 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:58:51.0425 1480 Msfs - ok
14:58:51.0440 1480 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:58:51.0471 1480 mshidkmdf - ok
14:58:51.0471 1480 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:58:51.0518 1480 msisadrv - ok
14:58:51.0534 1480 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:58:51.0565 1480 MSiSCSI - ok
14:58:51.0565 1480 msiserver - ok
14:58:51.0581 1480 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:58:51.0612 1480 MSKSSRV - ok
14:58:51.0612 1480 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:58:51.0627 1480 MsMpSvc - ok
14:58:51.0627 1480 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:58:51.0659 1480 MSPCLOCK - ok
14:58:51.0674 1480 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:58:51.0705 1480 MSPQM - ok
14:58:51.0705 1480 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:58:51.0721 1480 MsRPC - ok
14:58:51.0737 1480 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:58:51.0737 1480 mssmbios - ok
14:58:51.0752 1480 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:58:51.0783 1480 MSTEE - ok
14:58:51.0783 1480 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:58:51.0799 1480 MTConfig - ok
14:58:51.0799 1480 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:58:51.0815 1480 Mup - ok
14:58:51.0815 1480 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:58:51.0846 1480 napagent - ok
14:58:51.0861 1480 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:58:51.0877 1480 NativeWifiP - ok
14:58:51.0893 1480 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:58:51.0908 1480 NAUpdate - ok
14:58:51.0924 1480 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:58:51.0939 1480 NDIS - ok
14:58:51.0955 1480 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:58:51.0986 1480 NdisCap - ok
14:58:51.0986 1480 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:58:52.0017 1480 NdisTapi - ok
14:58:52.0017 1480 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:58:52.0049 1480 Ndisuio - ok
14:58:52.0064 1480 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:58:52.0095 1480 NdisWan - ok
14:58:52.0095 1480 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:58:52.0127 1480 NDProxy - ok
14:58:52.0127 1480 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:58:52.0158 1480 NetBIOS - ok
14:58:52.0158 1480 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:58:52.0189 1480 NetBT - ok
14:58:52.0205 1480 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:58:52.0205 1480 Netlogon - ok
14:58:52.0220 1480 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:58:52.0251 1480 Netman - ok
14:58:52.0251 1480 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:58:52.0298 1480 netprofm - ok
14:58:52.0298 1480 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:58:52.0314 1480 NetTcpPortSharing - ok
14:58:52.0314 1480 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:58:52.0329 1480 nfrd960 - ok
14:58:52.0329 1480 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:58:52.0345 1480 NisDrv - ok
14:58:52.0361 1480 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
14:58:52.0376 1480 NisSrv - ok
14:58:52.0392 1480 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:58:52.0423 1480 NlaSvc - ok
14:58:52.0423 1480 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:58:52.0454 1480 Npfs - ok
14:58:52.0454 1480 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:58:52.0485 1480 nsi - ok
14:58:52.0501 1480 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:58:52.0532 1480 nsiproxy - ok
14:58:52.0548 1480 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:58:52.0595 1480 Ntfs - ok
14:58:52.0595 1480 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:58:52.0641 1480 Null - ok
14:58:53.0094 1480 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:58:53.0297 1480 nvlddmkm - ok
14:58:53.0297 1480 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:58:53.0312 1480 nvraid - ok
14:58:53.0312 1480 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:58:53.0343 1480 nvstor - ok
14:58:53.0375 1480 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe
14:58:53.0390 1480 nvsvc - ok
14:58:53.0421 1480 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:58:53.0453 1480 nvUpdatusService - ok
14:58:53.0468 1480 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:58:53.0484 1480 nv_agp - ok
14:58:53.0484 1480 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:58:53.0499 1480 ohci1394 - ok
14:58:53.0515 1480 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:58:53.0515 1480 ose - ok
14:58:53.0593 1480 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:58:53.0687 1480 osppsvc - ok
14:58:53.0702 1480 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:58:53.0702 1480 p2pimsvc - ok
14:58:53.0718 1480 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:58:53.0733 1480 p2psvc - ok
14:58:53.0733 1480 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:58:53.0765 1480 Parport - ok
14:58:53.0765 1480 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:58:53.0780 1480 partmgr - ok
14:58:53.0780 1480 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:58:53.0796 1480 PcaSvc - ok
14:58:53.0796 1480 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:58:53.0811 1480 pci - ok
14:58:53.0827 1480 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:58:53.0827 1480 pciide - ok
14:58:53.0843 1480 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:58:53.0843 1480 pcmcia - ok
14:58:53.0858 1480 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:58:53.0858 1480 pcw - ok
14:58:53.0874 1480 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:58:53.0905 1480 PEAUTH - ok
14:58:53.0921 1480 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:58:53.0952 1480 PeerDistSvc - ok
14:58:53.0983 1480 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:58:53.0999 1480 PerfHost - ok
14:58:53.0999 1480 pfc - ok
14:58:54.0030 1480 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:58:54.0061 1480 pla - ok
14:58:54.0077 1480 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:58:54.0092 1480 PlugPlay - ok
14:58:54.0092 1480 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:58:54.0108 1480 PNRPAutoReg - ok
14:58:54.0108 1480 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:58:54.0123 1480 PNRPsvc - ok
14:58:54.0139 1480 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:58:54.0170 1480 PolicyAgent - ok
14:58:54.0186 1480 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:58:54.0217 1480 Power - ok
14:58:54.0217 1480 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:58:54.0264 1480 PptpMiniport - ok
14:58:54.0264 1480 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:58:54.0279 1480 Processor - ok
14:58:54.0279 1480 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:58:54.0295 1480 ProfSvc - ok
14:58:54.0311 1480 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:58:54.0311 1480 ProtectedStorage - ok
14:58:54.0326 1480 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:58:54.0342 1480 Psched - ok
14:58:54.0357 1480 [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:58:54.0357 1480 PxHlpa64 - ok
14:58:54.0389 1480 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:58:54.0420 1480 ql2300 - ok
14:58:54.0420 1480 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:58:54.0435 1480 ql40xx - ok
14:58:54.0435 1480 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:58:54.0451 1480 QWAVE - ok
14:58:54.0467 1480 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:58:54.0482 1480 QWAVEdrv - ok
14:58:54.0482 1480 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:58:54.0513 1480 RasAcd - ok
14:58:54.0513 1480 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:58:54.0545 1480 RasAgileVpn - ok
14:58:54.0545 1480 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:58:54.0576 1480 RasAuto - ok
14:58:54.0591 1480 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:58:54.0607 1480 Rasl2tp - ok
14:58:54.0623 1480 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:58:54.0654 1480 RasMan - ok
14:58:54.0669 1480 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:58:54.0701 1480 RasPppoe - ok
14:58:54.0701 1480 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:58:54.0732 1480 RasSstp - ok
14:58:54.0732 1480 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:58:54.0763 1480 rdbss - ok
14:58:54.0779 1480 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:58:54.0794 1480 rdpbus - ok
14:58:54.0794 1480 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:58:54.0825 1480 RDPCDD - ok
14:58:54.0825 1480 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:58:54.0841 1480 RDPDR - ok
14:58:54.0841 1480 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:58:54.0872 1480 RDPENCDD - ok
14:58:54.0888 1480 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:58:54.0919 1480 RDPREFMP - ok
14:58:54.0919 1480 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:58:54.0966 1480 RdpVideoMiniport - ok
14:58:54.0966 1480 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:58:54.0981 1480 RDPWD - ok
14:58:54.0997 1480 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:58:55.0013 1480 rdyboost - ok
14:58:55.0013 1480 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:58:55.0044 1480 RemoteAccess - ok
14:58:55.0059 1480 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:58:55.0091 1480 RemoteRegistry - ok
14:58:55.0091 1480 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:58:55.0122 1480 RpcEptMapper - ok
14:58:55.0122 1480 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:58:55.0137 1480 RpcLocator - ok
14:58:55.0153 1480 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:58:55.0184 1480 RpcSs - ok
14:58:55.0184 1480 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:58:55.0215 1480 rspndr - ok
14:58:55.0231 1480 [ BD9BA262CF26EFE9A9867EBE32D12164 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:58:55.0247 1480 RTL8167 - ok
14:58:55.0247 1480 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:58:55.0262 1480 s3cap - ok
14:58:55.0278 1480 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:58:55.0278 1480 SamSs - ok
14:58:55.0293 1480 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:58:55.0293 1480 sbp2port - ok
14:58:55.0309 1480 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:58:55.0340 1480 SBSDWSCService - ok
14:58:55.0340 1480 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:58:55.0387 1480 SCardSvr - ok
14:58:55.0387 1480 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:58:55.0418 1480 scfilter - ok
14:58:55.0434 1480 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:58:55.0465 1480 Schedule - ok
14:58:55.0481 1480 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:58:55.0512 1480 SCPolicySvc - ok
14:58:55.0512 1480 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:58:55.0527 1480 SDRSVC - ok
14:58:55.0527 1480 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:58:55.0559 1480 secdrv - ok
14:58:55.0559 1480 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:58:55.0590 1480 seclogon - ok
14:58:55.0605 1480 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:58:55.0637 1480 SENS - ok
14:58:55.0637 1480 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:58:55.0652 1480 SensrSvc - ok
14:58:55.0652 1480 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:58:55.0668 1480 Serenum - ok
14:58:55.0668 1480 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:58:55.0683 1480 Serial - ok
14:58:55.0683 1480 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:58:55.0699 1480 sermouse - ok
14:58:55.0715 1480 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:58:55.0730 1480 SessionEnv - ok
14:58:55.0746 1480 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:58:55.0746 1480 sffdisk - ok
14:58:55.0761 1480 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:58:55.0761 1480 sffp_mmc - ok
14:58:55.0777 1480 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:58:55.0793 1480 sffp_sd - ok
14:58:55.0793 1480 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:58:55.0808 1480 sfloppy - ok
14:58:55.0808 1480 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:58:55.0839 1480 SharedAccess - ok
14:58:55.0855 1480 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:58:55.0886 1480 ShellHWDetection - ok
14:58:55.0886 1480 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:58:55.0902 1480 SiSRaid2 - ok
14:58:55.0902 1480 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:58:55.0917 1480 SiSRaid4 - ok
14:58:55.0917 1480 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:58:55.0949 1480 Smb - ok
14:58:55.0949 1480 [ CA62AE004E98374BF7F082CD765EEA02 ] SNMP C:\Windows\System32\snmp.exe
14:58:55.0980 1480 SNMP - ok
14:58:55.0980 1480 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:58:55.0995 1480 SNMPTRAP - ok
14:58:55.0995 1480 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:58:56.0011 1480 spldr - ok
14:58:56.0011 1480 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:58:56.0042 1480 Spooler - ok
14:58:56.0089 1480 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:58:56.0151 1480 sppsvc - ok
14:58:56.0151 1480 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:58:56.0183 1480 sppuinotify - ok
14:58:56.0198 1480 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:58:56.0214 1480 srv - ok
14:58:56.0214 1480 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:58:56.0229 1480 srv2 - ok
14:58:56.0245 1480 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:58:56.0245 1480 srvnet - ok
14:58:56.0261 1480 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:58:56.0292 1480 SSDPSRV - ok
14:58:56.0292 1480 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:58:56.0323 1480 SstpSvc - ok
14:58:56.0323 1480 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:58:56.0339 1480 Stereo Service - ok
14:58:56.0354 1480 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:58:56.0354 1480 stexstor - ok
14:58:56.0370 1480 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:58:56.0370 1480 StillCam - ok
14:58:56.0385 1480 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:58:56.0401 1480 stisvc - ok
14:58:56.0417 1480 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:58:56.0417 1480 storflt - ok
14:58:56.0432 1480 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:58:56.0432 1480 storvsc - ok
14:58:56.0448 1480 [ 85BF0B7CE3D9B6D1611E05872E1C3E56 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
14:58:56.0448 1480 SWDUMon - ok
14:58:56.0448 1480 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:58:56.0463 1480 swenum - ok
14:58:56.0479 1480 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:58:56.0510 1480 swprv - ok
14:58:56.0510 1480 Synth3dVsc - ok
14:58:56.0526 1480 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:58:56.0557 1480 SysMain - ok
14:58:56.0573 1480 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:58:56.0588 1480 TabletInputService - ok
14:58:56.0588 1480 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:58:56.0619 1480 TapiSrv - ok
14:58:56.0619 1480 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:58:56.0651 1480 TBS - ok
14:58:56.0682 1480 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:58:56.0713 1480 Tcpip - ok
14:58:56.0729 1480 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:58:56.0760 1480 TCPIP6 - ok
14:58:56.0775 1480 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:58:56.0807 1480 tcpipreg - ok
14:58:56.0807 1480 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:58:56.0822 1480 TDPIPE - ok
14:58:56.0822 1480 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:58:56.0838 1480 TDTCP - ok
14:58:56.0853 1480 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:58:56.0885 1480 tdx - ok
14:58:56.0885 1480 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:58:56.0900 1480 TermDD - ok
14:58:56.0916 1480 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:58:56.0947 1480 TermService - ok
14:58:56.0947 1480 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:58:56.0963 1480 Themes - ok
14:58:56.0978 1480 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:58:57.0009 1480 THREADORDER - ok
14:58:57.0009 1480 [ 83682F469A3D65E8B6F06C28212318BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
14:58:57.0025 1480 TomTomHOMEService - ok
14:58:57.0025 1480 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:58:57.0072 1480 TrkWks - ok
14:58:57.0072 1480 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:58:57.0103 1480 TrustedInstaller - ok
14:58:57.0119 1480 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:58:57.0150 1480 tssecsrv - ok
14:58:57.0150 1480 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:58:57.0165 1480 TsUsbFlt - ok
14:58:57.0165 1480 tsusbhub - ok
14:58:57.0165 1480 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:58:57.0197 1480 tunnel - ok
14:58:57.0212 1480 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:58:57.0212 1480 uagp35 - ok
14:58:57.0228 1480 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:58:57.0259 1480 udfs - ok
14:58:57.0259 1480 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:58:57.0275 1480 UI0Detect - ok
14:58:57.0290 1480 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:58:57.0290 1480 uliagpkx - ok
14:58:57.0306 1480 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:58:57.0306 1480 umbus - ok
14:58:57.0321 1480 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:58:57.0321 1480 UmPass - ok
14:58:57.0337 1480 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:58:57.0337 1480 UmRdpService - ok
14:58:57.0353 1480 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:58:57.0384 1480 upnphost - ok
14:58:57.0384 1480 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:58:57.0399 1480 usbccgp - ok
14:58:57.0399 1480 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:58:57.0446 1480 usbcir - ok
14:58:57.0446 1480 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:58:57.0462 1480 usbehci - ok
14:58:57.0462 1480 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:58:57.0477 1480 usbhub - ok
14:58:57.0493 1480 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:58:57.0493 1480 usbohci - ok
14:58:57.0509 1480 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:58:57.0509 1480 usbprint - ok
14:58:57.0524 1480 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:58:57.0524 1480 USBSTOR - ok
14:58:57.0540 1480 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:58:57.0540 1480 usbuhci - ok
14:58:57.0555 1480 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:58:57.0587 1480 UxSms - ok
14:58:57.0587 1480 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:58:57.0602 1480 VaultSvc - ok
14:58:57.0602 1480 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:58:57.0618 1480 vdrvroot - ok
14:58:57.0618 1480 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:58:57.0649 1480 vds - ok
14:58:57.0665 1480 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:58:57.0680 1480 vga - ok
14:58:57.0680 1480 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:58:57.0711 1480 VgaSave - ok
14:58:57.0711 1480 VGPU - ok
14:58:57.0711 1480 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:58:57.0727 1480 vhdmp - ok
14:58:57.0727 1480 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:58:57.0743 1480 viaide - ok
14:58:57.0758 1480 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:58:57.0774 1480 vmbus - ok
14:58:57.0774 1480 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:58:57.0789 1480 VMBusHID - ok
14:58:57.0789 1480 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:58:57.0805 1480 volmgr - ok
14:58:57.0805 1480 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:58:57.0821 1480 volmgrx - ok
14:58:57.0836 1480 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:58:57.0852 1480 volsnap - ok
14:58:57.0852 1480 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:58:57.0867 1480 vsmraid - ok
14:58:57.0883 1480 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:58:57.0930 1480 VSS - ok
14:58:57.0930 1480 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:58:57.0945 1480 vwifibus - ok
14:58:57.0961 1480 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:58:57.0992 1480 W32Time - ok
14:58:58.0008 1480 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:58:58.0023 1480 WacomPen - ok
14:58:58.0023 1480 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:58:58.0055 1480 WANARP - ok
14:58:58.0055 1480 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:58:58.0086 1480 Wanarpv6 - ok
14:58:58.0148 1480 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:58:58.0164 1480 wbengine - ok
14:58:58.0179 1480 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:58:58.0195 1480 WbioSrvc - ok
14:58:58.0195 1480 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:58:58.0226 1480 wcncsvc - ok
14:58:58.0226 1480 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:58:58.0242 1480 WcsPlugInService - ok
14:58:58.0242 1480 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:58:58.0257 1480 Wd - ok
14:58:58.0273 1480 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:58:58.0289 1480 Wdf01000 - ok
14:58:58.0351 1480 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:58:58.0382 1480 WdiServiceHost - ok
14:58:58.0382 1480 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:58:58.0398 1480 WdiSystemHost - ok
14:58:58.0413 1480 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:58:58.0429 1480 WebClient - ok
14:58:58.0429 1480 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:58:58.0460 1480 Wecsvc - ok
14:58:58.0476 1480 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:58:58.0507 1480 wercplsupport - ok
14:58:58.0507 1480 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:58:58.0538 1480 WerSvc - ok
14:58:58.0538 1480 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:58:58.0569 1480 WfpLwf - ok
14:58:58.0569 1480 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:58:58.0585 1480 WIMMount - ok
14:58:58.0585 1480 WinDefend - ok
14:58:58.0585 1480 WinHttpAutoProxySvc - ok
14:58:58.0601 1480 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:58:58.0632 1480 Winmgmt - ok
14:58:58.0663 1480 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:58:58.0710 1480 WinRM - ok
14:58:58.0725 1480 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:58:58.0741 1480 Wlansvc - ok
14:58:58.0757 1480 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:58:58.0757 1480 WmiAcpi - ok
14:58:58.0772 1480 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:58:58.0788 1480 wmiApSrv - ok
14:58:58.0803 1480 WMPNetworkSvc - ok
14:58:58.0803 1480 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:58:58.0835 1480 WPCSvc - ok
14:58:58.0835 1480 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:58:58.0850 1480 WPDBusEnum - ok
14:58:58.0850 1480 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:58:58.0881 1480 ws2ifsl - ok
14:58:58.0897 1480 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:58:58.0913 1480 wscsvc - ok
14:58:58.0913 1480 WSearch - ok
14:58:58.0944 1480 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:58:58.0991 1480 wuauserv - ok
14:58:58.0991 1480 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:58:59.0037 1480 WudfPf - ok
14:58:59.0037 1480 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:58:59.0084 1480 WUDFRd - ok
14:58:59.0084 1480 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:58:59.0115 1480 wudfsvc - ok
14:58:59.0131 1480 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:58:59.0147 1480 WwanSvc - ok
14:58:59.0162 1480 ================ Scan global ===============================
14:58:59.0162 1480 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:58:59.0162 1480 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:58:59.0178 1480 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:58:59.0178 1480 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:58:59.0193 1480 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:58:59.0193 1480 [Global] - ok
14:58:59.0193 1480 ================ Scan MBR ==================================
14:58:59.0193 1480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:58:59.0271 1480 \Device\Harddisk0\DR0 - ok
14:58:59.0287 1480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:58:59.0349 1480 \Device\Harddisk1\DR1 - ok
14:58:59.0349 1480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
14:58:59.0427 1480 \Device\Harddisk3\DR3 - ok
14:58:59.0443 1480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:58:59.0537 1480 \Device\Harddisk2\DR2 - ok
14:58:59.0537 1480 ================ Scan VBR ==================================
14:58:59.0537 1480 [ 29FB53A7CC8401A708E5902AA427718F ] \Device\Harddisk0\DR0\Partition1
14:58:59.0537 1480 \Device\Harddisk0\DR0\Partition1 - ok
14:58:59.0537 1480 [ 8DA172A4F7B57A999CF81C9E0A158A51 ] \Device\Harddisk1\DR1\Partition1
14:58:59.0537 1480 \Device\Harddisk1\DR1\Partition1 - ok
14:58:59.0552 1480 [ 936E936BC85BDB2D99B321D5919912C7 ] \Device\Harddisk1\DR1\Partition2
14:58:59.0552 1480 \Device\Harddisk1\DR1\Partition2 - ok
14:58:59.0552 1480 [ CA534017603C7704E5C2FBB4AF9CEFED ] \Device\Harddisk3\DR3\Partition1
14:58:59.0552 1480 \Device\Harddisk3\DR3\Partition1 - ok
14:58:59.0552 1480 [ EA1C3F098A806E1C9C8B446F2FF2D668 ] \Device\Harddisk2\DR2\Partition1
14:58:59.0552 1480 \Device\Harddisk2\DR2\Partition1 - ok
14:58:59.0552 1480 [ 25720FB50BD64E3924E761D611A49B4D ] \Device\Harddisk2\DR2\Partition2
14:58:59.0552 1480 \Device\Harddisk2\DR2\Partition2 - ok
14:58:59.0552 1480 ================ Scan active images ========================
14:58:59.0568 1480 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
14:58:59.0568 1480 C:\Windows\System32\drivers\crashdmp.sys - ok
14:58:59.0568 1480 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
14:58:59.0568 1480 C:\Windows\System32\drivers\atapi.sys - ok
14:58:59.0568 1480 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
14:58:59.0568 1480 C:\Windows\System32\drivers\Dumpata.sys - ok
14:58:59.0568 1480 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
14:58:59.0568 1480 C:\Windows\System32\drivers\dumpfve.sys - ok
14:58:59.0583 1480 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
14:58:59.0583 1480 C:\Windows\System32\drivers\beep.sys - ok
14:58:59.0583 1480 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
14:58:59.0583 1480 C:\Windows\System32\drivers\cdrom.sys - ok
14:58:59.0583 1480 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
14:58:59.0583 1480 C:\Windows\System32\drivers\null.sys - ok
14:58:59.0583 1480 [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] C:\Windows\System32\drivers\MTiCtwl.sys
14:58:59.0583 1480 C:\Windows\System32\drivers\MTiCtwl.sys - ok
14:58:59.0599 1480 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
14:58:59.0599 1480 C:\Windows\System32\drivers\vga.sys - ok
14:58:59.0599 1480 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
14:58:59.0599 1480 C:\Windows\System32\drivers\videoprt.sys - ok
14:58:59.0599 1480 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
14:58:59.0599 1480 C:\Windows\System32\drivers\watchdog.sys - ok
14:58:59.0615 1480 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
14:58:59.0615 1480 C:\Windows\System32\drivers\msfs.sys - ok
14:58:59.0615 1480 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
14:58:59.0615 1480 C:\Windows\System32\drivers\RDPCDD.sys - ok
14:58:59.0615 1480 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
14:58:59.0615 1480 C:\Windows\System32\drivers\RDPENCDD.sys - ok
14:58:59.0615 1480 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
14:58:59.0615 1480 C:\Windows\System32\drivers\RDPREFMP.sys - ok
14:58:59.0630 1480 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
14:58:59.0630 1480 C:\Windows\System32\drivers\npfs.sys - ok
14:58:59.0630 1480 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
14:58:59.0630 1480 C:\Windows\System32\drivers\tdi.sys - ok
14:58:59.0630 1480 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
14:58:59.0630 1480 C:\Windows\System32\drivers\tdx.sys - ok
14:58:59.0630 1480 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
14:58:59.0630 1480 C:\Windows\System32\drivers\afd.sys - ok
14:58:59.0646 1480 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
14:58:59.0646 1480 C:\Windows\System32\drivers\netbt.sys - ok
14:58:59.0646 1480 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
14:58:59.0646 1480 C:\Windows\System32\drivers\netbios.sys - ok
14:58:59.0646 1480 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
14:58:59.0646 1480 C:\Windows\System32\drivers\pacer.sys - ok
14:58:59.0661 1480 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
14:58:59.0661 1480 C:\Windows\System32\drivers\wfplwf.sys - ok
14:58:59.0661 1480 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
14:58:59.0661 1480 C:\Windows\System32\drivers\serial.sys - ok
14:58:59.0661 1480 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
14:58:59.0661 1480 C:\Windows\System32\drivers\termdd.sys - ok
14:58:59.0661 1480 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
14:58:59.0661 1480 C:\Windows\System32\drivers\wanarp.sys - ok
14:58:59.0677 1480 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
14:58:59.0677 1480 C:\Windows\System32\drivers\mssmbios.sys - ok
14:58:59.0677 1480 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
14:58:59.0677 1480 C:\Windows\System32\drivers\nsiproxy.sys - ok
14:58:59.0677 1480 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
14:58:59.0677 1480 C:\Windows\System32\drivers\rdbss.sys - ok
14:58:59.0693 1480 [ 9C6F3F69163133FB8E56AC4A6E163452 ] D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys
14:58:59.0693 1480 D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys - ok
14:58:59.0693 1480 [ F78FF50C486D530504B7D2BB36B1ED22 ] C:\Program Files\HWiNFO64\HWiNFO64A.SYS
14:58:59.0693 1480 C:\Program Files\HWiNFO64\HWiNFO64A.SYS - ok
14:58:59.0693 1480 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
14:58:59.0693 1480 C:\Windows\System32\drivers\discache.sys - ok
14:58:59.0693 1480 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
14:58:59.0693 1480 C:\Windows\System32\drivers\csc.sys - ok
14:58:59.0708 1480 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
14:58:59.0708 1480 C:\Windows\System32\drivers\blbdrive.sys - ok
14:58:59.0708 1480 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
14:58:59.0708 1480 C:\Windows\System32\drivers\dfsc.sys - ok
14:58:59.0708 1480 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
14:58:59.0708 1480 C:\Windows\System32\drivers\intelppm.sys - ok
14:58:59.0724 1480 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
14:58:59.0724 1480 C:\Windows\System32\drivers\tunnel.sys - ok
14:58:59.0724 1480 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
14:58:59.0724 1480 C:\Windows\System32\ntdll.dll - ok
14:58:59.0724 1480 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
14:58:59.0724 1480 C:\Windows\System32\smss.exe - ok
14:58:59.0724 1480 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
14:58:59.0724 1480 C:\Windows\System32\autochk.exe - ok
14:58:59.0739 1480 [ BF7A24A71E1932200D864BC1CE15E596 ] C:\Windows\System32\drivers\nvlddmkm.sys
14:58:59.0739 1480 C:\Windows\System32\drivers\nvlddmkm.sys - ok
14:58:59.0739 1480 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
14:58:59.0739 1480 C:\Windows\System32\drivers\dxgkrnl.sys - ok
14:58:59.0739 1480 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
14:58:59.0739 1480 C:\Windows\System32\drivers\dxgmms1.sys - ok
14:58:59.0739 1480 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
14:58:59.0739 1480 C:\Windows\System32\drivers\hdaudbus.sys - ok
14:58:59.0755 1480 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
14:58:59.0755 1480 C:\Windows\System32\drivers\usbehci.sys - ok
14:58:59.0755 1480 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
14:58:59.0755 1480 C:\Windows\System32\drivers\usbport.sys - ok
14:58:59.0755 1480 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
14:58:59.0755 1480 C:\Windows\System32\drivers\usbuhci.sys - ok
14:58:59.0755 1480 [ D765D19CD8EF61F650C384F62FAC00AB ] C:\Windows\System32\drivers\fdc.sys
14:58:59.0755 1480 C:\Windows\System32\drivers\fdc.sys - ok
14:58:59.0771 1480 [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
14:58:59.0771 1480 C:\Windows\System32\drivers\parport.sys - ok
14:58:59.0771 1480 [ BD9BA262CF26EFE9A9867EBE32D12164 ] C:\Windows\System32\drivers\Rt64win7.sys
14:58:59.0771 1480 C:\Windows\System32\drivers\Rt64win7.sys - ok
14:58:59.0771 1480 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
14:58:59.0771 1480 C:\Windows\System32\drivers\serenum.sys - ok
14:58:59.0786 1480 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
14:58:59.0786 1480 C:\Windows\System32\drivers\agilevpn.sys - ok
14:58:59.0786 1480 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
14:58:59.0786 1480 C:\Windows\System32\drivers\CompositeBus.sys - ok
14:58:59.0786 1480 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
14:58:59.0786 1480 C:\Windows\System32\drivers\ndistapi.sys - ok
14:58:59.0786 1480 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
14:58:59.0786 1480 C:\Windows\System32\drivers\rasl2tp.sys - ok
14:58:59.0802 1480 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
14:58:59.0802 1480 C:\Windows\System32\drivers\ndiswan.sys - ok
14:58:59.0802 1480 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
14:58:59.0802 1480 C:\Windows\System32\drivers\raspppoe.sys - ok
14:58:59.0802 1480 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
14:58:59.0802 1480 C:\Windows\System32\drivers\kbdclass.sys - ok
14:58:59.0802 1480 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
14:58:59.0802 1480 C:\Windows\System32\drivers\raspptp.sys - ok
14:58:59.0817 1480 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
14:58:59.0817 1480 C:\Windows\System32\drivers\rassstp.sys - ok
14:58:59.0817 1480 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
14:58:59.0817 1480 C:\Windows\System32\drivers\rdpbus.sys - ok
14:58:59.0817 1480 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
14:58:59.0817 1480 C:\Windows\System32\drivers\ks.sys - ok
14:58:59.0817 1480 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
14:58:59.0817 1480 C:\Windows\System32\drivers\ksthunk.sys - ok
14:58:59.0833 1480 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
14:58:59.0833 1480 C:\Windows\System32\drivers\mouclass.sys - ok
14:58:59.0833 1480 [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
14:58:59.0833 1480 C:\Windows\System32\drivers\serscan.sys - ok
14:58:59.0833 1480 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
14:58:59.0833 1480 C:\Windows\System32\drivers\swenum.sys - ok
14:58:59.0849 1480 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
14:58:59.0849 1480 C:\Windows\System32\drivers\umbus.sys - ok
14:58:59.0849 1480 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
14:58:59.0849 1480 C:\Windows\System32\drivers\usbhub.sys - ok
14:58:59.0849 1480 [ C172A0F53008EAEB8EA33FE10E177AF5 ] C:\Windows\System32\drivers\flpydisk.sys
14:58:59.0849 1480 C:\Windows\System32\drivers\flpydisk.sys - ok
14:58:59.0849 1480 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
14:58:59.0849 1480 C:\Windows\System32\shell32.dll - ok
14:58:59.0864 1480 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
14:58:59.0864 1480 C:\Windows\System32\difxapi.dll - ok
14:58:59.0864 1480 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
14:58:59.0864 1480 C:\Windows\System32\imagehlp.dll - ok
14:58:59.0864 1480 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
14:58:59.0864 1480 C:\Windows\System32\iertutil.dll - ok
14:58:59.0880 1480 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
14:58:59.0880 1480 C:\Windows\System32\imm32.dll - ok
14:58:59.0880 1480 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
14:58:59.0880 1480 C:\Windows\System32\nsi.dll - ok
14:58:59.0880 1480 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
14:58:59.0880 1480 C:\Windows\System32\ws2_32.dll - ok
14:58:59.0895 1480 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
14:58:59.0895 1480 C:\Windows\System32\usp10.dll - ok
14:58:59.0895 1480 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
14:58:59.0895 1480 C:\Windows\System32\lpk.dll - ok
14:58:59.0895 1480 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
14:58:59.0895 1480 C:\Windows\System32\rpcrt4.dll - ok
14:58:59.0942 1480 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
14:58:59.0942 1480 C:\Windows\System32\kernel32.dll - ok
14:58:59.0958 1480 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
14:58:59.0958 1480 C:\Windows\System32\user32.dll - ok
14:58:59.0958 1480 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
14:58:59.0958 1480 C:\Windows\System32\setupapi.dll - ok
14:58:59.0958 1480 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
14:58:59.0958 1480 C:\Windows\System32\gdi32.dll - ok
14:58:59.0973 1480 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
14:58:59.0973 1480 C:\Windows\System32\normaliz.dll - ok
14:58:59.0973 1480 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
14:58:59.0973 1480 C:\Windows\System32\shlwapi.dll - ok
14:58:59.0973 1480 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
14:58:59.0973 1480 C:\Windows\System32\wininet.dll - ok
14:58:59.0989 1480 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
14:58:59.0989 1480 C:\Windows\System32\advapi32.dll - ok
14:58:59.0989 1480 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
14:58:59.0989 1480 C:\Windows\System32\psapi.dll - ok
14:58:59.0989 1480 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
14:58:59.0989 1480 C:\Windows\System32\comdlg32.dll - ok
14:59:00.0005 1480 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
14:59:00.0005 1480 C:\Windows\System32\ole32.dll - ok
14:59:00.0020 1480 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
14:59:00.0020 1480 C:\Windows\System32\msvcrt.dll - ok
14:59:00.0036 1480 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
14:59:00.0036 1480 C:\Windows\System32\sechost.dll - ok
14:59:00.0036 1480 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
14:59:00.0036 1480 C:\Windows\System32\oleaut32.dll - ok
14:59:00.0036 1480 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
14:59:00.0036 1480 C:\Windows\System32\clbcatq.dll - ok
14:59:00.0051 1480 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
14:59:00.0051 1480 C:\Windows\System32\Wldap32.dll - ok
14:59:00.0051 1480 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
14:59:00.0051 1480 C:\Windows\System32\msctf.dll - ok
14:59:00.0051 1480 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
14:59:00.0051 1480 C:\Windows\System32\urlmon.dll - ok
14:59:00.0067 1480 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
14:59:00.0067 1480 C:\Windows\System32\crypt32.dll - ok
14:59:00.0067 1480 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
14:59:00.0067 1480 C:\Windows\System32\cfgmgr32.dll - ok
14:59:00.0067 1480 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
14:59:00.0067 1480 C:\Windows\System32\comctl32.dll - ok
14:59:00.0067 1480 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
14:59:00.0067 1480 C:\Windows\System32\wintrust.dll - ok
14:59:00.0083 1480 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
14:59:00.0083 1480 C:\Windows\System32\devobj.dll - ok
14:59:00.0083 1480 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
14:59:00.0083 1480 C:\Windows\System32\KernelBase.dll - ok
14:59:00.0083 1480 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
14:59:00.0083 1480 C:\Windows\System32\msasn1.dll - ok
14:59:00.0083 1480 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
14:59:00.0083 1480 C:\Windows\SysWOW64\normaliz.dll - ok
14:59:00.0098 1480 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
14:59:00.0098 1480 C:\Windows\System32\drivers\ndproxy.sys - ok
14:59:00.0098 1480 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
14:59:00.0098 1480 C:\Windows\System32\drivers\drmk.sys - ok
14:59:00.0098 1480 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
14:59:00.0098 1480 C:\Windows\System32\drivers\portcls.sys - ok
14:59:00.0098 1480 [ C2F868881D48A568B525255F084EF063 ] C:\Windows\System32\drivers\RTKVHD64.sys
14:59:00.0098 1480 C:\Windows\System32\drivers\RTKVHD64.sys - ok
14:59:00.0098 1480 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
14:59:00.0098 1480 C:\Windows\System32\drivers\cdfs.sys - ok
14:59:00.0114 1480 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
14:59:00.0114 1480 C:\Windows\System32\drivers\dxapi.sys - ok
14:59:00.0114 1480 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
14:59:00.0114 1480 C:\Windows\System32\win32k.sys - ok
14:59:00.0114 1480 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
14:59:00.0114 1480 C:\Windows\System32\basesrv.dll - ok
14:59:00.0114 1480 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows
|
|
16.10.2012, 07:13
| #7 |
| | Redirekt Virus TDDSKiller Teil 2: Code:
ATTFilter \System32\csrsrv.dll
14:59:00.0114 1480 C:\Windows\System32\csrsrv.dll - ok
14:59:00.0129 1480 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
14:59:00.0129 1480 C:\Windows\System32\csrss.exe - ok
14:59:00.0129 1480 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
14:59:00.0129 1480 C:\Windows\System32\winsrv.dll - ok
14:59:00.0129 1480 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
14:59:00.0129 1480 C:\Windows\System32\drivers\usbccgp.sys - ok
14:59:00.0129 1480 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
14:59:00.0129 1480 C:\Windows\System32\drivers\usbd.sys - ok
14:59:00.0145 1480 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
14:59:00.0145 1480 C:\Windows\System32\drivers\hidclass.sys - ok
14:59:00.0145 1480 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
14:59:00.0145 1480 C:\Windows\System32\drivers\hidparse.sys - ok
14:59:00.0145 1480 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
14:59:00.0145 1480 C:\Windows\System32\drivers\hidusb.sys - ok
14:59:00.0161 1480 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
14:59:00.0161 1480 C:\Windows\System32\drivers\kbdhid.sys - ok
14:59:00.0161 1480 [ 241F2648ADF090E2A10095BD6D6F5DCB ] C:\Windows\System32\drivers\LHidFilt.Sys
14:59:00.0161 1480 C:\Windows\System32\drivers\LHidFilt.Sys - ok
14:59:00.0161 1480 [ 342ED5A4B3326014438F36D22D803737 ] C:\Windows\System32\drivers\LMouFilt.Sys
14:59:00.0161 1480 C:\Windows\System32\drivers\LMouFilt.Sys - ok
14:59:00.0161 1480 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
14:59:00.0161 1480 C:\Windows\System32\drivers\mouhid.sys - ok
14:59:00.0176 1480 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
14:59:00.0176 1480 C:\Windows\System32\drivers\USBSTOR.SYS - ok
14:59:00.0176 1480 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
14:59:00.0176 1480 C:\Windows\System32\drivers\monitor.sys - ok
14:59:00.0176 1480 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
14:59:00.0176 1480 C:\Windows\System32\tsddd.dll - ok
14:59:00.0176 1480 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
14:59:00.0176 1480 C:\Windows\System32\profapi.dll - ok
14:59:00.0176 1480 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
14:59:00.0176 1480 C:\Windows\System32\RpcRtRemote.dll - ok
14:59:00.0192 1480 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
14:59:00.0192 1480 C:\Windows\System32\sxssrv.dll - ok
14:59:00.0192 1480 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
14:59:00.0192 1480 C:\Windows\System32\wininit.exe - ok
14:59:00.0192 1480 [ E38D1691B68FCB6224D69B4D4E25EBF3 ] C:\Windows\System32\KBDGR.DLL
14:59:00.0192 1480 C:\Windows\System32\KBDGR.DLL - ok
14:59:00.0192 1480 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
14:59:00.0192 1480 C:\Windows\System32\cdd.dll - ok
14:59:00.0207 1480 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
14:59:00.0207 1480 C:\Windows\System32\KBDUS.DLL - ok
14:59:00.0207 1480 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
14:59:00.0207 1480 C:\Windows\System32\WlS0WndH.dll - ok
14:59:00.0207 1480 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
14:59:00.0207 1480 C:\Windows\System32\sxs.dll - ok
14:59:00.0207 1480 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
14:59:00.0207 1480 C:\Windows\System32\cryptbase.dll - ok
14:59:00.0207 1480 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
14:59:00.0207 1480 C:\Windows\System32\apphelp.dll - ok
14:59:00.0223 1480 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
14:59:00.0223 1480 C:\Windows\System32\lsass.exe - ok
14:59:00.0223 1480 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
14:59:00.0223 1480 C:\Windows\System32\lsm.exe - ok
14:59:00.0223 1480 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
14:59:00.0223 1480 C:\Windows\System32\services.exe - ok
14:59:00.0223 1480 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
14:59:00.0223 1480 C:\Windows\System32\lsasrv.dll - ok
14:59:00.0239 1480 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
14:59:00.0239 1480 C:\Windows\System32\scext.dll - ok
14:59:00.0239 1480 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
14:59:00.0239 1480 C:\Windows\System32\sspicli.dll - ok
14:59:00.0239 1480 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
14:59:00.0239 1480 C:\Windows\System32\sspisrv.dll - ok
14:59:00.0239 1480 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
14:59:00.0239 1480 C:\Windows\System32\sysntfy.dll - ok
14:59:00.0254 1480 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
14:59:00.0254 1480 C:\Windows\System32\wmsgapi.dll - ok
14:59:00.0254 1480 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
14:59:00.0254 1480 C:\Windows\System32\samsrv.dll - ok
14:59:00.0254 1480 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
14:59:00.0254 1480 C:\Windows\System32\scesrv.dll - ok
14:59:00.0254 1480 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
14:59:00.0254 1480 C:\Windows\System32\secur32.dll - ok
14:59:00.0254 1480 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
14:59:00.0254 1480 C:\Windows\System32\srvcli.dll - ok
14:59:00.0270 1480 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
14:59:00.0270 1480 C:\Windows\System32\aelupsvc.dll - ok
14:59:00.0270 1480 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
14:59:00.0270 1480 C:\Windows\System32\cryptdll.dll - ok
14:59:00.0270 1480 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
14:59:00.0270 1480 C:\Windows\System32\winlogon.exe - ok
14:59:00.0270 1480 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
14:59:00.0270 1480 C:\Windows\System32\wevtapi.dll - ok
14:59:00.0285 1480 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
14:59:00.0285 1480 C:\Windows\System32\winsta.dll - ok
14:59:00.0285 1480 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
14:59:00.0285 1480 C:\Windows\System32\authz.dll - ok
14:59:00.0285 1480 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
14:59:00.0285 1480 C:\Windows\System32\cngaudit.dll - ok
14:59:00.0285 1480 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
14:59:00.0285 1480 C:\Windows\System32\ncrypt.dll - ok
14:59:00.0285 1480 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
14:59:00.0285 1480 C:\Windows\System32\alg.exe - ok
14:59:00.0301 1480 [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
14:59:00.0301 1480 C:\Windows\System32\appidsvc.dll - ok
14:59:00.0301 1480 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
14:59:00.0301 1480 C:\Windows\System32\appinfo.dll - ok
14:59:00.0301 1480 [ 4ABA3E75A76195A3E38ED2766C962899 ] C:\Windows\System32\appmgmts.dll
14:59:00.0301 1480 C:\Windows\System32\appmgmts.dll - ok
14:59:00.0301 1480 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
14:59:00.0301 1480 C:\Windows\System32\bcrypt.dll - ok
14:59:00.0317 1480 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
14:59:00.0317 1480 C:\Windows\System32\audiosrv.dll - ok
14:59:00.0317 1480 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
14:59:00.0317 1480 C:\Windows\System32\msprivs.dll - ok
14:59:00.0317 1480 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
14:59:00.0317 1480 C:\Windows\System32\negoexts.dll - ok
14:59:00.0317 1480 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
14:59:00.0317 1480 C:\Windows\System32\netjoin.dll - ok
14:59:00.0317 1480 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
14:59:00.0317 1480 C:\Windows\System32\rascfg.dll - ok
14:59:00.0332 1480 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
14:59:00.0332 1480 C:\Windows\System32\AxInstSv.dll - ok
14:59:00.0332 1480 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
14:59:00.0332 1480 C:\Windows\System32\kerberos.dll - ok
14:59:00.0332 1480 [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
14:59:00.0332 1480 C:\Windows\System32\bdesvc.dll - ok
14:59:00.0332 1480 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
14:59:00.0332 1480 C:\Windows\System32\BFE.DLL - ok
14:59:00.0348 1480 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
14:59:00.0348 1480 C:\Windows\System32\cryptsp.dll - ok
14:59:00.0348 1480 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
14:59:00.0348 1480 C:\Windows\System32\mswsock.dll - ok
14:59:00.0348 1480 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
14:59:00.0348 1480 C:\Windows\System32\qmgr.dll - ok
14:59:00.0348 1480 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
14:59:00.0348 1480 C:\Windows\System32\version.dll - ok
14:59:00.0348 1480 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
14:59:00.0348 1480 C:\Windows\System32\msv1_0.dll - ok
14:59:00.0363 1480 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
14:59:00.0363 1480 C:\Windows\System32\wship6.dll - ok
14:59:00.0363 1480 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
14:59:00.0363 1480 C:\Windows\System32\netlogon.dll - ok
14:59:00.0363 1480 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
14:59:00.0363 1480 C:\Windows\System32\browser.dll - ok
14:59:00.0363 1480 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
14:59:00.0363 1480 C:\Windows\System32\bthserv.dll - ok
14:59:00.0379 1480 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
14:59:00.0379 1480 C:\Windows\System32\dnsapi.dll - ok
14:59:00.0379 1480 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
14:59:00.0379 1480 C:\Windows\System32\certprop.dll - ok
14:59:00.0379 1480 [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
14:59:00.0379 1480 C:\Windows\System32\clfs.sys - ok
14:59:00.0379 1480 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
14:59:00.0379 1480 C:\Windows\System32\logoncli.dll - ok
14:59:00.0379 1480 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
14:59:00.0379 1480 C:\Windows\System32\schannel.dll - ok
14:59:00.0395 1480 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
14:59:00.0395 1480 C:\Windows\System32\comres.dll - ok
14:59:00.0395 1480 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
14:59:00.0395 1480 C:\Windows\System32\wdigest.dll - ok
14:59:00.0395 1480 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
14:59:00.0395 1480 C:\Windows\System32\cryptsvc.dll - ok
14:59:00.0395 1480 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
14:59:00.0395 1480 C:\Windows\System32\pku2u.dll - ok
14:59:00.0410 1480 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
14:59:00.0410 1480 C:\Windows\System32\rsaenh.dll - ok
14:59:00.0410 1480 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
14:59:00.0410 1480 C:\Windows\System32\TSpkg.dll - ok
14:59:00.0410 1480 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
14:59:00.0410 1480 C:\Windows\System32\bcryptprimitives.dll - ok
14:59:00.0410 1480 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
14:59:00.0410 1480 C:\Windows\System32\cscsvc.dll - ok
14:59:00.0426 1480 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
14:59:00.0426 1480 C:\Windows\System32\credssp.dll - ok
14:59:00.0426 1480 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
14:59:00.0426 1480 C:\Windows\System32\defragsvc.dll - ok
14:59:00.0426 1480 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
14:59:00.0426 1480 C:\Windows\System32\dhcpcore.dll - ok
14:59:00.0426 1480 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
14:59:00.0426 1480 C:\Windows\System32\efslsaext.dll - ok
14:59:00.0426 1480 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
14:59:00.0426 1480 C:\Windows\System32\oleres.dll - ok
14:59:00.0441 1480 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
14:59:00.0441 1480 C:\Windows\System32\scecli.dll - ok
14:59:00.0441 1480 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
14:59:00.0441 1480 C:\Windows\System32\dot3svc.dll - ok
14:59:00.0441 1480 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
14:59:00.0441 1480 C:\Windows\System32\dps.dll - ok
14:59:00.0441 1480 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
14:59:00.0441 1480 C:\Windows\System32\eapsvc.dll - ok
14:59:00.0457 1480 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
14:59:00.0457 1480 C:\Windows\System32\efssvc.dll - ok
14:59:00.0457 1480 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
14:59:00.0457 1480 C:\Windows\ehome\ehrecvr.exe - ok
14:59:00.0457 1480 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
14:59:00.0457 1480 C:\Windows\ehome\ehsched.exe - ok
14:59:00.0457 1480 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
14:59:00.0457 1480 C:\Windows\System32\wevtsvc.dll - ok
14:59:00.0457 1480 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
14:59:00.0457 1480 C:\Windows\System32\fdPHost.dll - ok
14:59:00.0473 1480 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
14:59:00.0473 1480 C:\Windows\System32\FXSRESM.dll - ok
14:59:00.0473 1480 [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
14:59:00.0473 1480 C:\Windows\System32\drivers\fileinfo.sys - ok
14:59:00.0473 1480 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
14:59:00.0473 1480 C:\Windows\System32\drivers\filetrace.sys - ok
14:59:00.0473 1480 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
14:59:00.0473 1480 C:\Windows\System32\drivers\fltMgr.sys - ok
14:59:00.0488 1480 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
14:59:00.0488 1480 C:\Windows\System32\FDResPub.dll - ok
14:59:00.0488 1480 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
14:59:00.0488 1480 C:\Windows\System32\FntCache.dll - ok
14:59:00.0488 1480 [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
14:59:00.0488 1480 C:\Windows\System32\drivers\fsdepends.sys - ok
14:59:00.0488 1480 [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
14:59:00.0488 1480 C:\Windows\System32\drivers\fvevol.sys - ok
14:59:00.0504 1480 [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
14:59:00.0504 1480 C:\Windows\System32\PresentationHost.exe - ok
14:59:00.0504 1480 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
14:59:00.0504 1480 C:\Windows\System32\gpapi.dll - ok
14:59:00.0504 1480 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
14:59:00.0504 1480 C:\Windows\System32\hidserv.dll - ok
14:59:00.0504 1480 [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
14:59:00.0504 1480 C:\Windows\System32\KMSVC.DLL - ok
14:59:00.0519 1480 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
14:59:00.0519 1480 C:\Windows\System32\ListSvc.dll - ok
14:59:00.0519 1480 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
14:59:00.0519 1480 C:\Windows\System32\drivers\http.sys - ok
14:59:00.0519 1480 [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
14:59:00.0519 1480 C:\Windows\System32\drivers\hwpolicy.sys - ok
14:59:00.0519 1480 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
14:59:00.0519 1480 C:\Windows\System32\provsvc.dll - ok
14:59:00.0535 1480 [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
14:59:00.0535 1480 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
14:59:00.0535 1480 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
14:59:00.0535 1480 C:\Windows\System32\IKEEXT.DLL - ok
14:59:00.0535 1480 [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
14:59:00.0535 1480 C:\Windows\System32\IPBusEnum.dll - ok
14:59:00.0535 1480 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
14:59:00.0535 1480 C:\Windows\System32\drivers\irenum.sys - ok
14:59:00.0535 1480 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
14:59:00.0535 1480 C:\Windows\System32\iphlpsvc.dll - ok
14:59:00.0551 1480 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
14:59:00.0551 1480 C:\Windows\System32\keyiso.dll - ok
14:59:00.0551 1480 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
14:59:00.0551 1480 C:\Windows\System32\srvsvc.dll - ok
14:59:00.0551 1480 [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
14:59:00.0551 1480 C:\Windows\ehome\ehres.dll - ok
14:59:00.0551 1480 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
14:59:00.0551 1480 C:\Windows\System32\drivers\luafv.sys - ok
14:59:00.0566 1480 [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
14:59:00.0566 1480 C:\Windows\System32\lltdres.dll - ok
14:59:00.0566 1480 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
14:59:00.0566 1480 C:\Windows\System32\lmhsvc.dll - ok
14:59:00.0566 1480 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
14:59:00.0566 1480 C:\Windows\System32\wkssvc.dll - ok
14:59:00.0566 1480 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
14:59:00.0566 1480 C:\Windows\System32\drivers\mountmgr.sys - ok
14:59:00.0566 1480 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
14:59:00.0566 1480 C:\Windows\System32\FirewallAPI.dll - ok
14:59:00.0582 1480 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
14:59:00.0582 1480 C:\Windows\System32\mmcss.dll - ok
14:59:00.0582 1480 [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
14:59:00.0582 1480 C:\Windows\System32\drivers\mshidkmdf.sys - ok
14:59:00.0582 1480 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
14:59:00.0582 1480 C:\Windows\System32\WebClnt.dll - ok
14:59:00.0582 1480 [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
14:59:00.0582 1480 C:\Windows\System32\drivers\mup.sys - ok
14:59:00.0597 1480 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
14:59:00.0597 1480 C:\Windows\System32\iscsidsc.dll - ok
14:59:00.0597 1480 [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
14:59:00.0597 1480 C:\Windows\System32\msimsg.dll - ok
14:59:00.0597 1480 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
14:59:00.0597 1480 C:\Windows\System32\QAGENTRT.DLL - ok
14:59:00.0597 1480 [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
14:59:00.0597 1480 C:\Windows\System32\drivers\ndis.sys - ok
14:59:00.0597 1480 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
14:59:00.0597 1480 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
14:59:00.0613 1480 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
14:59:00.0613 1480 C:\Windows\System32\netman.dll - ok
14:59:00.0613 1480 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
14:59:00.0613 1480 C:\Windows\System32\netprofm.dll - ok
14:59:00.0613 1480 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
14:59:00.0613 1480 C:\Windows\System32\nlasvc.dll - ok
14:59:00.0613 1480 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
14:59:00.0613 1480 C:\Windows\System32\nsisvc.dll - ok
14:59:00.0629 1480 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
14:59:00.0629 1480 C:\Windows\System32\p2psvc.dll - ok
14:59:00.0629 1480 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
14:59:00.0629 1480 C:\Windows\System32\pnrpsvc.dll - ok
14:59:00.0629 1480 [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
14:59:00.0629 1480 C:\Windows\System32\drivers\partmgr.sys - ok
14:59:00.0629 1480 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
14:59:00.0629 1480 C:\Windows\System32\pcasvc.dll - ok
14:59:00.0644 1480 [ B9B0A4299DD2D76A4243F75FD54DC680 ] C:\Windows\System32\PeerDistSvc.dll
14:59:00.0644 1480 C:\Windows\System32\PeerDistSvc.dll - ok
14:59:00.0644 1480 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
14:59:00.0644 1480 C:\Windows\System32\pla.dll - ok
14:59:00.0644 1480 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
14:59:00.0644 1480 C:\Windows\System32\pnrpauto.dll - ok
14:59:00.0644 1480 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
14:59:00.0644 1480 C:\Windows\System32\polstore.dll - ok
14:59:00.0644 1480 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
14:59:00.0644 1480 C:\Windows\System32\umpnpmgr.dll - ok
14:59:00.0660 1480 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
14:59:00.0660 1480 C:\Windows\System32\profsvc.dll - ok
14:59:00.0660 1480 [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
14:59:00.0660 1480 C:\Windows\System32\psbase.dll - ok
14:59:00.0660 1480 [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
14:59:00.0660 1480 C:\Windows\System32\qwave.dll - ok
14:59:00.0660 1480 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
14:59:00.0660 1480 C:\Windows\System32\umpo.dll - ok
14:59:00.0675 1480 [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
14:59:00.0675 1480 C:\Windows\System32\drivers\qwavedrv.sys - ok
14:59:00.0675 1480 [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
14:59:00.0675 1480 C:\Windows\System32\mprdim.dll - ok
14:59:00.0675 1480 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
14:59:00.0675 1480 C:\Windows\System32\rasauto.dll - ok
14:59:00.0675 1480 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
14:59:00.0675 1480 C:\Windows\System32\rasmans.dll - ok
14:59:00.0675 1480 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
14:59:00.0675 1480 C:\Windows\System32\sstpsvc.dll - ok
14:59:00.0691 1480 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
14:59:00.0691 1480 C:\Windows\System32\drivers\scfilter.sys - ok
14:59:00.0691 1480 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
14:59:00.0691 1480 C:\Windows\System32\Locator.exe - ok
14:59:00.0691 1480 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
14:59:00.0691 1480 C:\Windows\System32\regsvc.dll - ok
14:59:00.0707 1480 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
14:59:00.0707 1480 C:\Windows\System32\RpcEpMap.dll - ok
14:59:00.0707 1480 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
14:59:00.0707 1480 C:\Windows\System32\SCardSvr.dll - ok
14:59:00.0707 1480 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
14:59:00.0707 1480 C:\Windows\System32\schedsvc.dll - ok
14:59:00.0707 1480 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
14:59:00.0722 1480 C:\Windows\System32\sdrsvc.dll - ok
14:59:00.0722 1480 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
14:59:00.0722 1480 C:\Windows\System32\ipnathlp.dll - ok
14:59:00.0722 1480 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
14:59:00.0722 1480 C:\Windows\System32\seclogon.dll - ok
14:59:00.0722 1480 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
14:59:00.0722 1480 C:\Windows\System32\Sens.dll - ok
14:59:00.0738 1480 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
14:59:00.0738 1480 C:\Windows\System32\sensrsvc.dll - ok
14:59:00.0738 1480 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
14:59:00.0738 1480 C:\Windows\System32\SessEnv.dll - ok
14:59:00.0738 1480 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
14:59:00.0738 1480 C:\Windows\System32\shsvcs.dll - ok
14:59:00.0738 1480 [ CA62AE004E98374BF7F082CD765EEA02 ] C:\Windows\System32\snmp.exe
14:59:00.0738 1480 C:\Windows\System32\snmp.exe - ok
14:59:00.0738 1480 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
14:59:00.0738 1480 C:\Windows\System32\snmptrap.exe - ok
14:59:00.0753 1480 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
14:59:00.0753 1480 C:\Windows\System32\tcpipcfg.dll - ok
14:59:00.0753 1480 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
14:59:00.0753 1480 C:\Windows\System32\spoolsv.exe - ok
14:59:00.0753 1480 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
14:59:00.0753 1480 C:\Windows\System32\sppsvc.exe - ok
14:59:00.0753 1480 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
14:59:00.0753 1480 C:\Windows\System32\sppuinotify.dll - ok
14:59:00.0769 1480 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
14:59:00.0769 1480 C:\Windows\System32\ssdpsrv.dll - ok
14:59:00.0769 1480 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
14:59:00.0769 1480 C:\Windows\System32\wiaservc.dll - ok
14:59:00.0769 1480 [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
14:59:00.0769 1480 C:\Windows\System32\swprv.dll - ok
14:59:00.0769 1480 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
14:59:00.0769 1480 C:\Windows\System32\sysmain.dll - ok
14:59:00.0769 1480 [ D289D2E949609B696161039C3D86FFE9 ] C:\Windows\System32\vmstorfltres.dll
14:59:00.0769 1480 C:\Windows\System32\vmstorfltres.dll - ok
14:59:00.0785 1480 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
14:59:00.0785 1480 C:\Windows\System32\TabSvc.dll - ok
14:59:00.0785 1480 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
14:59:00.0785 1480 C:\Windows\System32\tapisrv.dll - ok
14:59:00.0785 1480 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
14:59:00.0785 1480 C:\Windows\System32\tbssvc.dll - ok
14:59:00.0800 1480 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
14:59:00.0800 1480 C:\Windows\System32\termsrv.dll - ok
14:59:00.0800 1480 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
14:59:00.0800 1480 C:\Windows\servicing\TrustedInstaller.exe - ok
14:59:00.0800 1480 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
14:59:00.0800 1480 C:\Windows\System32\themeservice.dll - ok
14:59:00.0800 1480 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
14:59:00.0800 1480 C:\Windows\System32\trkwks.dll - ok
14:59:00.0816 1480 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
14:59:00.0816 1480 C:\Windows\System32\drivers\tssecsrv.sys - ok
14:59:00.0816 1480 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
14:59:00.0816 1480 C:\Windows\System32\dwm.exe - ok
14:59:00.0816 1480 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
14:59:00.0816 1480 C:\Windows\System32\UI0Detect.exe - ok
14:59:00.0831 1480 [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll
14:59:00.0831 1480 C:\Windows\System32\umrdp.dll - ok
14:59:00.0831 1480 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
14:59:00.0831 1480 C:\Windows\System32\upnphost.dll - ok
14:59:00.0831 1480 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
14:59:00.0831 1480 C:\Windows\System32\vaultsvc.dll - ok
14:59:00.0847 1480 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
14:59:00.0847 1480 C:\Windows\System32\vds.exe - ok
14:59:00.0847 1480 [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
14:59:00.0847 1480 C:\Windows\System32\drivers\volmgrx.sys - ok
14:59:00.0847 1480 [ E48FCE3820487A9CDDD83BBABC6B962C ] C:\Windows\System32\vmbusres.dll
14:59:00.0847 1480 C:\Windows\System32\vmbusres.dll - ok
14:59:00.0847 1480 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
14:59:00.0847 1480 C:\Windows\System32\VSSVC.exe - ok
14:59:00.0863 1480 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
14:59:00.0863 1480 C:\Windows\System32\drivers\vwifibus.sys - ok
14:59:00.0863 1480 [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
14:59:00.0863 1480 C:\Windows\System32\w32time.dll - ok
14:59:00.0863 1480 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
14:59:00.0863 1480 C:\Windows\System32\wbengine.exe - ok
14:59:00.0863 1480 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
14:59:00.0863 1480 C:\Windows\System32\wbiosrvc.dll - ok
14:59:00.0878 1480 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
14:59:00.0878 1480 C:\Windows\System32\wcncsvc.dll - ok
14:59:00.0878 1480 [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
14:59:00.0878 1480 C:\Windows\System32\WcsPlugInService.dll - ok
14:59:00.0878 1480 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
14:59:00.0878 1480 C:\Windows\System32\wdi.dll - ok
14:59:00.0894 1480 [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
14:59:00.0894 1480 C:\Windows\System32\wecsvc.dll - ok
14:59:00.0894 1480 [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
14:59:00.0894 1480 C:\Program Files\Windows Defender\MsMpRes.dll - ok
14:59:00.0894 1480 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
14:59:00.0894 1480 C:\Windows\System32\wercplsupport.dll - ok
14:59:00.0894 1480 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
14:59:00.0894 1480 C:\Windows\System32\wersvc.dll - ok
14:59:00.0909 1480 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
14:59:00.0909 1480 C:\Windows\System32\winhttp.dll - ok
14:59:00.0909 1480 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
14:59:00.0909 1480 C:\Windows\System32\wbem\WMIsvc.dll - ok
14:59:00.0909 1480 [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
14:59:00.0909 1480 C:\Windows\System32\WsmSvc.dll - ok
14:59:00.0925 1480 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
14:59:00.0925 1480 C:\Windows\System32\wbem\WmiApSrv.exe - ok
14:59:00.0925 1480 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
14:59:00.0925 1480 C:\Windows\System32\wlansvc.dll - ok
14:59:00.0925 1480 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
14:59:00.0925 1480 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
14:59:00.0925 1480 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
14:59:00.0925 1480 C:\Windows\System32\drivers\ws2ifsl.sys - ok
14:59:00.0941 1480 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
14:59:00.0941 1480 C:\Windows\System32\SearchIndexer.exe - ok
14:59:00.0941 1480 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
14:59:00.0941 1480 C:\Windows\System32\wpcsvc.dll - ok
14:59:00.0941 1480 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
14:59:00.0941 1480 C:\Windows\System32\wpdbusenum.dll - ok
14:59:00.0941 1480 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
14:59:00.0941 1480 C:\Windows\System32\wscsvc.dll - ok
14:59:00.0956 1480 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
14:59:00.0956 1480 C:\Windows\System32\wuaueng.dll - ok
14:59:00.0956 1480 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
14:59:00.0956 1480 C:\Windows\System32\WUDFSvc.dll - ok
14:59:00.0956 1480 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
14:59:00.0956 1480 C:\Windows\System32\wwansvc.dll - ok
14:59:00.0956 1480 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
14:59:00.0956 1480 C:\Windows\System32\ubpm.dll - ok
14:59:00.0972 1480 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
14:59:00.0972 1480 C:\Windows\System32\devrtl.dll - ok
14:59:00.0972 1480 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
14:59:00.0972 1480 C:\Windows\System32\SPInf.dll - ok
14:59:00.0987 1480 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
14:59:00.0987 1480 C:\Windows\System32\svchost.exe - ok
14:59:00.0987 1480 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
14:59:00.0987 1480 C:\Windows\System32\userenv.dll - ok
14:59:00.0987 1480 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
14:59:00.0987 1480 C:\Windows\System32\pcwum.dll - ok
14:59:00.0987 1480 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
14:59:00.0987 1480 C:\Windows\System32\powrprof.dll - ok
14:59:00.0987 1480 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
14:59:00.0987 1480 C:\Windows\System32\drivers\WUDFPf.sys - ok
14:59:01.0003 1480 [ 43F91595049DE14C4B61D1E76436164F ] C:\Windows\System32\nvvsvc.exe
14:59:01.0003 1480 C:\Windows\System32\nvvsvc.exe - ok
14:59:01.0003 1480 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
14:59:01.0003 1480 C:\Windows\System32\wtsapi32.dll - ok
14:59:01.0003 1480 [ A766CCAD980235FF34E7F8089D3175A3 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:59:01.0003 1480 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
14:59:01.0003 1480 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
14:59:01.0003 1480 C:\Windows\SysWOW64\ntdll.dll - ok
14:59:01.0019 1480 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
14:59:01.0019 1480 C:\Windows\System32\wow64.dll - ok
14:59:01.0019 1480 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
14:59:01.0019 1480 C:\Windows\System32\wow64cpu.dll - ok
14:59:01.0019 1480 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
14:59:01.0019 1480 C:\Windows\System32\wow64win.dll - ok
14:59:01.0019 1480 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
14:59:01.0019 1480 C:\Windows\SysWOW64\kernel32.dll - ok
14:59:01.0034 1480 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
14:59:01.0034 1480 C:\Windows\SysWOW64\KernelBase.dll - ok
14:59:01.0034 1480 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
14:59:01.0034 1480 C:\Windows\SysWOW64\msvcrt.dll - ok
14:59:01.0050 1480 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
14:59:01.0050 1480 C:\Windows\SysWOW64\setupapi.dll - ok
14:59:01.0050 1480 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
14:59:01.0050 1480 C:\Windows\SysWOW64\version.dll - ok
14:59:01.0050 1480 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
14:59:01.0050 1480 C:\Windows\SysWOW64\cfgmgr32.dll - ok
14:59:01.0065 1480 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
14:59:01.0065 1480 C:\Windows\SysWOW64\rpcrt4.dll - ok
14:59:01.0065 1480 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
14:59:01.0065 1480 C:\Windows\SysWOW64\sspicli.dll - ok
14:59:01.0065 1480 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
14:59:01.0065 1480 C:\Windows\SysWOW64\advapi32.dll - ok
14:59:01.0065 1480 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
14:59:01.0065 1480 C:\Windows\SysWOW64\cryptbase.dll - ok
14:59:01.0081 1480 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
14:59:01.0081 1480 C:\Windows\SysWOW64\gdi32.dll - ok
14:59:01.0081 1480 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
14:59:01.0081 1480 C:\Windows\SysWOW64\sechost.dll - ok
14:59:01.0081 1480 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
14:59:01.0081 1480 C:\Windows\SysWOW64\user32.dll - ok
14:59:01.0081 1480 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
14:59:01.0081 1480 C:\Windows\SysWOW64\lpk.dll - ok
14:59:01.0097 1480 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
14:59:01.0097 1480 C:\Windows\SysWOW64\oleaut32.dll - ok
14:59:01.0097 1480 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
14:59:01.0097 1480 C:\Windows\SysWOW64\usp10.dll - ok
14:59:01.0097 1480 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
14:59:01.0097 1480 C:\Windows\SysWOW64\ole32.dll - ok
14:59:01.0112 1480 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
14:59:01.0112 1480 C:\Windows\SysWOW64\devobj.dll - ok
14:59:01.0112 1480 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
14:59:01.0112 1480 C:\Windows\SysWOW64\imm32.dll - ok
14:59:01.0112 1480 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
14:59:01.0112 1480 C:\Windows\SysWOW64\msctf.dll - ok
14:59:01.0112 1480 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
14:59:01.0112 1480 C:\Windows\SysWOW64\winspool.drv - ok
14:59:01.0112 1480 [ 91B82AFC372093C48D225CB358250325 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
14:59:01.0112 1480 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
14:59:01.0128 1480 [ 7FB76BB304C9CE38BDC398707E1EEE74 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
14:59:01.0128 1480 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
14:59:01.0128 1480 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
14:59:01.0128 1480 C:\Windows\SysWOW64\crypt32.dll - ok
14:59:01.0128 1480 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
14:59:01.0128 1480 C:\Windows\SysWOW64\wintrust.dll - ok
14:59:01.0143 1480 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
14:59:01.0143 1480 C:\Windows\System32\rpcss.dll - ok
14:59:01.0143 1480 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
14:59:01.0143 1480 C:\Windows\SysWOW64\msasn1.dll - ok
14:59:01.0143 1480 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
14:59:01.0143 1480 C:\Windows\SysWOW64\ntmarta.dll - ok
14:59:01.0143 1480 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
14:59:01.0143 1480 C:\Windows\SysWOW64\Wldap32.dll - ok
14:59:01.0143 1480 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
14:59:01.0143 1480 C:\Windows\SysWOW64\devrtl.dll - ok
14:59:01.0159 1480 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
14:59:01.0159 1480 C:\Windows\SysWOW64\SPInf.dll - ok
14:59:01.0159 1480 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
14:59:01.0159 1480 C:\Windows\System32\wshqos.dll - ok
14:59:01.0159 1480 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
14:59:01.0159 1480 C:\Windows\System32\WSHTCPIP.DLL - ok
14:59:01.0159 1480 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
14:59:01.0159 1480 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
14:59:01.0175 1480 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:59:01.0175 1480 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
14:59:01.0175 1480 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
14:59:01.0175 1480 C:\Windows\System32\LogonUI.exe - ok
14:59:01.0175 1480 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
14:59:01.0175 1480 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
14:59:01.0175 1480 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
14:59:01.0175 1480 C:\Windows\System32\authui.dll - ok
14:59:01.0190 1480 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
14:59:01.0190 1480 C:\Windows\System32\cryptui.dll - ok
14:59:01.0190 1480 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
14:59:01.0190 1480 C:\Windows\System32\ntmarta.dll - ok
14:59:01.0206 1480 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
14:59:01.0206 1480 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
14:59:01.0206 1480 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
14:59:01.0206 1480 C:\Windows\System32\shacct.dll - ok
14:59:01.0221 1480 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
14:59:01.0221 1480 C:\Windows\System32\samlib.dll - ok
14:59:01.0221 1480 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
14:59:01.0221 1480 C:\Windows\System32\propsys.dll - ok
14:59:01.0221 1480 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
14:59:01.0221 1480 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
14:59:01.0221 1480 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
14:59:01.0221 1480 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
14:59:01.0237 1480 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
14:59:01.0237 1480 C:\Windows\System32\uxtheme.dll - ok
14:59:01.0237 1480 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
14:59:01.0237 1480 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
14:59:01.0237 1480 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
14:59:01.0237 1480 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
14:59:01.0237 1480 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
14:59:01.0237 1480 C:\Windows\System32\dui70.dll - ok
14:59:01.0253 1480 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
14:59:01.0253 1480 C:\Windows\System32\MMDevAPI.dll - ok
14:59:01.0253 1480 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
14:59:01.0253 1480 C:\Windows\System32\adtschema.dll - ok
14:59:01.0253 1480 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
14:59:01.0253 1480 C:\Windows\System32\avrt.dll - ok
14:59:01.0253 1480 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
14:59:01.0253 1480 C:\Windows\System32\duser.dll - ok
14:59:01.0268 1480 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
14:59:01.0268 1480 C:\Windows\System32\fltLib.dll - ok
14:59:01.0268 1480 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
14:59:01.0268 1480 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
14:59:01.0268 1480 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
14:59:01.0268 1480 C:\Windows\System32\drivers\MpFilter.sys - ok
14:59:01.0268 1480 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
14:59:01.0268 1480 C:\Windows\System32\dwmapi.dll - ok
14:59:01.0284 1480 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
14:59:01.0284 1480 C:\Windows\System32\hid.dll - ok
14:59:01.0299 1480 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
14:59:01.0299 1480 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
14:59:01.0299 1480 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
14:59:01.0299 1480 C:\Windows\System32\SndVolSSO.dll - ok
14:59:01.0299 1480 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
14:59:01.0299 1480 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
14:59:01.0299 1480 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
14:59:01.0299 1480 C:\Windows\System32\MPSSVC.dll - ok
14:59:01.0315 1480 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
14:59:01.0315 1480 C:\Windows\System32\xmllite.dll - ok
14:59:01.0315 1480 [ 78555E35CD15785B9EE62B8C8167A861 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82B459F4-1E84-43FE-B71F-F18900AE7495}\mpengine.dll
14:59:01.0315 1480 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82B459F4-1E84-43FE-B71F-F18900AE7495}\mpengine.dll - ok
14:59:01.0315 1480 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
14:59:01.0315 1480 C:\Windows\System32\WindowsCodecs.dll - ok
14:59:01.0331 1480 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
14:59:01.0331 1480 C:\Windows\System32\WUDFPlatform.dll - ok
14:59:01.0331 1480 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
14:59:01.0331 1480 C:\Windows\System32\PSHED.DLL - ok
14:59:01.0331 1480 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
14:59:01.0331 1480 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
14:59:01.0346 1480 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
14:59:01.0346 1480 C:\Windows\System32\winbrand.dll - ok
14:59:01.0346 1480 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
14:59:01.0346 1480 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
14:59:01.0346 1480 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
14:59:01.0346 1480 C:\Windows\System32\VaultCredProvider.dll - ok
14:59:01.0346 1480 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
14:59:01.0346 1480 C:\Windows\System32\BioCredProv.dll - ok
14:59:01.0362 1480 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
14:59:01.0362 1480 C:\Windows\System32\credui.dll - ok
14:59:01.0362 1480 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
14:59:01.0362 1480 C:\Windows\System32\vaultcli.dll - ok
14:59:01.0362 1480 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
14:59:01.0362 1480 C:\Windows\System32\winbio.dll - ok
14:59:01.0362 1480 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
14:59:01.0362 1480 C:\Windows\System32\certCredProvider.dll - ok
14:59:01.0377 1480 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
14:59:01.0377 1480 C:\Windows\System32\netapi32.dll - ok
14:59:01.0377 1480 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
14:59:01.0377 1480 C:\Windows\System32\netutils.dll - ok
14:59:01.0377 1480 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
14:59:01.0377 1480 C:\Windows\System32\rasplap.dll - ok
14:59:01.0377 1480 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
14:59:01.0377 1480 C:\Windows\System32\samcli.dll - ok
14:59:01.0393 1480 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
14:59:01.0393 1480 C:\Windows\System32\wkscli.dll - ok
14:59:01.0393 1480 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
14:59:01.0393 1480 C:\Windows\System32\rasapi32.dll - ok
14:59:01.0393 1480 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
14:59:01.0393 1480 C:\Windows\System32\rasman.dll - ok
14:59:01.0393 1480 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
14:59:01.0393 1480 C:\Windows\System32\rtutils.dll - ok
14:59:01.0409 1480 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
14:59:01.0409 1480 C:\Windows\System32\audiodg.exe - ok
14:59:01.0409 1480 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
14:59:01.0409 1480 C:\Windows\System32\oleacc.dll - ok
14:59:01.0409 1480 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
14:59:01.0409 1480 C:\Windows\System32\UIAutomationCore.dll - ok
14:59:01.0409 1480 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
14:59:01.0409 1480 C:\Windows\System32\msimg32.dll - ok
14:59:01.0424 1480 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
14:59:01.0424 1480 C:\Windows\System32\gpsvc.dll - ok
14:59:01.0424 1480 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
14:59:01.0424 1480 C:\Windows\System32\nlaapi.dll - ok
14:59:01.0424 1480 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
14:59:01.0424 1480 C:\Windows\System32\PeerDist.dll - ok
14:59:01.0424 1480 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
14:59:01.0424 1480 C:\Windows\System32\atl.dll - ok
14:59:01.0440 1480 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
14:59:01.0440 1480 C:\Windows\System32\dsrole.dll - ok
14:59:01.0440 1480 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
14:59:01.0440 1480 C:\Windows\System32\es.dll - ok
14:59:01.0440 1480 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
14:59:01.0440 1480 C:\Windows\System32\slc.dll - ok
14:59:01.0440 1480 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
14:59:01.0440 1480 C:\Windows\System32\taskschd.dll - ok
14:59:01.0455 1480 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
14:59:01.0455 1480 C:\Windows\System32\mstask.dll - ok
14:59:01.0455 1480 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
14:59:01.0455 1480 C:\Windows\System32\uxsms.dll - ok
14:59:01.0455 1480 [ 0926C3B5CBF64C88F432FF449B211807 ] C:\Program Files\HitmanPro\hmpsched.exe
14:59:01.0455 1480 C:\Program Files\HitmanPro\hmpsched.exe - ok
14:59:01.0455 1480 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
14:59:01.0455 1480 C:\Windows\System32\drivers\lltdio.sys - ok
14:59:01.0471 1480 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
14:59:01.0471 1480 C:\Windows\System32\drivers\rspndr.sys - ok
14:59:01.0471 1480 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
14:59:01.0471 1480 C:\Windows\System32\IPHLPAPI.DLL - ok
14:59:01.0471 1480 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
14:59:01.0471 1480 C:\Windows\System32\dhcpcore6.dll - ok
14:59:01.0471 1480 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
14:59:01.0471 1480 C:\Windows\System32\nrpsrv.dll - ok
14:59:01.0487 1480 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
14:59:01.0487 1480 C:\Windows\System32\winnsi.dll - ok
14:59:01.0487 1480 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
14:59:01.0487 1480 C:\Windows\System32\dnsrslvr.dll - ok
14:59:01.0487 1480 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
14:59:01.0487 1480 C:\Windows\System32\FWPUCLNT.DLL - ok
14:59:01.0487 1480 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
14:59:01.0487 1480 C:\Windows\System32\UXInit.dll - ok
14:59:01.0502 1480 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
14:59:01.0502 1480 C:\Windows\System32\dnsext.dll - ok
14:59:01.0502 1480 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
14:59:01.0502 1480 C:\Windows\System32\dhcpcsvc.dll - ok
14:59:01.0502 1480 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
14:59:01.0502 1480 C:\Windows\System32\dhcpcsvc6.dll - ok
14:59:01.0502 1480 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
14:59:01.0502 1480 C:\Windows\System32\ktmw32.dll - ok
14:59:01.0518 1480 [ 52D2ECAE9642DB2EB57C56817426391A ] C:\Windows\System32\nvsvc64.dll
14:59:01.0518 1480 C:\Windows\System32\nvsvc64.dll - ok
14:59:01.0518 1480 [ 6103E3D8B9D82A27E417CC0AA8DD18EB ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
14:59:01.0518 1480 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
14:59:01.0518 1480 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
14:59:01.0518 1480 C:\Windows\System32\mscms.dll - ok
14:59:01.0518 1480 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
14:59:01.0518 1480 C:\Windows\System32\winmm.dll - ok
14:59:01.0533 1480 [ 10678E1B55E707861C6A3D69F3FECF9E ] C:\Windows\System32\nvapi64.dll
14:59:01.0533 1480 C:\Windows\System32\nvapi64.dll - ok
14:59:01.0533 1480 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
14:59:01.0533 1480 C:\Windows\System32\imageres.dll - ok
14:59:01.0533 1480 [ E05CC5994838C6822E6917819EBBED75 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
14:59:01.0533 1480 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
14:59:01.0533 1480 [ D7A5E830DAD2280E83D9B8AE9C920CA7 ] C:\Windows\System32\nvsvcr.dll
14:59:01.0533 1480 C:\Windows\System32\nvsvcr.dll - ok
14:59:01.0549 1480 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
14:59:01.0549 1480 C:\Windows\System32\taskcomp.dll - ok
14:59:01.0549 1480 [ CFD315539589E6A7DD5D30EA0C7BAEF9 ] C:\Windows\System32\nvcpl.dll
14:59:01.0549 1480 C:\Windows\System32\nvcpl.dll - ok
14:59:01.0549 1480 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
14:59:01.0549 1480 C:\Windows\System32\fveapi.dll - ok
14:59:01.0549 1480 [ E7E2FB3C0B21E21C23A700B93FD6CF8A ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
14:59:01.0549 1480 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
14:59:01.0565 1480 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
14:59:01.0565 1480 C:\Windows\System32\fvecerts.dll - ok
14:59:01.0565 1480 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
14:59:01.0565 1480 C:\Windows\System32\tbs.dll - ok
14:59:01.0580 1480 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
14:59:01.0580 1480 C:\Windows\System32\wiarpc.dll - ok
14:59:01.0580 1480 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
14:59:01.0580 1480 C:\Windows\System32\drivers\bowser.sys - ok
14:59:01.0580 1480 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
14:59:01.0580 1480 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
14:59:01.0596 1480 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
14:59:01.0596 1480 C:\Windows\System32\drivers\mpsdrv.sys - ok
14:59:01.0596 1480 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
14:59:01.0596 1480 C:\Windows\System32\drivers\mrxsmb.sys - ok
14:59:01.0596 1480 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
14:59:01.0596 1480 C:\Windows\System32\winspool.drv - ok
14:59:01.0596 1480 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
14:59:01.0596 1480 C:\Windows\System32\wfapigp.dll - ok
14:59:01.0611 1480 [ 64D687189F95A0CF221ACECF04D05B30 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
14:59:01.0611 1480 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
14:59:01.0611 1480 [ 00FD84814C11788A619D4417841EEB48 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
14:59:01.0611 1480 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
14:59:01.0611 1480 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
14:59:01.0611 1480 C:\Windows\System32\drivers\mrxsmb10.sys - ok
14:59:01.0627 1480 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
14:59:01.0627 1480 C:\Windows\System32\drivers\mrxsmb20.sys - ok
14:59:01.0627 1480 [ DA1222CB9C156A33421B4A88BDEC5D8D ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
14:59:01.0627 1480 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
14:59:01.0627 1480 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:59:01.0627 1480 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
14:59:01.0627 1480 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
14:59:01.0627 1480 C:\Windows\System32\PeerDistSh.dll - ok
14:59:01.0643 1480 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
14:59:01.0643 1480 C:\Windows\SysWOW64\shell32.dll - ok
14:59:01.0643 1480 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
14:59:01.0643 1480 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
14:59:01.0643 1480 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
14:59:01.0643 1480 C:\Windows\System32\conhost.exe - ok
14:59:01.0658 1480 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
14:59:01.0658 1480 C:\Windows\SysWOW64\shlwapi.dll - ok
14:59:01.0658 1480 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
14:59:01.0658 1480 C:\Windows\System32\cabinet.dll - ok
14:59:01.0658 1480 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
14:59:01.0658 1480 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
14:59:01.0658 1480 [ A2494901E7226B356B8C1005C45F1C5F ] C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
14:59:01.0658 1480 C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE - ok
14:59:01.0674 1480 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
14:59:01.0674 1480 C:\Windows\SysWOW64\msi.dll - ok
14:59:01.0674 1480 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
14:59:01.0674 1480 C:\Windows\System32\wscapi.dll - ok
14:59:01.0674 1480 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
14:59:01.0674 1480 C:\Windows\System32\p2pcollab.dll - ok
14:59:01.0674 1480 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
14:59:01.0674 1480 C:\Windows\System32\fveui.dll - ok
14:59:01.0689 1480 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
14:59:01.0689 1480 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
14:59:01.0689 1480 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
14:59:01.0689 1480 C:\Windows\System32\slwga.dll - ok
14:59:01.0689 1480 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
14:59:01.0689 1480 C:\Windows\System32\sppc.dll - ok
14:59:01.0705 1480 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
14:59:01.0705 1480 C:\Windows\System32\cryptnet.dll - ok
14:59:01.0705 1480 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
14:59:01.0705 1480 C:\Windows\SysWOW64\iertutil.dll - ok
14:59:01.0705 1480 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
14:59:01.0705 1480 C:\Windows\System32\WSDApi.dll - ok
14:59:01.0705 1480 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
14:59:01.0705 1480 C:\Windows\SysWOW64\urlmon.dll - ok
14:59:01.0721 1480 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
14:59:01.0721 1480 C:\Windows\SysWOW64\wininet.dll - ok
14:59:01.0721 1480 [ 0DCF16B1449811EFA47AB52CAC84093C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:59:01.0721 1480 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
14:59:01.0721 1480 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
14:59:01.0721 1480 C:\Windows\System32\vssapi.dll - ok
14:59:01.0721 1480 [ 923BB61D913C37EAB1570F236CCDCE41 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
14:59:01.0721 1480 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
14:59:01.0736 1480 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
14:59:01.0736 1480 C:\Windows\System32\webservices.dll - ok
14:59:01.0736 1480 [ AEBDB652D9273AD61E10C5D8F51C86FB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
14:59:01.0736 1480 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
14:59:01.0736 1480 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
14:59:01.0736 1480 C:\Windows\System32\fundisc.dll - ok
14:59:01.0752 1480 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
14:59:01.0752 1480 C:\Windows\System32\vsstrace.dll - ok
14:59:01.0752 1480 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
14:59:01.0752 1480 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
14:59:01.0752 1480 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
14:59:01.0752 1480 C:\Windows\SysWOW64\nsi.dll - ok
14:59:01.0752 1480 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
14:59:01.0752 1480 C:\Windows\SysWOW64\profapi.dll - ok
14:59:01.0767 1480 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
14:59:01.0767 1480 C:\Windows\SysWOW64\userenv.dll - ok
14:59:01.0767 1480 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
14:59:01.0767 1480 C:\Windows\SysWOW64\winnsi.dll - ok
14:59:01.0767 1480 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
14:59:01.0767 1480 C:\Windows\SysWOW64\ws2_32.dll - ok
14:59:01.0767 1480 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
14:59:01.0767 1480 C:\Windows\SysWOW64\wtsapi32.dll - ok
14:59:01.0783 1480 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
14:59:01.0783 1480 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
14:59:01.0783 1480 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
14:59:01.0783 1480 C:\Windows\System32\aepic.dll - ok
14:59:01.0783 1480 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
14:59:01.0783 1480 C:\Windows\System32\dllhost.exe - ok
14:59:01.0799 1480 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
14:59:01.0799 1480 C:\Windows\System32\ncsi.dll - ok
14:59:01.0799 1480 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
14:59:01.0799 1480 C:\Windows\System32\sfc.dll - ok
14:59:01.0799 1480 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
14:59:01.0799 1480 C:\Windows\System32\sfc_os.dll - ok
14:59:01.0799 1480 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
14:59:01.0799 1480 C:\Windows\SysWOW64\cryptsp.dll - ok
14:59:01.0814 1480 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
14:59:01.0814 1480 C:\Windows\System32\drivers\PEAuth.sys - ok
14:59:01.0814 1480 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
14:59:01.0814 1480 C:\Windows\System32\webio.dll - ok
14:59:01.0814 1480 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
14:59:01.0814 1480 C:\Windows\SysWOW64\rsaenh.dll - ok
14:59:01.0814 1480 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
14:59:01.0814 1480 C:\Windows\System32\drivers\secdrv.sys - ok
14:59:01.0830 1480 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
14:59:01.0830 1480 C:\Windows\System32\ssdpapi.dll - ok
14:59:01.0830 1480 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
14:59:01.0830 1480 C:\Windows\System32\snmpapi.dll - ok
14:59:01.0830 1480 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
14:59:01.0830 1480 C:\Windows\System32\IDStore.dll - ok
14:59:01.0845 1480 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
14:59:01.0845 1480 C:\Windows\System32\taskhost.exe - ok
14:59:01.0845 1480 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
14:59:01.0845 1480 C:\Windows\System32\drivers\srvnet.sys - ok
14:59:01.0845 1480 [ 58D13B3D2CD54AFD395B7231761AF0A4 ] C:\Program Files\HitmanPro\HitmanPro.exe
14:59:01.0845 1480 C:\Program Files\HitmanPro\HitmanPro.exe - ok
14:59:01.0845 1480 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
14:59:01.0845 1480 C:\Windows\System32\drivers\tcpipreg.sys - ok
14:59:01.0861 1480 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
14:59:01.0861 1480 C:\Windows\System32\NapiNSP.dll - ok
14:59:01.0861 1480 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
14:59:01.0861 1480 C:\Windows\System32\AtBroker.exe - ok
14:59:01.0861 1480 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
14:59:01.0861 1480 C:\Windows\System32\PlaySndSrv.dll - ok
14:59:01.0861 1480 [ 83682F469A3D65E8B6F06C28212318BD ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
14:59:01.0861 1480 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe - ok
14:59:01.0877 1480 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
14:59:01.0877 1480 C:\Windows\System32\mpr.dll - ok
14:59:01.0877 1480 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
14:59:01.0877 1480 C:\Windows\System32\pnrpnsp.dll - ok
14:59:01.0877 1480 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
14:59:01.0877 1480 C:\Windows\System32\wiatrace.dll - ok
14:59:01.0892 1480 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
14:59:01.0892 1480 C:\Windows\System32\winrnr.dll - ok
14:59:01.0892 1480 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
14:59:01.0892 1480 C:\Windows\System32\rasadhlp.dll - ok
14:59:01.0892 1480 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
14:59:01.0892 1480 C:\Windows\System32\taskeng.exe - ok
14:59:01.0892 1480 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
14:59:01.0892 1480 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
14:59:01.0908 1480 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
14:59:01.0908 1480 C:\Windows\System32\userinit.exe - ok
14:59:01.0908 1480 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
14:59:01.0908 1480 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
14:59:01.0908 1480 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
14:59:01.0908 1480 C:\Windows\System32\HotStartUserAgent.dll - ok
14:59:01.0923 1480 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
14:59:01.0923 1480 C:\Windows\System32\httpapi.dll - ok
14:59:01.0923 1480 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
14:59:01.0923 1480 C:\Windows\System32\wsdchngr.dll - ok
14:59:01.0923 1480 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
14:59:01.0923 1480 C:\Windows\System32\msxml6.dll - ok
14:59:01.0923 1480 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
14:59:01.0923 1480 C:\Windows\System32\dwmredir.dll - ok
14:59:01.0939 1480 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
14:59:01.0939 1480 C:\Windows\System32\MsCtfMonitor.dll - ok
14:59:01.0939 1480 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
14:59:01.0939 1480 C:\Windows\System32\drivers\srv2.sys - ok
14:59:01.0939 1480 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
14:59:01.0939 1480 C:\Windows\System32\dwmcore.dll - ok
14:59:01.0955 1480 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
14:59:01.0955 1480 C:\Windows\System32\fdPnp.dll - ok
14:59:01.0955 1480 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
14:59:01.0955 1480 C:\Windows\System32\msutb.dll - ok
14:59:01.0955 1480 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
14:59:01.0955 1480 C:\Windows\System32\drivers\srv.sys - ok
14:59:01.0955 1480 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
14:59:01.0955 1480 C:\Windows\System32\wbemcomn.dll - ok
14:59:01.0970 1480 [ 4A0160911507281A74B4B2058CA93035 ] C:\Windows\System32\HPScanTRDrv_OJ8600.dll
14:59:01.0970 1480 C:\Windows\System32\HPScanTRDrv_OJ8600.dll - ok
14:59:01.0970 1480 [ F6FA875EB761713BE1C062A2FA2CDCB2 ] C:\Windows\System32\HPWia2_OJ8600.dll
14:59:01.0970 1480 C:\Windows\System32\HPWia2_OJ8600.dll - ok
14:59:01.0970 1480 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
14:59:01.0970 1480 C:\Windows\System32\d3d10_1.dll - ok
14:59:01.0986 1480 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
14:59:01.0986 1480 C:\Windows\System32\dbghelp.dll - ok
14:59:01.0986 1480 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
14:59:01.0986 1480 C:\Windows\System32\sqmapi.dll - ok
14:59:01.0986 1480 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
14:59:01.0986 1480 C:\Windows\System32\d3d10_1core.dll - ok
14:59:01.0986 1480 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
14:59:01.0986 1480 C:\Windows\System32\TSChannel.dll - ok
14:59:02.0001 1480 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
14:59:02.0001 1480 C:\Windows\System32\dxgi.dll - ok
14:59:02.0001 1480 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
14:59:02.0001 1480 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
14:59:02.0017 1480 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
14:59:02.0017 1480 C:\Windows\System32\wbem\fastprox.dll - ok
14:59:02.0017 1480 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
14:59:02.0017 1480 C:\Windows\System32\wdscore.dll - ok
14:59:02.0017 1480 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:59:02.0017 1480 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe - ok
14:59:02.0033 1480 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
14:59:02.0033 1480 C:\Windows\System32\ntdsapi.dll - ok
14:59:02.0033 1480 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
14:59:02.0033 1480 C:\Windows\System32\wbem\wbemprox.dll - ok
14:59:02.0048 1480 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
14:59:02.0048 1480 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
14:59:02.0064 1480 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
14:59:02.0064 1480 C:\Windows\explorer.exe - ok
14:59:02.0064 1480 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
14:59:02.0064 1480 C:\Windows\SysWOW64\msimg32.dll - ok
14:59:02.0064 1480 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
14:59:02.0064 1480 C:\Windows\SysWOW64\Faultrep.dll - ok
14:59:02.0064 1480 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
14:59:02.0064 1480 C:\Windows\SysWOW64\wer.dll - ok
14:59:02.0079 1480 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
14:59:02.0079 1480 C:\Windows\System32\netmsg.dll - ok
14:59:02.0079 1480 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
14:59:02.0079 1480 C:\Windows\System32\wbem\WinMgmtR.dll - ok
14:59:02.0079 1480 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
14:59:02.0079 1480 C:\Windows\SysWOW64\clbcatq.dll - ok
14:59:02.0079 1480 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
14:59:02.0079 1480 C:\Windows\SysWOW64\propsys.dll - ok
14:59:02.0095 1480 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
14:59:02.0095 1480 C:\Windows\System32\ExplorerFrame.dll - ok
14:59:02.0095 1480 [ 83C637BA1A2E085BFF9C1D660B7D37F9 ] C:\Windows\System32\nvwgf2umx.dll
14:59:02.0095 1480 C:\Windows\System32\nvwgf2umx.dll - ok
14:59:02.0095 1480 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
14:59:02.0095 1480 C:\Windows\System32\clusapi.dll - ok
14:59:02.0111 1480 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
14:59:02.0111 1480 C:\Windows\System32\sscore.dll - ok
14:59:02.0111 1480 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
14:59:02.0111 1480 C:\Windows\System32\netcfgx.dll - ok
14:59:02.0111 1480 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
14:59:02.0111 1480 C:\Windows\System32\resutils.dll - ok
14:59:02.0111 1480 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:59:02.0111 1480 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
14:59:02.0126 1480 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
14:59:02.0126 1480 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
14:59:02.0126 1480 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
14:59:02.0126 1480 C:\Windows\System32\hnetcfg.dll - ok
14:59:02.0126 1480 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
14:59:02.0126 1480 C:\Windows\System32\EhStorShell.dll - ok
14:59:02.0142 1480 [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
14:59:02.0142 1480 C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL - ok
14:59:02.0142 1480 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
14:59:02.0142 1480 C:\Windows\System32\wbem\wbemcore.dll - ok
14:59:02.0142 1480 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
14:59:02.0142 1480 C:\Windows\SysWOW64\netapi32.dll - ok
14:59:02.0142 1480 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
14:59:02.0142 1480 C:\Windows\SysWOW64\netutils.dll - ok
14:59:02.0157 1480 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
14:59:02.0157 1480 C:\Windows\SysWOW64\imagehlp.dll - ok
14:59:02.0157 1480 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
14:59:02.0157 1480 C:\Windows\SysWOW64\srvcli.dll - ok
14:59:02.0157 1480 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
14:59:02.0157 1480 C:\Windows\SysWOW64\wkscli.dll - ok
14:59:02.0173 1480 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
14:59:02.0173 1480 C:\Windows\System32\wbem\esscli.dll - ok
14:59:02.0173 1480 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
14:59:02.0173 1480 C:\Windows\SysWOW64\cscapi.dll - ok
14:59:02.0173 1480 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
14:59:02.0173 1480 C:\Windows\System32\wbem\wbemsvc.dll - ok
14:59:02.0173 1480 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
14:59:02.0173 1480 C:\Windows\SysWOW64\dbghelp.dll - ok
14:59:02.0189 1480 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
14:59:02.0189 1480 C:\Windows\System32\nci.dll - ok
14:59:02.0189 1480 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
14:59:02.0189 1480 C:\Windows\System32\uDWM.dll - ok
14:59:02.0189 1480 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
14:59:02.0189 1480 C:\Windows\SysWOW64\psapi.dll - ok
14:59:02.0204 1480 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
14:59:02.0204 1480 C:\Windows\System32\wbem\wmiutils.dll - ok
14:59:02.0204 1480 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
14:59:02.0204 1480 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
14:59:02.0204 1480 [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe
14:59:02.0204 1480 C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe - ok
14:59:02.0220 1480 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
14:59:02.0220 1480 C:\Windows\System32\wbem\repdrvfs.dll - ok
14:59:02.0220 1480 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
14:59:02.0220 1480 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
14:59:02.0220 1480 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
14:59:02.0220 1480 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
14:59:02.0220 1480 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
14:59:02.0220 1480 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
14:59:02.0235 1480 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
14:59:02.0235 1480 C:\Windows\SysWOW64\sxs.dll - ok
14:59:02.0251 1480 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
14:59:02.0251 1480 C:\Windows\SysWOW64\apphelp.dll - ok
14:59:02.0251 1480 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
14:59:02.0251 1480 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
14:59:02.0251 1480 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
14:59:02.0251 1480 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
14:59:02.0267 1480 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
14:59:02.0267 1480 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
14:59:02.0267 1480 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
14:59:02.0267 1480 C:\Windows\SysWOW64\wbemcomn.dll - ok
14:59:02.0267 1480 [ 1C350B12A71B2AC5947AFB20E235513A ] C:\PROGRA~1\MICROS~4\Office14\1031\GrooveIntlResource.dll
14:59:02.0267 1480 C:\PROGRA~1\MICROS~4\Office14\1031\GrooveIntlResource.dll - ok
14:59:02.0282 1480 [ AC261B61E9F38180EECD0B3CFB2596B5 ] C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
14:59:02.0282 1480 C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe - ok
14:59:02.0282 1480 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
14:59:02.0282 1480 C:\Windows\System32\ncobjapi.dll - ok
14:59:02.0282 1480 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
14:59:02.0282 1480 C:\Windows\System32\wbem\wbemess.dll - ok
14:59:02.0282 1480 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
14:59:02.0282 1480 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
14:59:02.0298 1480 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
14:59:02.0298 1480 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
14:59:02.0298 1480 [ F6CC2FD47787F6E7045D544E1B568458 ] C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
14:59:02.0298 1480 C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe - ok
14:59:02.0298 1480 [ A23945FF122DCD5570FE2D135B8F0A10 ] C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
14:59:02.0298 1480 C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe - ok
14:59:02.0313 1480 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
14:59:02.0313 1480 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
14:59:02.0313 1480 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
14:59:02.0313 1480 C:\Windows\System32\cscdll.dll - ok
14:59:02.0313 1480 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
14:59:02.0313 1480 C:\Windows\System32\cscui.dll - ok
14:59:02.0313 1480 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
14:59:02.0313 1480 C:\Windows\System32\pdh.dll - ok
14:59:02.0329 1480 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
14:59:02.0329 1480 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
14:59:02.0329 1480 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
14:59:02.0329 1480 C:\Windows\System32\cscapi.dll - ok
14:59:02.0329 1480 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
14:59:02.0329 1480 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
14:59:02.0345 1480 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
14:59:02.0345 1480 C:\Windows\System32\ntshrui.dll - ok
14:59:02.0345 1480 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
14:59:02.0345 1480 C:\Windows\SysWOW64\ntdsapi.dll - ok
14:59:02.0345 1480 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
14:59:02.0345 1480 C:\Windows\SysWOW64\uxtheme.dll - ok
14:59:02.0345 1480 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
14:59:02.0345 1480 C:\Windows\System32\IconCodecService.dll - ok
14:59:02.0360 1480 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
14:59:02.0360 1480 C:\Windows\System32\wbem\NCProv.dll - ok
14:59:02.0360 1480 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
14:59:02.0360 1480 C:\Windows\System32\runonce.exe - ok
14:59:02.0360 1480 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
14:59:02.0360 1480 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
14:59:02.0376 1480 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
14:59:02.0376 1480 C:\Windows\System32\wuapi.dll - ok
14:59:02.0376 1480 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
14:59:02.0376 1480 C:\Windows\System32\aeevts.dll - ok
14:59:02.0376 1480 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
14:59:02.0376 1480 C:\Windows\System32\wups.dll - ok
14:59:02.0376 1480 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
14:59:02.0376 1480 C:\Windows\SysWOW64\runonce.exe - ok
14:59:02.0391 1480 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
14:59:02.0391 1480 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
14:59:02.0391 1480 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
14:59:02.0391 1480 C:\Windows\System32\perftrack.dll - ok
14:59:02.0391 1480 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
14:59:02.0391 1480 C:\Windows\System32\wer.dll - ok
14:59:02.0407 1480 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
14:59:02.0407 1480 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
14:59:02.0407 1480 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
14:59:02.0407 1480 C:\Windows\System32\npmproxy.dll - ok
14:59:02.0407 1480 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
14:59:02.0407 1480 C:\Windows\System32\umb.dll - ok
14:59:02.0423 1480 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
14:59:02.0423 1480 C:\Windows\System32\diagperf.dll - ok
14:59:02.0423 1480 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
14:59:02.0423 1480 C:\Windows\System32\localspl.dll - ok
14:59:02.0423 1480 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] D:\PROGRA~1\Office\Office14\GROOVEEX.DLL
14:59:02.0423 1480 D:\PROGRA~1\Office\Office14\GROOVEEX.DLL - ok
14:59:02.0423 1480 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
14:59:02.0423 1480 C:\Windows\System32\icm32.dll - ok
14:59:02.0438 1480 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
14:59:02.0438 1480 C:\Windows\System32\spoolss.dll - ok
14:59:02.0438 1480 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
14:59:02.0438 1480 C:\Windows\System32\pnpts.dll - ok
14:59:02.0438 1480 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
14:59:02.0438 1480 C:\Windows\System32\radardt.dll - ok
14:59:02.0454 1480 [ 488256C0AFA4D9C1CB3084C2956288DF ] C:\Windows\System32\CNMLMAH.DLL
14:59:02.0454 1480 C:\Windows\System32\CNMLMAH.DLL - ok
14:59:02.0454 1480 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
14:59:02.0454 1480 C:\Windows\System32\PrintIsolationProxy.dll - ok
14:59:02.0454 1480 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
14:59:02.0454 1480 C:\Windows\System32\wdiasqmmodule.dll - ok
14:59:02.0454 1480 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
14:59:02.0454 1480 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
14:59:02.0469 1480 [ 2490423CB5B228E337F1E14E3F9B6310 ] C:\Windows\System32\CNMXLMAH.DLL
14:59:02.0469 1480 C:\Windows\System32\CNMXLMAH.DLL - ok
14:59:02.0469 1480 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
14:59:02.0469 1480 C:\Windows\System32\riched20.dll - ok
14:59:02.0469 1480 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
14:59:02.0469 1480 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
14:59:02.0485 1480 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
14:59:02.0485 1480 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
14:59:02.0485 1480 [ C68646093AB79AC5D794E5CED965BAE7 ] C:\Windows\System32\wow64mib.dll
14:59:02.0485 1480 C:\Windows\System32\wow64mib.dll - ok
14:59:02.0485 1480 [ F24F083224944042B1F3CF5B7A1BA1EE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\gapaengine.dll
14:59:02.0485 1480 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\gapaengine.dll - ok
14:59:02.0501 1480 [ BB3A49A23E53107D692F0D736473CEFE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\nisfull.vdm
14:59:02.0501 1480 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\nisfull.vdm - ok
14:59:02.0501 1480 [ A14F896D4E5314E4E8732F894661F03B ] C:\Windows\System32\CNMN6PPM.DLL
14:59:02.0501 1480 C:\Windows\System32\CNMN6PPM.DLL - ok
14:59:02.0501 1480 [ 8F5171C837E64FF0AC48F0A29DD9E180 ] C:\Windows\SysWOW64\snmp.exe
14:59:02.0501 1480 C:\Windows\SysWOW64\snmp.exe - ok
14:59:02.0501 1480 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
14:59:02.0501 1480 C:\Windows\System32\Apphlpdm.dll - ok
14:59:02.0516 1480 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
14:59:02.0516 1480 C:\Windows\System32\PortableDeviceApi.dll - ok
14:59:02.0516 1480 [ D1E42B22C1E33CF752E23AFC32F89675 ] C:\Windows\System32\hpinksts5912LM.dll
14:59:02.0516 1480 C:\Windows\System32\hpinksts5912LM.dll - ok
14:59:02.0516 1480 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
14:59:02.0516 1480 C:\Windows\System32\SensApi.dll - ok
14:59:02.0532 1480 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
14:59:02.0532 1480 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
14:59:02.0532 1480 [ ACFD0B03F25EF6C7666A7F634CD86C14 ] C:\Windows\System32\HPDiscoPM5912.dll
14:59:02.0532 1480 C:\Windows\System32\HPDiscoPM5912.dll - ok
14:59:02.0532 1480 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
14:59:02.0532 1480 C:\Windows\SysWOW64\snmpapi.dll - ok
14:59:02.0547 1480 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
14:59:02.0547 1480 C:\Windows\System32\wsnmp32.dll - ok
14:59:02.0547 1480 [ D0B8B51B89AC0640AC069403B4800787 ] C:\Windows\SysWOW64\Rcontrolagent.dll
14:59:02.0547 1480 C:\Windows\SysWOW64\Rcontrolagent.dll - ok
14:59:02.0547 1480 [ 81DD18FC6EBDE4AB7D5698EC2DF3F9E1 ] C:\Windows\SysWOW64\CmosDLL.dll
14:59:02.0547 1480 C:\Windows\SysWOW64\CmosDLL.dll - ok
14:59:02.0547 1480 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
14:59:02.0547 1480 C:\Windows\System32\drivers\WUDFRd.sys - ok
14:59:02.0563 1480 [ 00EF572A5B9216630F874B6122E54117 ] C:\Windows\SysWOW64\ycc.dll
14:59:02.0563 1480 C:\Windows\SysWOW64\ycc.dll - ok
14:59:02.0563 1480 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
14:59:02.0563 1480 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
14:59:02.0563 1480 [ 4412705F7FD88AACB1DAD2ED321C3328 ] C:\Windows\gdrv.sys
14:59:02.0563 1480 C:\Windows\gdrv.sys - ok
14:59:02.0579 1480 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
14:59:02.0579 1480 C:\Windows\System32\FXSMON.dll - ok
14:59:02.0594 1480 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
14:59:02.0594 1480 C:\Windows\System32\WUDFHost.exe - ok
14:59:02.0594 1480 [ AB89D70762C6A5E4803EDA057622EB98 ] C:\Windows\System32\pdfcmon.dll
14:59:02.0594 1480 C:\Windows\System32\pdfcmon.dll - ok
14:59:02.0594 1480 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
14:59:02.0594 1480 C:\Windows\System32\tcpmon.dll - ok
14:59:02.0594 1480 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
14:59:02.0594 1480 C:\Windows\SysWOW64\secur32.dll - ok
14:59:02.0610 1480 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
14:59:02.0610 1480 C:\Windows\System32\usbmon.dll - ok
14:59:02.0610 1480 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
14:59:02.0610 1480 C:\Windows\System32\WSDMon.dll - ok
14:59:02.0610 1480 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
14:59:02.0610 1480 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
14:59:02.0625 1480 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
14:59:02.0625 1480 C:\Windows\System32\spp.dll - ok
14:59:02.0625 1480 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
14:59:02.0625 1480 C:\Windows\System32\srclient.dll - ok
14:59:02.0625 1480 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
14:59:02.0625 1480 C:\Windows\System32\win32spl.dll - ok
14:59:02.0641 1480 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
14:59:02.0641 1480 C:\Windows\System32\inetpp.dll - ok
14:59:02.0641 1480 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
14:59:02.0641 1480 C:\Windows\System32\WUDFx.dll - ok
14:59:02.0641 1480 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
14:59:02.0641 1480 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
14:59:02.0657 1480 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
14:59:02.0657 1480 C:\Windows\System32\WMVCORE.DLL - ok
14:59:02.0657 1480 [ 44F92C1F913E582BEF9CAC66443C6230 ] C:\Windows\System32\drivers\hitmanpro36.sys
14:59:02.0657 1480 C:\Windows\System32\drivers\hitmanpro36.sys - ok
14:59:02.0657 1480 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
14:59:02.0657 1480 C:\Windows\System32\tdh.dll - ok
14:59:02.0657 1480 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
14:59:02.0657 1480 C:\Windows\System32\dssenh.dll - ok
14:59:02.0672 1480 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
14:59:02.0672 1480 C:\Windows\System32\WMASF.DLL - ok
14:59:02.0672 1480 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
14:59:02.0672 1480 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
14:59:02.0672 1480 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
14:59:02.0672 1480 C:\Windows\System32\dimsjob.dll - ok
14:59:02.0688 1480 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
14:59:02.0688 1480 C:\Windows\System32\PortableDeviceTypes.dll - ok
14:59:02.0688 1480 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
14:59:02.0688 1480 C:\Windows\System32\pnidui.dll - ok
14:59:02.0688 1480 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
14:59:02.0688 1480 C:\Windows\System32\pautoenr.dll - ok
14:59:02.0703 1480 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
14:59:02.0703 1480 C:\Windows\System32\wmp.dll - ok
14:59:02.0703 1480 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
14:59:02.0703 1480 C:\Windows\System32\certcli.dll - ok
14:59:02.0703 1480 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
14:59:02.0703 1480 C:\Windows\System32\CertEnroll.dll - ok
14:59:02.0703 1480 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
14:59:02.0703 1480 C:\Windows\SysWOW64\cmd.exe - ok
14:59:02.0719 1480 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
14:59:02.0719 1480 C:\Windows\System32\drivers\nwifi.sys - ok
14:59:02.0719 1480 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
14:59:02.0719 1480 C:\Windows\SysWOW64\winbrand.dll - ok
14:59:02.0719 1480 [ 8A4FC52B98E8CA135B90008FFB979C2A ] C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll
14:59:02.0719 1480 C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
14:59:02.0735 1480 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
14:59:02.0735 1480 C:\Windows\System32\esent.dll - ok
14:59:02.0735 1480 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
14:59:02.0735 1480 C:\Windows\System32\wscisvif.dll - ok
14:59:02.0735 1480 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
14:59:02.0735 1480 C:\Windows\System32\wscproxystub.dll - ok
14:59:02.0750 1480 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
14:59:02.0750 1480 C:\Windows\SysWOW64\ieframe.dll - ok
14:59:02.0750 1480 [ 65728F2E5892603FEB016BED03F35576 ] C:\Program Files (x86)\Hardcopy\hardcopy_04.dll
14:59:02.0750 1480 C:\Program Files (x86)\Hardcopy\hardcopy_04.dll - ok
14:59:02.0750 1480 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
14:59:02.0750 1480 C:\Windows\SysWOW64\oleacc.dll - ok
14:59:02.0750 1480 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
14:59:02.0750 1480 C:\Windows\SysWOW64\dwmapi.dll - ok
14:59:02.0781 1480 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
14:59:02.0781 1480 C:\Windows\SysWOW64\shdocvw.dll - ok
14:59:02.0781 1480 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
14:59:02.0781 1480 C:\Windows\SysWOW64\mstask.dll - ok
14:59:02.0797 1480 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
14:59:02.0797 1480 C:\Windows\System32\CertPolEng.dll - ok
14:59:02.0797 1480 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
14:59:02.0797 1480 C:\Program Files\Windows Defender\MpClient.dll - ok
14:59:02.0797 1480 [ 03315AF1930A7E67EDAEF80FA8CF62AC ] C:\Windows\System32\spool\drivers\x64\3\fpgraph6.dll
14:59:02.0797 1480 C:\Windows\System32\spool\drivers\x64\3\fpgraph6.dll - ok
14:59:02.0813 1480 [ 9B799C2D73A9BC4ED8213A6FC664BB52 ] C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll
14:59:02.0813 1480 C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll - ok
14:59:02.0813 1480 [ 02D0097DF8ED69715E38CBB212076BA8 ] C:\Windows\System32\spool\drivers\x64\3\fpinter6.dll
14:59:02.0813 1480 C:\Windows\System32\spool\drivers\x64\3\fpinter6.dll - ok
14:59:02.0813 1480 [ 549051F73B6B43EB988AA36C86663642 ] C:\Windows\System32\spool\drivers\x64\3\fpres6-x64.dll
14:59:02.0813 1480 C:\Windows\System32\spool\drivers\x64\3\fpres6-x64.dll - ok
14:59:02.0828 1480 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
14:59:02.0828 1480 C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
14:59:02.0828 1480 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\Users\Berni\AppData\Local\Temp\A183762A-EE30-41DE-9D9C-FCA2EAEEFC90.exe
14:59:02.0828 1480 C:\Users\Berni\AppData\Local\Temp\A183762A-EE30-41DE-9D9C-FCA2EAEEFC90.exe - ok
14:59:02.0828 1480 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
14:59:02.0828 1480 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
14:59:02.0844 1480 [ A7B7C0B0A9CBA84CA1F94FEE32A20E45 ] C:\Windows\System32\spool\drivers\x64\3\hpvplui06.dll
14:59:02.0844 1480 C:\Windows\System32\spool\drivers\x64\3\hpvplui06.dll - ok
14:59:02.0844 1480 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
14:59:02.0844 1480 C:\Windows\SysWOW64\bcrypt.dll - ok
14:59:02.0844 1480 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
14:59:02.0844 1480 C:\Windows\SysWOW64\ncrypt.dll - ok
14:59:02.0844 1480 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
14:59:02.0844 1480 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
14:59:02.0859 1480 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
14:59:02.0859 1480 C:\Windows\SysWOW64\gpapi.dll - ok
14:59:02.0859 1480 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
14:59:02.0859 1480 C:\Windows\SysWOW64\cryptnet.dll - ok
14:59:02.0859 1480 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
14:59:02.0859 1480 C:\Windows\SysWOW64\SensApi.dll - ok
14:59:02.0875 1480 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
14:59:02.0875 1480 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
14:59:02.0875 1480 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
14:59:02.0875 1480 C:\Windows\SysWOW64\EhStorShell.dll - ok
14:59:02.0875 1480 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
14:59:02.0875 1480 C:\Windows\System32\ieframe.dll - ok
14:59:02.0875 1480 [ 39C1BE32A5CBE96A70EB883CCDF3206A ] D:\PROGRA~1\Office\Office14\1031\GrooveIntlResource.dll
14:59:02.0875 1480 D:\PROGRA~1\Office\Office14\1031\GrooveIntlResource.dll - ok
14:59:02.0891 1480 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
14:59:02.0891 1480 C:\Windows\SysWOW64\ntshrui.dll - ok
14:59:02.0891 1480 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
14:59:02.0891 1480 C:\Windows\SysWOW64\imageres.dll - ok
14:59:02.0891 1480 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
14:59:02.0891 1480 C:\Windows\SysWOW64\slc.dll - ok
14:59:02.0906 1480 [ A8041267569A2154908446D47A19A765 ] C:\Program Files (x86)\Real\RealPlayer\lang\upgrade_de.dll
|
|
16.10.2012, 07:14
| #8 |
| | Redirekt Virus TDDSKiller Teil 3: Code:
ATTFilter 14:59:02.0906 1480 C:\Program Files (x86)\Real\RealPlayer\lang\upgrade_de.dll - ok
14:59:02.0906 1480 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
14:59:02.0906 1480 C:\Windows\System32\mlang.dll - ok
14:59:02.0906 1480 [ F9E79E59A6A5C800BCE9665C1A6A683B ] C:\Windows\SysWOW64\DTInfo.dll
14:59:02.0906 1480 C:\Windows\SysWOW64\DTInfo.dll - ok
14:59:02.0906 1480 [ 5CD04789803F302A34D4F1766438600D ] C:\Windows\SysWOW64\SInfo.dll
14:59:02.0906 1480 C:\Windows\SysWOW64\SInfo.dll - ok
14:59:02.0922 1480 [ 6AF4D30F6A59AAB460D545559F854D0D ] C:\Windows\SysWOW64\DrvInfo.dll
14:59:02.0922 1480 C:\Windows\SysWOW64\DrvInfo.dll - ok
14:59:02.0922 1480 [ E909AC1AC5DE25F7BCCD3DC87C3590BA ] C:\Windows\SysWOW64\HwInfo.dll
14:59:02.0922 1480 C:\Windows\SysWOW64\HwInfo.dll - ok
14:59:02.0922 1480 [ 42D0F87E5D1D5CC779FA6E29C83A4CB6 ] C:\Windows\SysWOW64\IOInfo.dll
14:59:02.0922 1480 C:\Windows\SysWOW64\IOInfo.dll - ok
14:59:02.0937 1480 [ 102CC4DF4DA1ED1F49005F227F5942B8 ] C:\Windows\SysWOW64\SysConfig.dll
14:59:02.0937 1480 C:\Windows\SysWOW64\SysConfig.dll - ok
14:59:02.0937 1480 [ 85B7C54D43F4192A8EB6D2DB9205AB6D ] C:\Windows\SysWOW64\FLASHFUN.DLL
14:59:02.0937 1480 C:\Windows\SysWOW64\FLASHFUN.DLL - ok
14:59:02.0937 1480 [ 79B704AD04F37ADE516FD932E57DCBF7 ] C:\Windows\SysWOW64\MarkFunDrv.dll
14:59:02.0937 1480 C:\Windows\SysWOW64\MarkFunDrv.dll - ok
14:59:02.0937 1480 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
14:59:02.0937 1480 C:\Windows\SysWOW64\winmm.dll - ok
14:59:02.0953 1480 [ 00D92AD35D38DDC5776D9B401555B76D ] C:\Windows\SysWOW64\MARKFUN.A64
14:59:02.0953 1480 C:\Windows\SysWOW64\MARKFUN.A64 - ok
14:59:02.0953 1480 [ BB95007D5FB4C3AECB885A0040066F60 ] C:\Windows\SysWOW64\DeviceID.dll
14:59:02.0953 1480 C:\Windows\SysWOW64\DeviceID.dll - ok
14:59:02.0953 1480 [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\SysWOW64\vdmdbg.dll
14:59:02.0953 1480 C:\Windows\SysWOW64\vdmdbg.dll - ok
14:59:02.0953 1480 [ C2A12B061F591E093E3FD99D75811398 ] C:\Windows\SysWOW64\imaadp32.acm
14:59:02.0953 1480 C:\Windows\SysWOW64\imaadp32.acm - ok
14:59:02.0969 1480 [ BF3D6F7D929E018703BE2D4556DD679A ] C:\Windows\SysWOW64\msg711.acm
14:59:02.0969 1480 C:\Windows\SysWOW64\msg711.acm - ok
14:59:02.0969 1480 [ AE796D3FD1C69CE62BB6AFACDFB950AA ] C:\Windows\SysWOW64\msgsm32.acm
14:59:02.0969 1480 C:\Windows\SysWOW64\msgsm32.acm - ok
14:59:02.0969 1480 [ 55663BED58AEDDE8ADE37A582CD8380C ] C:\Windows\SysWOW64\iyuv_32.dll
14:59:02.0969 1480 C:\Windows\SysWOW64\iyuv_32.dll - ok
14:59:02.0969 1480 [ 8EE566982477BC5886FE622CEBEE9C86 ] C:\Windows\SysWOW64\msadp32.acm
14:59:02.0969 1480 C:\Windows\SysWOW64\msadp32.acm - ok
14:59:02.0969 1480 [ 04FAE971A77E76B3F4EF44053AEE0905 ] C:\Windows\SysWOW64\msrle32.dll
14:59:02.0969 1480 C:\Windows\SysWOW64\msrle32.dll - ok
14:59:02.0984 1480 [ 45DC6C69CE5759666EC758BAD657B040 ] C:\Windows\SysWOW64\msvidc32.dll
14:59:02.0984 1480 C:\Windows\SysWOW64\msvidc32.dll - ok
14:59:02.0984 1480 [ D30117DB43F48C4DBA9B41C08156A339 ] C:\Windows\SysWOW64\msyuv.dll
14:59:02.0984 1480 C:\Windows\SysWOW64\msyuv.dll - ok
14:59:02.0984 1480 [ 665AAD05AEE9E37A7A9BAEDCAC775989 ] C:\Windows\SysWOW64\tsbyuv.dll
14:59:02.0984 1480 C:\Windows\SysWOW64\tsbyuv.dll - ok
14:59:02.0984 1480 [ 1DE21EC4A2232FF4F5298ADCAE7B3690 ] C:\Windows\SysWOW64\iccvid.dll
14:59:02.0984 1480 C:\Windows\SysWOW64\iccvid.dll - ok
14:59:03.0000 1480 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
14:59:03.0000 1480 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
14:59:03.0000 1480 [ F42E95BFB193754E9148DB6434D2E88E ] C:\Windows\SysWOW64\DivX.dll
14:59:03.0000 1480 C:\Windows\SysWOW64\DivX.dll - ok
14:59:03.0000 1480 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
14:59:03.0000 1480 C:\Windows\SysWOW64\mswsock.dll - ok
14:59:03.0015 1480 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
14:59:03.0015 1480 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
14:59:03.0015 1480 [ C8583B9B516356994DFD49853DE54968 ] C:\Windows\SysWOW64\HWAgent.dll
14:59:03.0015 1480 C:\Windows\SysWOW64\HWAgent.dll - ok
14:59:03.0015 1480 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
14:59:03.0015 1480 C:\Windows\SysWOW64\comdlg32.dll - ok
14:59:03.0031 1480 [ BCB0E9064F3473E5DAC9DC07D52C9BBB ] C:\Windows\SysWOW64\HWM.dll
14:59:03.0031 1480 C:\Windows\SysWOW64\HWM.dll - ok
14:59:03.0031 1480 [ CF2C95D5FF3E37A535D0C9F2E7A1E0A2 ] C:\Windows\System32\evntagnt.dll
14:59:03.0031 1480 C:\Windows\System32\evntagnt.dll - ok
14:59:03.0031 1480 [ 85C81F2367126BAD531C86998CB4418A ] C:\Windows\System32\hostmib.dll
14:59:03.0031 1480 C:\Windows\System32\hostmib.dll - ok
14:59:03.0031 1480 [ 90CC31E54E79E9E5800FFF3CCF2FC5DB ] C:\Windows\System32\inetmib1.dll
14:59:03.0031 1480 C:\Windows\System32\inetmib1.dll - ok
14:59:03.0047 1480 [ C55A9A7FDDDD58347F320E08BBA76FD3 ] C:\Windows\System32\snmpmib.dll
14:59:03.0047 1480 C:\Windows\System32\snmpmib.dll - ok
14:59:03.0047 1480 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
14:59:03.0047 1480 C:\Windows\System32\wsock32.dll - ok
14:59:03.0047 1480 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
14:59:03.0047 1480 C:\Windows\System32\perfos.dll - ok
14:59:03.0047 1480 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
14:59:03.0047 1480 C:\Windows\System32\drivers\fastfat.sys - ok
14:59:03.0078 1480 [ F19848A4B795A634CA5492C3E557C6A1 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
14:59:03.0078 1480 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
14:59:03.0078 1480 [ 315CE3F09A3E945A50B1F412CAAE5F14 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
14:59:03.0078 1480 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
14:59:03.0078 1480 [ D73BA2C3C8F2C356711B6E1F965378EC ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
14:59:03.0078 1480 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
14:59:03.0093 1480 [ 46343C27DDE447AB34E2187F782DDE47 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
14:59:03.0093 1480 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
14:59:03.0109 1480 [ 72FC3F6DC1A96F13A62BA34B15C532B6 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
14:59:03.0109 1480 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
14:59:03.0109 1480 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
14:59:03.0109 1480 C:\Windows\System32\browcli.dll - ok
14:59:03.0109 1480 [ 2693448F9BE4CE1809188495D1D711E1 ] C:\Windows\System32\lmmib2.dll
14:59:03.0109 1480 C:\Windows\System32\lmmib2.dll - ok
14:59:03.0125 1480 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
14:59:03.0125 1480 C:\Windows\System32\netshell.dll - ok
14:59:03.0125 1480 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
14:59:03.0125 1480 C:\Windows\System32\rasdlg.dll - ok
14:59:03.0125 1480 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
14:59:03.0125 1480 C:\Windows\System32\mprapi.dll - ok
14:59:03.0140 1480 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
14:59:03.0140 1480 C:\Windows\SysWOW64\sfc.dll - ok
14:59:03.0140 1480 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
14:59:03.0140 1480 C:\Windows\SysWOW64\sfc_os.dll - ok
14:59:03.0140 1480 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
14:59:03.0140 1480 C:\Windows\SysWOW64\mpr.dll - ok
14:59:03.0140 1480 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
14:59:03.0140 1480 C:\Windows\SysWOW64\winhttp.dll - ok
14:59:03.0156 1480 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
14:59:03.0156 1480 C:\Windows\System32\wmploc.DLL - ok
14:59:03.0156 1480 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
14:59:03.0156 1480 C:\Windows\SysWOW64\webio.dll - ok
14:59:03.0156 1480 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
14:59:03.0156 1480 C:\Windows\System32\themeui.dll - ok
14:59:03.0171 1480 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
14:59:03.0171 1480 C:\Windows\System32\ie4uinit.exe - ok
14:59:03.0171 1480 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
14:59:03.0171 1480 C:\Windows\System32\iedkcs32.dll - ok
14:59:03.0171 1480 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
14:59:03.0171 1480 C:\Windows\SysWOW64\credssp.dll - ok
14:59:03.0171 1480 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
14:59:03.0171 1480 C:\Windows\SysWOW64\dnsapi.dll - ok
14:59:03.0187 1480 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
14:59:03.0187 1480 C:\Windows\SysWOW64\rasadhlp.dll - ok
14:59:03.0187 1480 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
14:59:03.0187 1480 C:\Windows\SysWOW64\wship6.dll - ok
14:59:03.0187 1480 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
14:59:03.0187 1480 C:\Windows\System32\timedate.cpl - ok
14:59:03.0187 1480 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
14:59:03.0187 1480 C:\Windows\System32\actxprxy.dll - ok
14:59:03.0203 1480 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
14:59:03.0203 1480 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
14:59:03.0203 1480 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
14:59:03.0203 1480 C:\Windows\System32\shdocvw.dll - ok
14:59:03.0203 1480 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
14:59:03.0203 1480 C:\Windows\System32\msiltcfg.dll - ok
14:59:03.0203 1480 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
14:59:03.0203 1480 C:\Windows\System32\msi.dll - ok
14:59:03.0218 1480 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
14:59:03.0218 1480 C:\Windows\System32\linkinfo.dll - ok
14:59:03.0218 1480 [ B795E6138E29A37508285FC31E92BD78 ] C:\Windows\System32\DisplaySwitch.exe
14:59:03.0218 1480 C:\Windows\System32\DisplaySwitch.exe - ok
14:59:03.0218 1480 [ 98F1C94E108DF0811CC5EF098ECFB842 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
14:59:03.0218 1480 C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
14:59:03.0218 1480 [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\Windows\System32\mblctr.exe
14:59:03.0218 1480 C:\Windows\System32\mblctr.exe - ok
14:59:03.0234 1480 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\51161750.sys
14:59:03.0234 1480 C:\Windows\System32\drivers\51161750.sys - ok
14:59:03.0234 1480 [ 47CC4EE5C9D98DC4F03FCD77DF8DF176 ] C:\Windows\System32\NetProjW.dll
14:59:03.0234 1480 C:\Windows\System32\NetProjW.dll - ok
14:59:03.0234 1480 [ C7301A1D3DB09DE86528D9D916069859 ] C:\Windows\System32\dfrgui.exe
14:59:03.0234 1480 C:\Windows\System32\dfrgui.exe - ok
14:59:03.0249 1480 [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
14:59:03.0249 1480 C:\Windows\System32\SoundRecorder.exe - ok
14:59:03.0249 1480 [ 6E26EE228F60D75C732D209688FB546C ] C:\Windows\System32\wdc.dll
14:59:03.0249 1480 C:\Windows\System32\wdc.dll - ok
14:59:03.0249 1480 [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Windows\System32\msinfo32.exe
14:59:03.0249 1480 C:\Windows\System32\msinfo32.exe - ok
14:59:03.0249 1480 [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\Windows\System32\rstrui.exe
14:59:03.0249 1480 C:\Windows\System32\rstrui.exe - ok
14:59:03.0265 1480 [ 51D186B582C905E49D84B70322F70B21 ] C:\Windows\System32\miguiresource.dll
14:59:03.0265 1480 C:\Windows\System32\miguiresource.dll - ok
14:59:03.0265 1480 [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\Windows\System32\migwiz\wet.dll
14:59:03.0265 1480 C:\Windows\System32\migwiz\wet.dll - ok
14:59:03.0265 1480 [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
14:59:03.0265 1480 C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
14:59:03.0265 1480 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
14:59:03.0265 1480 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
14:59:03.0281 1480 [ 1C09858449980D64577E377EB262C9D7 ] C:\Program Files\Windows Journal\Journal.exe
14:59:03.0281 1480 C:\Program Files\Windows Journal\Journal.exe - ok
14:59:03.0281 1480 [ 06A6FE79BD96C7FEF7322AFE5B45FFFF ] C:\Windows\System32\mycomput.dll
14:59:03.0281 1480 C:\Windows\System32\mycomput.dll - ok
14:59:03.0281 1480 [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
14:59:03.0281 1480 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
14:59:03.0296 1480 [ B9CE8CF2FF2D5EAFFDBAA340E7B385A5 ] C:\Windows\System32\iscsicpl.dll
14:59:03.0296 1480 C:\Windows\System32\iscsicpl.dll - ok
14:59:03.0296 1480 [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
14:59:03.0296 1480 C:\Windows\System32\MdSched.exe - ok
14:59:03.0296 1480 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
14:59:03.0296 1480 C:\Windows\System32\odbcint.dll - ok
14:59:03.0296 1480 [ 279AC1AD3CBD3980D5517924A7CBFCE2 ] C:\Windows\System32\pmcsnap.dll
14:59:03.0296 1480 C:\Windows\System32\pmcsnap.dll - ok
14:59:03.0312 1480 [ 1BCA343802DB1682A6C61FEB1C064B20 ] C:\Windows\System32\wsecedit.dll
14:59:03.0312 1480 C:\Windows\System32\wsecedit.dll - ok
14:59:03.0312 1480 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
14:59:03.0312 1480 C:\Windows\SysWOW64\riched20.dll - ok
14:59:03.0312 1480 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
14:59:03.0312 1480 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
14:59:03.0312 1480 [ DE038C40F3033EDA732655FA42DCBD18 ] C:\Windows\System32\filemgmt.dll
14:59:03.0312 1480 C:\Windows\System32\filemgmt.dll - ok
14:59:03.0327 1480 [ 11F174ED2050121C394C17B4F7B69983 ] C:\Windows\System32\AuthFWGP.dll
14:59:03.0327 1480 C:\Windows\System32\AuthFWGP.dll - ok
14:59:03.0327 1480 [ E19D102BAF266F34592F7C742FBFA886 ] C:\Windows\System32\msconfig.exe
14:59:03.0327 1480 C:\Windows\System32\msconfig.exe - ok
14:59:03.0327 1480 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
14:59:03.0327 1480 C:\Windows\SysWOW64\dui70.dll - ok
14:59:03.0327 1480 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
14:59:03.0327 1480 C:\Windows\SysWOW64\duser.dll - ok
14:59:03.0343 1480 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
14:59:03.0343 1480 C:\Windows\System32\gameux.dll - ok
14:59:03.0343 1480 [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\Windows\System32\msra.exe
14:59:03.0343 1480 C:\Windows\System32\msra.exe - ok
14:59:03.0343 1480 [ F3B306179F1840C0813DC6771B018358 ] C:\Windows\System32\recdisc.exe
14:59:03.0343 1480 C:\Windows\System32\recdisc.exe - ok
14:59:03.0359 1480 [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
14:59:03.0359 1480 C:\Program Files\DVD Maker\DVDMaker.exe - ok
14:59:03.0359 1480 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
14:59:03.0359 1480 C:\Windows\System32\msftedit.dll - ok
14:59:03.0359 1480 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
14:59:03.0359 1480 C:\Windows\System32\msls31.dll - ok
14:59:03.0359 1480 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
14:59:03.0359 1480 C:\Windows\System32\DeviceCenter.dll - ok
14:59:03.0374 1480 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
14:59:03.0374 1480 C:\Windows\System32\thumbcache.dll - ok
14:59:03.0374 1480 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
14:59:03.0374 1480 C:\Windows\System32\networkexplorer.dll - ok
14:59:03.0374 1480 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
14:59:03.0374 1480 C:\Windows\System32\UIAnimation.dll - ok
14:59:03.0374 1480 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
14:59:03.0374 1480 C:\Program Files\Microsoft Security Client\msseces.exe - ok
14:59:03.0390 1480 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
14:59:03.0390 1480 C:\Windows\System32\wdmaud.drv - ok
14:59:03.0390 1480 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
14:59:03.0390 1480 C:\Windows\System32\ksuser.dll - ok
14:59:03.0390 1480 [ 834A309C2FDF52FC09353F348CFE1235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:59:03.0390 1480 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
14:59:03.0405 1480 [ 1315C5C5C54CE2AA37A155F97027DB59 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
14:59:03.0405 1480 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
14:59:03.0405 1480 [ 8B0EB598A2BF7DB458B7BF48F0953D96 ] C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe
14:59:03.0405 1480 C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe - ok
14:59:03.0421 1480 [ DF72D700CC33611206675B8A2FD4D4F9 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
14:59:03.0421 1480 C:\Program Files\Logitech\SetPointP\SetPoint.exe - ok
14:59:03.0421 1480 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
14:59:03.0421 1480 C:\Windows\System32\dsound.dll - ok
14:59:03.0421 1480 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
14:59:03.0421 1480 C:\Windows\System32\oledlg.dll - ok
14:59:03.0421 1480 [ 52425F4F67DE0E8E7149EBC337D1A60A ] C:\Program Files\Logitech\SetPointP\KemUtil.dll
14:59:03.0421 1480 C:\Program Files\Logitech\SetPointP\KemUtil.dll - ok
14:59:03.0437 1480 [ 18921ED36B7AB65916C075E234E81930 ] C:\Program Files\Logitech\SetPointP\khalwrapper.dll
14:59:03.0437 1480 C:\Program Files\Logitech\SetPointP\khalwrapper.dll - ok
14:59:03.0437 1480 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
14:59:03.0437 1480 C:\Windows\System32\AudioSes.dll - ok
14:59:03.0437 1480 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
14:59:03.0437 1480 C:\Windows\System32\msxml3.dll - ok
14:59:03.0437 1480 [ 2BAD84B393AF47006D80BA2F03B18029 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
14:59:03.0437 1480 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
14:59:03.0452 1480 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
14:59:03.0452 1480 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
14:59:03.0452 1480 [ 7C7B8A47FFC43180FD49304A87EA78F5 ] C:\Program Files\Logitech\SetPointP\KemXML.dll
14:59:03.0452 1480 C:\Program Files\Logitech\SetPointP\KemXML.dll - ok
14:59:03.0452 1480 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
14:59:03.0452 1480 C:\Program Files\Windows Sidebar\sidebar.exe - ok
14:59:03.0468 1480 [ A0CF76137D2F23C76C860CAD2C605780 ] C:\Windows\AppPatch\AcSpecfc.dll
14:59:03.0468 1480 C:\Windows\AppPatch\AcSpecfc.dll - ok
14:59:03.0468 1480 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
14:59:03.0468 1480 C:\Windows\SysWOW64\mscms.dll - ok
14:59:03.0468 1480 [ 451F41C7FEF78BC7CC6F442F9CDBAE62 ] C:\Program Files\Logitech\SetPointP\kemutb.dll
14:59:03.0468 1480 C:\Program Files\Logitech\SetPointP\kemutb.dll - ok
14:59:03.0468 1480 [ 88B6D9FD6B47B00BC76ECBD13AD24566 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
14:59:03.0468 1480 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe - ok
14:59:03.0483 1480 [ 93B3D6E86E710CEDA136C973D0EDAA42 ] C:\Program Files\Logitech\SetPointP\KemWnd.dll
14:59:03.0483 1480 C:\Program Files\Logitech\SetPointP\KemWnd.dll - ok
14:59:03.0483 1480 [ 5197BFB7F70F44B8C5E56EF7C4F30200 ] C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
14:59:03.0483 1480 C:\Program Files\Logitech\SetPointP\SetPointCOM.dll - ok
14:59:03.0483 1480 [ 47D5AE02617882BB99CF14DB27511CEC ] C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe
14:59:03.0483 1480 C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe - ok
14:59:03.0499 1480 [ F98A242F61736233824F2E306069EE96 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
14:59:03.0499 1480 C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe - ok
14:59:03.0499 1480 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
14:59:03.0499 1480 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
14:59:03.0499 1480 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
14:59:03.0499 1480 C:\Windows\System32\msacm32.drv - ok
14:59:03.0515 1480 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
14:59:03.0515 1480 C:\Windows\System32\midimap.dll - ok
14:59:03.0515 1480 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
14:59:03.0515 1480 C:\Windows\System32\msacm32.dll - ok
14:59:03.0515 1480 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
14:59:03.0515 1480 C:\Windows\System32\mscoree.dll - ok
14:59:03.0515 1480 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
14:59:03.0515 1480 C:\Windows\SysWOW64\dciman32.dll - ok
14:59:03.0530 1480 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
14:59:03.0530 1480 C:\Windows\SysWOW64\ddraw.dll - ok
14:59:03.0530 1480 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
14:59:03.0530 1480 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
14:59:03.0530 1480 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
14:59:03.0530 1480 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
14:59:03.0546 1480 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
14:59:03.0546 1480 C:\Windows\AppPatch\AcLayers.dll - ok
14:59:03.0546 1480 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
14:59:03.0546 1480 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
14:59:03.0546 1480 [ 390679F7A217A5E73D756276C40AE887 ] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
14:59:03.0546 1480 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe - ok
14:59:03.0546 1480 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
14:59:03.0546 1480 C:\Windows\System32\AudioEng.dll - ok
14:59:03.0561 1480 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
14:59:03.0561 1480 C:\Windows\SysWOW64\rasapi32.dll - ok
14:59:03.0561 1480 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
14:59:03.0561 1480 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
14:59:03.0561 1480 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
14:59:03.0561 1480 C:\Windows\SysWOW64\rasman.dll - ok
14:59:03.0577 1480 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
14:59:03.0577 1480 C:\Windows\System32\AUDIOKSE.dll - ok
14:59:03.0577 1480 [ A112E0E48F3AB7545D7F797AFD484B96 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL
14:59:03.0577 1480 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL - ok
14:59:03.0577 1480 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
14:59:03.0577 1480 C:\Windows\SysWOW64\rtutils.dll - ok
14:59:03.0577 1480 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
14:59:03.0577 1480 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
14:59:03.0593 1480 [ 558BE7C9DE7DD5F206F3AD9FD541CD1F ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationUI.dll
14:59:03.0593 1480 C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationUI.dll - ok
14:59:03.0593 1480 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
14:59:03.0593 1480 C:\Windows\SysWOW64\hhctrl.ocx - ok
14:59:03.0593 1480 [ 22CC6CDBA678790046693654C3B212E4 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
14:59:03.0593 1480 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
14:59:03.0608 1480 [ 2E5B4A993514375DC6092DD211262757 ] C:\Windows\System32\MBWrp64.dll
14:59:03.0608 1480 C:\Windows\System32\MBWrp64.dll - ok
14:59:03.0608 1480 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
14:59:03.0608 1480 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
14:59:03.0608 1480 [ 3181F76ED237CC3D50D10CEA05AF8B60 ] C:\Windows\System32\riched32.dll
14:59:03.0608 1480 C:\Windows\System32\riched32.dll - ok
14:59:03.0608 1480 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
14:59:03.0608 1480 C:\Windows\System32\drprov.dll - ok
14:59:03.0639 1480 [ F244DA6DD2C365ABAFD076222C22C2BE ] C:\Windows\System32\mshtml.dll
14:59:03.0639 1480 C:\Windows\System32\mshtml.dll - ok
14:59:03.0639 1480 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
14:59:03.0639 1480 C:\Windows\System32\ntlanman.dll - ok
14:59:03.0655 1480 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
14:59:03.0655 1480 C:\Windows\System32\davclnt.dll - ok
14:59:03.0655 1480 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
14:59:03.0655 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
14:59:03.0655 1480 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
14:59:03.0655 1480 C:\Windows\System32\RtkCfg64.dll - ok
14:59:03.0655 1480 [ 57ACF47B4FA24A6B9464C9919412C411 ] C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
14:59:03.0655 1480 C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll - ok
14:59:03.0671 1480 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
14:59:03.0671 1480 C:\Windows\System32\davhlpr.dll - ok
14:59:03.0671 1480 [ BC34B8831FAE17E5E7BD8318EDDC90BB ] C:\Windows\System32\RtkAPO64.dll
14:59:03.0671 1480 C:\Windows\System32\RtkAPO64.dll - ok
14:59:03.0671 1480 [ 40F6BC428065D34B840C5B1BE5503F6F ] C:\Program Files\MagicTune Premium\GammaTray.exe
14:59:03.0671 1480 C:\Program Files\MagicTune Premium\GammaTray.exe - ok
14:59:03.0686 1480 [ 509D846FDF0C83158ED5970DE751364C ] C:\Windows\SysWOW64\jsproxy.dll
14:59:03.0686 1480 C:\Windows\SysWOW64\jsproxy.dll - ok
14:59:03.0686 1480 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
14:59:03.0686 1480 C:\Windows\SysWOW64\mfc42.dll - ok
14:59:03.0686 1480 [ 798387534977217525F11B758B3517AE ] C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
14:59:03.0686 1480 C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll - ok
14:59:03.0686 1480 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
14:59:03.0686 1480 C:\Windows\SysWOW64\taskschd.dll - ok
14:59:03.0702 1480 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
14:59:03.0702 1480 C:\Windows\SysWOW64\odbc32.dll - ok
14:59:03.0702 1480 [ EDEEAA5B121A89425A5DF7AB28E4E544 ] C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
14:59:03.0702 1480 C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll - ok
14:59:03.0702 1480 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
14:59:03.0702 1480 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
14:59:03.0702 1480 [ BBD2DAE7BD103D88591F4712B196D611 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
14:59:03.0702 1480 C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe - ok
14:59:03.0717 1480 [ FC77F245431D4DA5A9E2A53F3A14B162 ] C:\Windows\RaidTool\xInsIDE.exe
14:59:03.0717 1480 C:\Windows\RaidTool\xInsIDE.exe - ok
14:59:03.0717 1480 [ 563C4641DAE5355C08DF4DDC4134E196 ] C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
14:59:03.0717 1480 C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll - ok
14:59:03.0717 1480 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
14:59:03.0717 1480 C:\Windows\SysWOW64\odbcint.dll - ok
14:59:03.0733 1480 [ 64B9816268F2003803A9E431882CBFAE ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
14:59:03.0733 1480 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe - ok
14:59:03.0733 1480 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
14:59:03.0733 1480 C:\Windows\System32\WMALFXGFXDSP.dll - ok
14:59:03.0733 1480 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
14:59:03.0733 1480 C:\Windows\AppPatch\AcGenral.dll - ok
14:59:03.0749 1480 [ 754BDBD9A6B351E83A8648AB469E238A ] C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
14:59:03.0749 1480 C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll - ok
14:59:03.0749 1480 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
14:59:03.0749 1480 C:\Windows\System32\mfplat.dll - ok
14:59:03.0764 1480 [ 9E279D1BC39F5C6C530F0A0DB1D2DC98 ] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
14:59:03.0764 1480 C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe - ok
14:59:03.0764 1480 [ B8F7FA586A70918FEC5C768250724635 ] C:\Program Files\Logitech\SetPointP\KemMon.dll
14:59:03.0764 1480 C:\Program Files\Logitech\SetPointP\KemMon.dll - ok
14:59:03.0764 1480 [ F625F4072C04A1AEE6C60B020778A8CD ] C:\Windows\RaidTool\xInsDrv.dll
14:59:03.0764 1480 C:\Windows\RaidTool\xInsDrv.dll - ok
14:59:03.0780 1480 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
14:59:03.0780 1480 C:\Windows\SysWOW64\samcli.dll - ok
14:59:03.0780 1480 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
14:59:03.0780 1480 C:\Windows\SysWOW64\msacm32.dll - ok
14:59:03.0780 1480 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
14:59:03.0780 1480 C:\Windows\System32\msimtf.dll - ok
14:59:03.0780 1480 [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\SysWOW64\newdev.dll
14:59:03.0780 1480 C:\Windows\SysWOW64\newdev.dll - ok
14:59:03.0795 1480 [ 915E198D1A21531A10F678F42E536496 ] C:\Program Files (x86)\Hardcopy\hardcopy.exe
14:59:03.0795 1480 C:\Program Files (x86)\Hardcopy\hardcopy.exe - ok
14:59:03.0795 1480 [ D5A69B24039442FD76B410CD2D7FEB7B ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll
14:59:03.0795 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll - ok
14:59:03.0795 1480 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
14:59:03.0795 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
14:59:03.0811 1480 [ 03CC97EC838FBBA69E6E5FD744012C31 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
14:59:03.0811 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe - ok
14:59:03.0811 1480 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
14:59:03.0811 1480 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
14:59:03.0811 1480 [ 9998DCD053C25FED2AE544FA17F9970F ] C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
14:59:03.0811 1480 C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe - ok
14:59:03.0811 1480 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
14:59:03.0811 1480 C:\Windows\SysWOW64\msiltcfg.dll - ok
14:59:03.0827 1480 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
14:59:03.0827 1480 C:\Windows\SysWOW64\oledlg.dll - ok
14:59:03.0827 1480 [ E968CAC86E356BEE1A369C1FB824F7EC ] C:\Program Files (x86)\MagicRotation\MagicPvt.exe
14:59:03.0827 1480 C:\Program Files (x86)\MagicRotation\MagicPvt.exe - ok
14:59:03.0827 1480 [ EE2DBFBFE0B16E816A74AD505CF0379C ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll
14:59:03.0827 1480 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll - ok
14:59:03.0842 1480 [ 4EB19202D44B012387602DB5536FD093 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll
14:59:03.0842 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll - ok
14:59:03.0842 1480 [ 901AA7A38CE13F14B6BBEC38C0595698 ] D:\Programme (x86)\Office\Office14\BCSSync.exe
14:59:03.0842 1480 D:\Programme (x86)\Office\Office14\BCSSync.exe - ok
14:59:03.0842 1480 [ C79ECC33D5145224214FD82D3E458945 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
14:59:03.0842 1480 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe - ok
14:59:03.0858 1480 [ D17277381B4522FA34FAE7851E705051 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll
14:59:03.0858 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll - ok
14:59:03.0858 1480 [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
14:59:03.0858 1480 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok
14:59:03.0858 1480 [ AC09992FFDDDDA251464F80EF5C6E908 ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
14:59:03.0858 1480 C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe - ok
14:59:03.0858 1480 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
14:59:03.0858 1480 C:\Windows\SysWOW64\mscoree.dll - ok
14:59:03.0873 1480 [ AF09A713D190B2E9DDFCC2CE89357302 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll
14:59:03.0873 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll - ok
14:59:03.0873 1480 [ 356656B5EEA8C990238E8FAE5C63395C ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll
14:59:03.0873 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll - ok
14:59:03.0873 1480 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
14:59:03.0873 1480 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
14:59:03.0889 1480 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
14:59:03.0889 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
14:59:03.0889 1480 [ 1A4E49BBBBCD5CE19F8BF6B5D20AFC68 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll
14:59:03.0889 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll - ok
14:59:03.0889 1480 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
14:59:03.0889 1480 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
14:59:03.0905 1480 [ D4325026873BF2CF7A0BD5CF888161C5 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL
14:59:03.0905 1480 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL - ok
14:59:03.0905 1480 [ 6ABC6575EF4FEA6E7A44F5C61C66C9E1 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll
14:59:03.0905 1480 C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll - ok
14:59:03.0905 1480 [ 516C67F32A77F3ED296FE7F9AAD2ADAA ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\BCGCBPRO100u80.dll
14:59:03.0905 1480 C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\BCGCBPRO100u80.dll - ok
14:59:03.0905 1480 [ 1D3FAF2E2305A75EBFE1C5F5F7A2CB25 ] C:\Windows\System32\jscript9.dll
14:59:03.0905 1480 C:\Windows\System32\jscript9.dll - ok
14:59:03.0920 1480 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
14:59:03.0920 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
14:59:03.0920 1480 [ F50F26E6DC3082D8334F2946CE9125FA ] C:\Windows\System32\vbscript.dll
14:59:03.0920 1480 C:\Windows\System32\vbscript.dll - ok
14:59:03.0920 1480 [ AEDC5488205B84A3E2A44D3B5B76E534 ] C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
14:59:03.0920 1480 C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe - ok
14:59:03.0936 1480 [ D4AA74409711F64540850F7BA4D4346D ] C:\Program Files (x86)\Hardcopy\HcDllS.dll
14:59:03.0936 1480 C:\Program Files (x86)\Hardcopy\HcDllS.dll - ok
14:59:03.0936 1480 [ 0C7FCFD00ECF8CCC381B1CE618380E49 ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\SolutionExplorer.dll
14:59:03.0936 1480 C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\SolutionExplorer.dll - ok
14:59:03.0936 1480 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
14:59:03.0936 1480 C:\Windows\System32\d2d1.dll - ok
14:59:03.0951 1480 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
14:59:03.0951 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
14:59:03.0951 1480 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
14:59:03.0951 1480 C:\Windows\System32\DWrite.dll - ok
14:59:03.0951 1480 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
14:59:03.0951 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
14:59:03.0967 1480 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
14:59:03.0967 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
14:59:03.0967 1480 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
14:59:03.0967 1480 C:\Windows\SysWOW64\wsock32.dll - ok
14:59:03.0967 1480 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
14:59:03.0967 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
14:59:03.0983 1480 [ 4E8B1E9567B3CD76CA628C9026AE1125 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80DEU.dll
14:59:03.0983 1480 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80DEU.dll - ok
14:59:03.0983 1480 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
14:59:03.0983 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
14:59:03.0983 1480 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
14:59:03.0983 1480 C:\Windows\SysWOW64\regsvr32.exe - ok
14:59:03.0998 1480 [ 916A2C4EB028604783FD5EA169236C1D ] D:\Programme (x86)\QuickTime\QTTask.exe
14:59:03.0998 1480 D:\Programme (x86)\QuickTime\QTTask.exe - ok
14:59:03.0998 1480 [ 0D391555EFBB823CA5DB36D79CDA2693 ] C:\Program Files (x86)\Hardcopy\LTKRN14n.DLL
14:59:03.0998 1480 C:\Program Files (x86)\Hardcopy\LTKRN14n.DLL - ok
14:59:03.0998 1480 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
14:59:03.0998 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
14:59:03.0998 1480 [ 629868F32036BBE4E1B268D386B4A2F6 ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NB.dll
14:59:03.0998 1480 C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NB.dll - ok
14:59:04.0014 1480 [ A45E9924E74F43BC98071118A61F03D9 ] C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
14:59:04.0014 1480 C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll - ok
14:59:04.0014 1480 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
14:59:04.0014 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
14:59:04.0014 1480 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:59:04.0014 1480 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
14:59:04.0029 1480 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
14:59:04.0029 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
14:59:04.0029 1480 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
14:59:04.0029 1480 C:\Windows\SysWOW64\pdh.dll - ok
14:59:04.0045 1480 [ 7060AE41349FDFB9063193D375CBAA8E ] C:\Program Files (x86)\Hardcopy\LTFIL14n.DLL
14:59:04.0045 1480 C:\Program Files (x86)\Hardcopy\LTFIL14n.DLL - ok
14:59:04.0045 1480 [ 7CA00998C1AAF913AC089E29DB746037 ] C:\Windows\SysWOW64\unregmp2.exe
14:59:04.0045 1480 C:\Windows\SysWOW64\unregmp2.exe - ok
14:59:04.0061 1480 [ A05602FCF939A0A051D0CDF8C5CEDA98 ] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
14:59:04.0061 1480 C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe - ok
14:59:04.0061 1480 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
14:59:04.0061 1480 C:\Windows\System32\stobject.dll - ok
14:59:04.0061 1480 [ 3D024AA5D3152831D6D59B6E4EFC1C2E ] C:\Windows\mpvthook.dll
14:59:04.0061 1480 C:\Windows\mpvthook.dll - ok
14:59:04.0076 1480 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
14:59:04.0076 1480 C:\Windows\System32\batmeter.dll - ok
14:59:04.0076 1480 [ BA2B249CD7C8CE15E1A8D69ECAEE5FA3 ] C:\Windows\SysWOW64\main.cpl
14:59:04.0076 1480 C:\Windows\SysWOW64\main.cpl - ok
14:59:04.0092 1480 [ 5754573173A536802ACFDD50D684AE44 ] C:\Program Files (x86)\Hardcopy\LTDIS14n.DLL
14:59:04.0092 1480 C:\Program Files (x86)\Hardcopy\LTDIS14n.DLL - ok
14:59:04.0092 1480 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
14:59:04.0092 1480 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
14:59:04.0092 1480 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
14:59:04.0092 1480 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
14:59:04.0107 1480 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:59:04.0107 1480 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
14:59:04.0139 1480 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
14:59:04.0139 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
14:59:04.0139 1480 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
14:59:04.0139 1480 C:\Windows\System32\regsvr32.exe - ok
14:59:04.0154 1480 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
14:59:04.0154 1480 C:\Windows\SysWOW64\cabinet.dll - ok
14:59:04.0154 1480 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
14:59:04.0154 1480 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
14:59:04.0154 1480 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
14:59:04.0154 1480 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
14:59:04.0170 1480 [ 518318A103C888001054EFA1236E5033 ] C:\Windows\SysWOW64\dfshim.dll
14:59:04.0170 1480 C:\Windows\SysWOW64\dfshim.dll - ok
14:59:04.0170 1480 [ B57053CD59114D36952461EE638D3784 ] C:\Windows\SysWOW64\acppage.dll
14:59:04.0170 1480 C:\Windows\SysWOW64\acppage.dll - ok
14:59:04.0170 1480 [ 8BCF1DCE05F4494C8891F33EEA450D0A ] C:\Windows\SysWOW64\wdc.dll
14:59:04.0170 1480 C:\Windows\SysWOW64\wdc.dll - ok
14:59:04.0170 1480 [ AE1685654C954DEB572EA5386633B2AA ] C:\Windows\ehome\ehdrop.dll
14:59:04.0170 1480 C:\Windows\ehome\ehdrop.dll - ok
14:59:04.0185 1480 [ 0F6E4656BD4938F0FEE3B3EBA1524965 ] C:\Windows\SysWOW64\colorui.dll
14:59:04.0185 1480 C:\Windows\SysWOW64\colorui.dll - ok
14:59:04.0185 1480 [ 12026103EEDF3B4F7B0F368E4C6C5B19 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent\2fcef7081659e8224aa28ab07ab73f48\Agent.ni.exe
14:59:04.0185 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent\2fcef7081659e8224aa28ab07ab73f48\Agent.ni.exe - ok
14:59:04.0185 1480 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
14:59:04.0185 1480 C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
14:59:04.0201 1480 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
14:59:04.0201 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
14:59:04.0201 1480 [ 57E8C7791AB2596AFB8EE1273C2DF1F8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
14:59:04.0201 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
14:59:04.0201 1480 [ 8FF9D8945CFECE70F93C36FF48AEA4DA ] C:\Windows\SysWOW64\cryptext.dll
14:59:04.0201 1480 C:\Windows\SysWOW64\cryptext.dll - ok
14:59:04.0201 1480 [ 07DD9DCD1CC2840751A1F8772F3C0195 ] C:\Program Files\Microsoft Games\Chess\Chess.exe
14:59:04.0201 1480 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
14:59:04.0217 1480 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
14:59:04.0217 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
14:59:04.0217 1480 [ 50EFBC0F319C780E67D43AA7DDB12BF3 ] C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe
14:59:04.0217 1480 C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe - ok
14:59:04.0217 1480 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
14:59:04.0217 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
14:59:04.0232 1480 [ 278EA4126B7DBE0E107CC25D41C2F388 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Win32.Tas#\9d07daa643ece9f8eb826ab5f4b7df04\Microsoft.Win32.TaskScheduler.ni.dll
14:59:04.0232 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Win32.Tas#\9d07daa643ece9f8eb826ab5f4b7df04\Microsoft.Win32.TaskScheduler.ni.dll - ok
14:59:04.0232 1480 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
14:59:04.0232 1480 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
14:59:04.0248 1480 [ EB596E72F63B7C31BE8DF75FA8829B3F ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
14:59:04.0248 1480 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
14:59:04.0248 1480 [ 6A08F1C87BBF6197F5DAD95CF41E5175 ] C:\Windows\SysWOW64\PresentationHost.exe
14:59:04.0248 1480 C:\Windows\SysWOW64\PresentationHost.exe - ok
14:59:04.0263 1480 [ CE7B235C57F3E16654875A41B20448C4 ] C:\Windows\SysWOW64\icardres.dll
14:59:04.0263 1480 C:\Windows\SysWOW64\icardres.dll - ok
14:59:04.0263 1480 [ 726DFDB9E283B0CB78D87DDD7469BAF3 ] C:\Windows\SysWOW64\sendmail.dll
14:59:04.0263 1480 C:\Windows\SysWOW64\sendmail.dll - ok
14:59:04.0263 1480 [ F67A64C46DE10425045AF682802F5BA6 ] C:\Windows\SysWOW64\msdt.exe
14:59:04.0263 1480 C:\Windows\SysWOW64\msdt.exe - ok
14:59:04.0279 1480 [ 3EE82641D51AC10B4120ACBC515F6928 ] C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll
14:59:04.0279 1480 C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll - ok
14:59:04.0279 1480 [ 9E529F61AB51BA662E758BF2145CB37B ] C:\Program Files (x86)\GIGABYTE\ET6\work.dll
14:59:04.0279 1480 C:\Program Files (x86)\GIGABYTE\ET6\work.dll - ok
14:59:04.0279 1480 [ 75FA701D64996C18428EE72B4BF8EDEE ] C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
14:59:04.0279 1480 C:\Program Files (x86)\GIGABYTE\ET6\SF.dll - ok
14:59:04.0279 1480 [ 2FDCABFDBB423F00A0BFD8081EA891E8 ] C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
14:59:04.0279 1480 C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll - ok
14:59:04.0295 1480 [ 493CD726A4CCF422918CB86B78D18FB2 ] C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
14:59:04.0295 1480 C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll - ok
14:59:04.0295 1480 [ 59B7280D73906B43B13B273A1F9CC3DD ] C:\Windows\SysWOW64\xpsrchvw.exe
14:59:04.0295 1480 C:\Windows\SysWOW64\xpsrchvw.exe - ok
14:59:04.0295 1480 [ 8563204E44C222FDC144788EC99AFBDA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Common\e8bda9e93402e20c719b709f6e0894df\Agent.Common.ni.dll
14:59:04.0295 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Common\e8bda9e93402e20c719b709f6e0894df\Agent.Common.ni.dll - ok
14:59:04.0310 1480 [ BEFE4865B67D7A6F58391F0AF8766A28 ] C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
14:59:04.0310 1480 C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll - ok
14:59:04.0310 1480 [ B72F77DA5A69F5626696182E17B503BA ] C:\Windows\SysWOW64\miguiresource.dll
14:59:04.0310 1480 C:\Windows\SysWOW64\miguiresource.dll - ok
14:59:04.0310 1480 [ BEF8BE93965EC65C51D70030B9B6B058 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
14:59:04.0310 1480 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
14:59:04.0326 1480 [ F72CDD99A8626538F3ED924EF7DBA703 ] C:\Program Files (x86)\Windows Sidebar\sbdrop.dll
14:59:04.0326 1480 C:\Program Files (x86)\Windows Sidebar\sbdrop.dll - ok
14:59:04.0326 1480 [ 2723652E8757255E6A55499494932123 ] C:\Program Files (x86)\Common Files\System\wab32res.dll
14:59:04.0326 1480 C:\Program Files (x86)\Common Files\System\wab32res.dll - ok
14:59:04.0326 1480 [ A24B9C122B32EEC8E06F508A1716A277 ] C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
14:59:04.0326 1480 C:\Program Files (x86)\GIGABYTE\ET6\HM.dll - ok
14:59:04.0341 1480 [ 3DCEF5BFD5F3B1A84E1FA4DFF7701F7C ] C:\Program Files\MagicTune Premium\MagicTune.exe
14:59:04.0341 1480 C:\Program Files\MagicTune Premium\MagicTune.exe - ok
14:59:04.0341 1480 [ 67517491E2367098334372E0C167F515 ] C:\Windows\SysWOW64\grpconv.exe
14:59:04.0341 1480 C:\Windows\SysWOW64\grpconv.exe - ok
14:59:04.0341 1480 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
14:59:04.0341 1480 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
14:59:04.0341 1480 [ BF609C38D036B97E8AEB5D45546B1844 ] C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
14:59:04.0341 1480 C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll - ok
14:59:04.0357 1480 [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\SysWOW64\apds.dll
14:59:04.0357 1480 C:\Windows\SysWOW64\apds.dll - ok
14:59:04.0357 1480 [ E9E9D800D84B02868D3E5A69A51977DD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Common\c8a879174b5f757b9d2045d675187789\Common.ni.dll
14:59:04.0357 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Common\c8a879174b5f757b9d2045d675187789\Common.ni.dll - ok
14:59:04.0357 1480 [ 829581B5337DEB3BF88D622E89B59ECE ] C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
14:59:04.0357 1480 C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll - ok
14:59:04.0373 1480 [ 9381B625514FA17C8C0BEAF1C9A45FC0 ] C:\Program Files\MagicTune Premium\VESADll.dll
14:59:04.0373 1480 C:\Program Files\MagicTune Premium\VESADll.dll - ok
14:59:04.0373 1480 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
14:59:04.0373 1480 C:\Windows\System32\bitsperf.dll - ok
14:59:04.0373 1480 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
14:59:04.0373 1480 C:\Windows\System32\d3d10warp.dll - ok
14:59:04.0388 1480 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
14:59:04.0388 1480 C:\Windows\System32\bitsigd.dll - ok
14:59:04.0388 1480 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
14:59:04.0388 1480 C:\Windows\SysWOW64\olepro32.dll - ok
14:59:04.0388 1480 [ 274FCC9FE55503737C1E317E47F201E4 ] C:\Program Files\MagicTune Premium\IProfile.dll
14:59:04.0388 1480 C:\Program Files\MagicTune Premium\IProfile.dll - ok
14:59:04.0388 1480 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
14:59:04.0388 1480 C:\Windows\System32\upnp.dll - ok
14:59:04.0404 1480 [ B3EC1F65E452FD758D513AC27BD0F3BB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Interop.WUApiLib\a7cc20e691cb9593388c0ada20e65158\Interop.WUApiLib.ni.dll
14:59:04.0404 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Interop.WUApiLib\a7cc20e691cb9593388c0ada20e65158\Interop.WUApiLib.ni.dll - ok
14:59:04.0404 1480 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
14:59:04.0404 1480 C:\Windows\System32\prnfldr.dll - ok
14:59:04.0404 1480 [ A8524F6C3AFF774911BCA26AB8322602 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
14:59:04.0404 1480 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
14:59:04.0419 1480 [ EFA0DE074EBDE061EC08CA489A60CCCC ] C:\Windows\System32\nvd3dumx.dll
14:59:04.0419 1480 C:\Windows\System32\nvd3dumx.dll - ok
14:59:04.0419 1480 [ 074F20DD1A3F969B4AFFFD7670C98CAD ] C:\Program Files\MagicTune Premium\DProfile.dll
14:59:04.0419 1480 C:\Program Files\MagicTune Premium\DProfile.dll - ok
14:59:04.0419 1480 [ 061CBB1058A10C0875D18CAFF835AE97 ] C:\Windows\SysWOW64\mshta.exe
14:59:04.0419 1480 C:\Windows\SysWOW64\mshta.exe - ok
14:59:04.0435 1480 [ 95E60872B6E20E3EEF1E6197BC1ABDE9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Communication\3fdb4fa1ce48c2c606152881873e69f0\Agent.Communication.ni.dll
14:59:04.0435 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Communication\3fdb4fa1ce48c2c606152881873e69f0\Agent.Communication.ni.dll - ok
14:59:04.0435 1480 [ B64EC011A725AB1B47CB29B6271D9C63 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ExceptionLogging\1f76e22c476a94039cc059690306076a\ExceptionLogging.ni.dll
14:59:04.0435 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\ExceptionLogging\1f76e22c476a94039cc059690306076a\ExceptionLogging.ni.dll - ok
14:59:04.0435 1480 [ 49E3E21197CB828F55F50A6F8156A3BD ] C:\Program Files\MagicTune Premium\EProfile.dll
14:59:04.0435 1480 C:\Program Files\MagicTune Premium\EProfile.dll - ok
14:59:04.0435 1480 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
14:59:04.0435 1480 C:\Windows\System32\dxtrans.dll - ok
14:59:04.0451 1480 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
14:59:04.0451 1480 C:\Windows\System32\ddrawex.dll - ok
14:59:04.0466 1480 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
14:59:04.0466 1480 C:\Windows\System32\ddraw.dll - ok
14:59:04.0466 1480 [ D3816C5E999612E39DF60C9DA3EAE72F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\XPBurnComponent\0750237e8294b5e6aefff76c2404293f\XPBurnComponent.ni.dll
14:59:04.0466 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\XPBurnComponent\0750237e8294b5e6aefff76c2404293f\XPBurnComponent.ni.dll - ok
14:59:04.0466 1480 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
14:59:04.0466 1480 C:\Windows\System32\dciman32.dll - ok
14:59:04.0482 1480 [ 14947C3C0041E3D9BD807C55C81BDEBF ] C:\Program Files\MagicTune Premium\DeviceInterface.dll
14:59:04.0482 1480 C:\Program Files\MagicTune Premium\DeviceInterface.dll - ok
14:59:04.0482 1480 [ 3A91AAA7EDC8DE349699BB91A328DC3D ] C:\Program Files\Logitech\SetPointP\KGame.dll
14:59:04.0482 1480 C:\Program Files\Logitech\SetPointP\KGame.dll - ok
14:59:04.0482 1480 [ D6A99F26E31C9F15D8D8CC42FFE6D16B ] C:\Windows\System32\dxtmsft.dll
14:59:04.0482 1480 C:\Windows\System32\dxtmsft.dll - ok
14:59:04.0497 1480 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
14:59:04.0497 1480 C:\Windows\System32\dxva2.dll - ok
14:59:04.0497 1480 [ 4D9DC6214E263A5D6995F353C9000886 ] C:\Program Files (x86)\Nero\Nero 10\Nero Burning ROM\ShellRes\ShellRes.dll
14:59:04.0497 1480 C:\Program Files (x86)\Nero\Nero 10\Nero Burning ROM\ShellRes\ShellRes.dll - ok
14:59:04.0497 1480 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\SysWOW64\PeerDist.dll
14:59:04.0497 1480 C:\Windows\SysWOW64\PeerDist.dll - ok
14:59:04.0497 1480 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
14:59:04.0497 1480 C:\Windows\SysWOW64\authz.dll - ok
14:59:04.0544 1480 [ 3B9C451947F6D29C9FA24F7689DFF734 ] C:\Program Files\MagicTune Premium\Highlight.dll
14:59:04.0544 1480 C:\Program Files\MagicTune Premium\Highlight.dll - ok
14:59:04.0560 1480 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll
14:59:04.0560 1480 C:\Windows\SysWOW64\wshext.dll - ok
14:59:04.0560 1480 [ 7E1A97200E98893128A97C1A6DD36B92 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\RuleEngine\71a3fa9c10f9bf4e0076ca59bd0f47e2\RuleEngine.ni.dll
14:59:04.0560 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\RuleEngine\71a3fa9c10f9bf4e0076ca59bd0f47e2\RuleEngine.ni.dll - ok
14:59:04.0560 1480 [ 2A8DAB7AA50CC8305264683B13B61D6D ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90.dll
14:59:04.0560 1480 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90.dll - ok
14:59:04.0560 1480 [ 8A4883F5E7AC37444F23279239553878 ] C:\Windows\SysWOW64\regedit.exe
14:59:04.0560 1480 C:\Windows\SysWOW64\regedit.exe - ok
14:59:04.0575 1480 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
14:59:04.0575 1480 C:\Windows\System32\d3d10.dll - ok
14:59:04.0575 1480 [ E457C3F2DCF30EBD3812D3BEA2BDC40D ] C:\Program Files\MagicTune Premium\HzZone.dll
14:59:04.0575 1480 C:\Program Files\MagicTune Premium\HzZone.dll - ok
14:59:04.0575 1480 [ 143ABE4D5C10F7A5AA87DCD68B4CE57B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\2151fd0e6db30581263dfac1e93f64d9\Microsoft.ApplicationBlocks.Updater.ni.dll
14:59:04.0575 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\2151fd0e6db30581263dfac1e93f64d9\Microsoft.ApplicationBlocks.Updater.ni.dll - ok
14:59:04.0591 1480 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
14:59:04.0591 1480 C:\Windows\System32\d3d10core.dll - ok
14:59:04.0591 1480 [ 2A17C56A95DEE72F02AAA76C1FD4146E ] C:\Program Files\MagicTune Premium\MTResGer.dll
14:59:04.0591 1480 C:\Program Files\MagicTune Premium\MTResGer.dll - ok
14:59:04.0591 1480 [ C005D9E5DC7841BB5E0C837C5C6DAB97 ] C:\Program Files\Logitech\SetPointP\LCabHandler.dll
14:59:04.0591 1480 C:\Program Files\Logitech\SetPointP\LCabHandler.dll - ok
14:59:04.0607 1480 [ 9AAADE86A4659A69CF5AA298C8AEEC22 ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
14:59:04.0607 1480 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
14:59:04.0607 1480 [ 44A08596C5E4274C1565180BDA0B19A2 ] C:\Windows\System32\tzres.dll
14:59:04.0607 1480 C:\Windows\System32\tzres.dll - ok
14:59:04.0622 1480 [ 66ECAF6C054D15203FCE9FBBD9FBE09E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\a70987acc64c3549174d0625bc63ea5b\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
14:59:04.0622 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\a70987acc64c3549174d0625bc63ea5b\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll - ok
14:59:04.0622 1480 [ 2FF112EF1984C2AD73684F0B290DBFA3 ] C:\Windows\SysWOW64\migwiz\wet.dll
14:59:04.0622 1480 C:\Windows\SysWOW64\migwiz\wet.dll - ok
14:59:04.0622 1480 [ DB797B87A5596A5BD4AACDD18D23B165 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\e7312df6c674a1f9f9d4f4788985dd0a\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
14:59:04.0622 1480 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\e7312df6c674a1f9f9d4f4788985dd0a\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll - ok
14:59:04.0622 1480 [ 9D78BE8C32202452F88A32D087149853 ] C:\Program Files (x86)\Hardcopy\HcDLL2_36_Win32.dll
14:59:04.0622 1480 C:\Program Files (x86)\Hardcopy\HcDLL2_36_Win32.dll - ok
14:59:04.0638 1480 ============================================================
14:59:04.0638 1480 Scan finished
14:59:04.0638 1480 ============================================================
14:59:04.0638 3304 Detected object count: 0
14:59:04.0638 3304 Actual detected object count: 0
14:59:12.0079 3644 Deinitialize success
Aber wenn noch etwas fehlt, dann schaue ich mal. Erst mal noch mal vielen Dank für die Unterstützung Bernhard Bahr |
|
16.10.2012, 19:06
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirekt Virus Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.10.2012, 10:44
| #10 |
| | Redirekt Virus Oh ja, da sind ja doch ein paar Infektionen dabei. Die sind doch aber schon gelöscht, oder? Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.29.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Berni :: BOVN2012-OBEN [Administrator] Schutz: Aktiviert 01.10.2012 08:09:46 mbam-log-2012-10-01 (08-09-46).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 724410 Laufzeit: 1 Stunde(n), 19 Minute(n), 5 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\Berni\Downloads\AlienEncounters_downloader_by_SchriftartenFontsde(1).exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Berni\Downloads\AlienEncounters_downloader_by_SchriftartenFontsde.exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.07.13 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Berni :: BOVN2012-OBEN [Administrator] Schutz: Deaktiviert 14.09.2012 13:57:36 mbam-log-2012-09-14 (13-57-36).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 724921 Laufzeit: 1 Stunde(n), 18 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 8 C:\Users\Berni\Downloads\VLCMediaPlayerSetup.exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt. E:\weitere Backups\Version -1\SSD Backup.last\downloads\Softango_VideoConverter_Multi (2).exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt. E:\weitere Backups\Version -1\SSD Backup.last\downloads\Softango_VideoConverter_Multi.exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt. E:\weitere Backups\Version -1\Users\Berni\Downloads\installer_magic_dvd_ripper.exe (PUP.Adbundler) -> Erfolgreich gelöscht und in Quarantäne gestellt. E:\weitere Backups\Version -1\Users\Berni\Downloads\Softango_VideoConverter_Multi.exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt. E:\weitere Backups\Version -3\C\Users\Berni\Downloads\FLVPlayerSetup.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. G:\0_Rechnersicherung\Datenrettung\HTC45_Bahr My Documents\UAContents\Emoticon\25_240x320.gif (Extension.Mismatch) -> Erfolgreich gelöscht und in Quarantäne gestellt. G:\0_Rechnersicherung\Datenrettung\HTC45_Bahr My Documents\UAContents\Emoticon\28_240x320.gif (Extension.Mismatch) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.16.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Berni :: BOVN2012-OBEN [Administrator] Schutz: Aktiviert 16.07.2012 14:03:00 mbam-log-2012-07-16 (14-03-00).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 233701 Laufzeit: 1 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Windows\SysWOW64\CML.exe (Backdoor.Agent) -> 3344 -> Löschen bei Neustart. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|tray2 (Backdoor.Agent) -> Daten: C:\Windows\system32\CML.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|tray3 (Trojan.Agent) -> Daten: C:\Windows\system32\RecvMessage.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\Windows\SysWOW64\CML.exe (Backdoor.Agent) -> Löschen bei Neustart. C:\Windows\System32\CML.exe (Backdoor.Agent) -> Löschen bei Neustart. C:\Users\Berni\Downloads\SoftonicDownloader_fuer_free-iso-burner.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\System32\RecvMessage.exe (Trojan.Agent) -> Löschen bei Neustart. (Ende) Code:
ATTFilter 2012/10/15 08:14:24 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 60436, Process: firefox.exe)
2012/10/15 08:14:24 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 60437, Process: firefox.exe)
2012/10/15 08:47:45 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 61991, Process: firefox.exe)
2012/10/15 08:47:45 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 61992, Process: firefox.exe)
2012/10/15 08:47:45 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 61993, Process: firefox.exe)
2012/10/15 08:47:45 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 61995, Process: firefox.exe)
2012/10/15 12:17:05 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64547, Process: firefox.exe)
2012/10/15 12:17:06 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64548, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64633, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64640, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 212.117.165.86 (Type: outgoing, Port: 64714, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 212.117.165.86 (Type: outgoing, Port: 64715, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64741, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64748, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64749, Process: firefox.exe)
2012/10/15 12:17:22 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64750, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 212.117.165.86 (Type: outgoing, Port: 64795, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 212.117.165.86 (Type: outgoing, Port: 64796, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64814, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64821, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64823, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 94.23.13.61 (Type: outgoing, Port: 64824, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 212.117.165.86 (Type: outgoing, Port: 64863, Process: firefox.exe)
2012/10/15 12:17:30 +0200 BOVN2012-OBEN Berni IP-BLOCK 212.117.165.86 (Type: outgoing, Port: 64864, Process: firefox.exe)
2012/10/15 12:36:03 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 49202, Process: firefox.exe)
2012/10/15 12:36:03 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 49203, Process: firefox.exe)
2012/10/15 12:36:03 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 49204, Process: firefox.exe)
2012/10/15 12:36:03 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 49205, Process: firefox.exe)
2012/10/15 14:15:49 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 50664, Process: firefox.exe)
2012/10/15 14:15:50 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 50665, Process: firefox.exe)
2012/10/15 14:15:50 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 50666, Process: firefox.exe)
2012/10/15 14:15:50 +0200 BOVN2012-OBEN Berni IP-BLOCK 74.118.192.152 (Type: outgoing, Port: 50668, Process: firefox.exe)
|
|
17.10.2012, 15:33
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirekt VirusESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.10.2012, 08:14
| #12 |
| | Redirekt Virus Hier das Ergebnis des Eset Laufes: Code:
ATTFilter C:\Program Files (x86)\FLVPlayer\Uninstall\Uninstall.exe a variant of Win32/InstallCore.AC application
C:\Program Files (x86)\VideoConverter\VideoConverter.exe a variant of Win32/InstallCore.A application
C:\Users\Berni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\9WCDZU6L\DHL-Express-Delivery-Notification-9KVJU811DD (2).zip Win32/Spy.Bebloh.H trojan
C:\Users\Berni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\9WCDZU6L\DHL-Express-Delivery-Notification-9KVJU811DD.zip Win32/Spy.Bebloh.H trojan
C:\Users\Berni\AppData\Local\Temp\is1590112554\GiantSavings_US.exe a variant of Win32/Toolbar.CrossRider.A application
C:\Users\Berni\AppData\Local\Temp\YontooLayers\background.html Win32/Adware.Yontoo.C application
C:\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\174e094-66a715d3 Java/Exploit.CVE-2012-0507.BZ trojan
C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\Backups\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application
C:\Users\Berni\Downloads\AnySendSetup.exe a variant of Win32/InstallCore.AG application
C:\Users\Berni\Downloads\FLVPlayerSetup.exe a variant of Win32/InstallCore.AC application
D:\Benutzer\Berni\Downloads\VideoConverterSetup.exe a variant of Win32/InstallCore.AF application
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-07-04 120535\Backup files 5.zip JS/Kryptik.RK trojan
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-07-15 220735\Backup files 1.zip Win32/Adware.Yontoo application
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-08-17 111120\Backup files 1.zip JS/Kryptik.VK trojan
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-17 131955\Backup files 1.zip HTML/ScrInject.B.Gen virus
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-27 084121\Backup files 3.zip Java/Exploit.CVE-2012-0507.BZ trojan
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-27 084121\Backup files 4.zip multiple threats
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-30 210000\Backup files 2.zip a variant of Win32/InstallCore.AC application
E:\weitere Backups\Version -1\SSD Backup.last\Program Files\Perfect Uninstaller\PU.exe a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -1\Users\Administrator\Documents\FinePrint-Dateien\Spiele\War_Rock_10182011_G1_Xfire.exe multiple threats
E:\weitere Backups\Version -1\Users\Berni\AppData\Local\Temp\ibtmp531f389\component_395.decrpt a variant of Win32/bProtector application
E:\weitere Backups\Version -1\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\20d772f-31014455 Java/Exploit.CVE-2012-0507.L trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\FreeYouTubeDownload3123.exe Win32/OpenCandy application
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM-UltraEdit-18.00.0.1034-incl-Keygen-CORE.rar a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM.UltraEdit.18.00.0.1034.keygen-CORE.zip a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\zp815free.exe Win32/OpenCandy application
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect Uninstaller v6.3.3.9 Portable\Perfect Uninstaller v6.3.3.9 Portable.rar a variant of MSIL/TrojanDropper.Agent.LZ trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_keygen_SN\Perfect_Uninstaller_keygen_SN.rar probably a variant of Win32/Bifrose.ITAITJT trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011\PerfectUninstaller_Setup.exe a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011.rar a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -1\Users\Niko\Downloads\FreeYouTubeToMP3Converter_3.11.22.exe Win32/OpenCandy application
E:\weitere Backups\Version -1\Users\Public\Downloads\PerfectUninstaller_Setup.exe a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\5c21374c-1f15e770 multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\f6e4b8e-4e254066 multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\3a75a842-2b60e518 multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1d4e065f-3b4e38a6 multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\375f56e3-4b55f97d multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\164f55a6-7b072c44 multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Audio und Video\SUPERsetup48.exe Win32/OpenCandy application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Nero\Nero 8\Nero-8.2.8.0_deu_update.exe Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Nero\Nero 8\nerophotoshowdeluxe-4-win-eu.exe Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Nero\Nero 9\9.4.26\Nero_BackItUpAndBurn-1.2.17b.exe Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\5c21374c-1f15e770 multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\f6e4b8e-4e254066 multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\3a75a842-2b60e518 multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1d4e065f-3b4e38a6 multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\375f56e3-4b55f97d multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\164f55a6-7b072c44 multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\MyPhoneExplorer_Setup_1.8.1.exe Win32/OpenCandy application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\SoftonicDownloader43585.exe a variant of Win32/SoftonicDownloader.A application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\SoftonicDownloader_fuer_php-designer.exe a variant of Win32/SoftonicDownloader.A application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\SUPERsetup48.exe Win32/OpenCandy application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\winamp5621_full_emusic-7plus_all.exe Win32/OpenCandy application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\Software\Nero\Nero 8\Nero-8.2.8.0_deu_update.exe Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\Software\Nero\Nero 8\nerophotoshowdeluxe-4-win-eu.exe Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\Software\Nero\Nero 9\9.4.26\Nero_BackItUpAndBurn-1.2.17b.exe Win32/Toolbar.AskSBar application
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 115.zip Win32/Toolbar.AskSBar application
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 18.zip multiple threats
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 19.zip multiple threats
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 21.zip multiple threats
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 22.zip Win32/OpenCandy application
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 27.zip Win32/Toolbar.AskSBar application
G:\Downloads\version oficial de winrar 4 keygen.zip a variant of Win32/Keygen.AI application
G:\Originale\Packer\Winzip\Winzip Pro v11.0 Winall Multilanguage Keygen.rar BAT/Starter.P trojan
|
|
19.10.2012, 10:47
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirekt VirusCode:
ATTFilter G:\Downloads\version oficial de winrar 4 keygen.zip a variant of Win32/Keygen.AI application
G:\Originale\Packer\Winzip\Winzip Pro v11.0 Winall Multilanguage Keygen.rar BAT/Starter.P trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM-UltraEdit-18.00.0.1034-incl-Keygen-CORE.rar a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM.UltraEdit.18.00.0.1034.keygen-CORE.zip a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_keygen_SN\Perfect_Uninstaller_keygen_SN.rar probably a variant of Win32/Bifrose.ITAITJT trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011\PerfectUninstaller_Setup.exe a variant of
 Siehe auch => http://www.trojaner-board.de/95393-c...-software.html Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!! Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein! In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.10.2012, 12:04
| #14 |
| | Redirekt Virus Oh ja ihr habt recht. Ich habe nicht mehr daran gedacht, da ich nur noch mit legal erworbener Software arbeite. Auf den Betriebssystem - Laufwerken ist davon nichts mehr zu finden. In meinen Vorversionen war das in der Tat nicht so. Deshalb sind in den alten Backups anscheinend noch Reste davon zu finden. Die Laufwerke E:, F: und G: sind bei mir Backup Laufwerke. Sorry, dass ich nicht daran gedacht habe. Ist damit für Euch die Unterstützung beendet? |
|
| Themen zu Redirekt Virus |
| administrator, anti, anti malware, aswmbr, destroy, dreck, hartnäckig, hitman, hoffnung, installier, installiert, laufe, laufen, lösung, malwarebytes, poste, redirect, schlagen, search, spybot, tdsskiller, versuche, viren, virus, überhaupt |
Linear-Darstellung
