| |
| |||||||
Log-Analyse und Auswertung: BOO/TDss.O Virus gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.12.2013, 09:53
| #1 |
 |  BOO/TDss.O Virus gefunden Hi, ich wurden von avira auf folgendes hingewiesen: Code:
ATTFilter Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter 09:01:57.0062 0x1578 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
09:02:00.0193 0x1578 ============================================================
09:02:00.0193 0x1578 Current date / time: 2013/12/02 09:02:00.0193
09:02:00.0193 0x1578 SystemInfo:
09:02:00.0193 0x1578
09:02:00.0193 0x1578 OS Version: 6.1.7601 ServicePack: 1.0
09:02:00.0193 0x1578 Product type: Workstation
09:02:00.0194 0x1578 ComputerName: MEINER
09:02:00.0194 0x1578 UserName: Richi
09:02:00.0194 0x1578 Windows directory: C:\Windows
09:02:00.0194 0x1578 System windows directory: C:\Windows
09:02:00.0194 0x1578 Running under WOW64
09:02:00.0194 0x1578 Processor architecture: Intel x64
09:02:00.0194 0x1578 Number of processors: 4
09:02:00.0194 0x1578 Page size: 0x1000
09:02:00.0194 0x1578 Boot type: Normal boot
09:02:00.0194 0x1578 ============================================================
09:02:00.0881 0x1578 KLMD registered as C:\Windows\system32\drivers\66739218.sys
09:02:01.0126 0x1578 System UUID: {9B46AF8B-8495-C385-0BD8-CEB1480BA967}
09:02:01.0915 0x1578 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:02:01.0923 0x1578 ============================================================
09:02:01.0923 0x1578 \Device\Harddisk0\DR0:
09:02:01.0924 0x1578 MBR partitions:
09:02:01.0924 0x1578 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
09:02:01.0924 0x1578 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2B879904
09:02:01.0924 0x1578 ============================================================
09:02:01.0948 0x1578 C: <-> \Device\Harddisk0\DR0\Partition2
09:02:01.0949 0x1578 ============================================================
09:02:01.0949 0x1578 Initialize success
09:02:01.0949 0x1578 ============================================================
09:02:37.0707 0x1398 ============================================================
09:02:37.0707 0x1398 Scan started
09:02:37.0707 0x1398 Mode: Manual; SigCheck; TDLFS;
09:02:37.0707 0x1398 ============================================================
09:02:37.0707 0x1398 KSN ping started
09:03:12.0438 0x1398 KSN ping finished: false
09:03:13.0654 0x1398 ================ Scan system memory ========================
09:03:13.0654 0x1398 System memory - ok
09:03:13.0654 0x1398 ================ Scan services =============================
09:03:13.0857 0x1398 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:03:13.0998 0x1398 1394ohci - ok
09:03:14.0107 0x1398 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:03:14.0138 0x1398 ACPI - ok
09:03:14.0200 0x1398 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:03:14.0310 0x1398 AcpiPmi - ok
09:03:14.0450 0x1398 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:03:14.0481 0x1398 AdobeARMservice - ok
09:03:14.0653 0x1398 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:03:14.0684 0x1398 AdobeFlashPlayerUpdateSvc - ok
09:03:14.0778 0x1398 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:03:14.0840 0x1398 adp94xx - ok
09:03:14.0871 0x1398 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:03:14.0902 0x1398 adpahci - ok
09:03:14.0918 0x1398 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:03:14.0949 0x1398 adpu320 - ok
09:03:14.0980 0x1398 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:03:15.0043 0x1398 AeLookupSvc - ok
09:03:15.0152 0x1398 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
09:03:15.0261 0x1398 AFD - ok
09:03:15.0324 0x1398 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
09:03:15.0355 0x1398 agp440 - ok
09:03:15.0402 0x1398 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:03:15.0464 0x1398 ALG - ok
09:03:15.0511 0x1398 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
09:03:15.0542 0x1398 aliide - ok
09:03:15.0620 0x1398 [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:03:15.0714 0x1398 AMD External Events Utility - ok
09:03:15.0745 0x1398 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
09:03:15.0776 0x1398 amdide - ok
09:03:15.0807 0x1398 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:03:15.0885 0x1398 AmdK8 - ok
09:03:16.0135 0x1398 [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
09:03:16.0540 0x1398 amdkmdag - ok
09:03:16.0587 0x1398 [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:03:16.0618 0x1398 amdkmdap - ok
09:03:16.0650 0x1398 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:03:16.0681 0x1398 AmdPPM - ok
09:03:16.0759 0x1398 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:03:16.0774 0x1398 amdsata - ok
09:03:16.0806 0x1398 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:03:16.0837 0x1398 amdsbs - ok
09:03:16.0852 0x1398 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:03:16.0868 0x1398 amdxata - ok
09:03:16.0915 0x1398 [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
09:03:17.0008 0x1398 androidusb - ok
09:03:17.0242 0x1398 [ 02E2B39AFE9EA2AEC4B15B20A0A4C3A6, 5F345F7CDF7F464DACB72D10B287774799DF990A134608F6920B9B810FC8347D ] ANSYS, Inc. License Manager C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
09:03:17.0414 0x1398 ANSYS, Inc. License Manager - detected UnsignedFile.Multi.Generic ( 1 )
09:03:23.0997 0x1398 Detect skipped due to KSN trusted
09:03:23.0997 0x1398 ANSYS, Inc. License Manager - ok
09:03:24.0247 0x1398 [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:03:24.0278 0x1398 AntiVirSchedulerService - ok
09:03:24.0403 0x1398 [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:03:24.0434 0x1398 AntiVirService - ok
09:03:24.0543 0x1398 [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
09:03:24.0684 0x1398 AntiVirWebService - ok
09:03:24.0746 0x1398 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
09:03:24.0980 0x1398 AppID - ok
09:03:25.0011 0x1398 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:03:25.0074 0x1398 AppIDSvc - ok
09:03:25.0167 0x1398 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
09:03:25.0230 0x1398 Appinfo - ok
09:03:25.0276 0x1398 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:03:25.0308 0x1398 arc - ok
09:03:25.0323 0x1398 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:03:25.0339 0x1398 arcsas - ok
09:03:25.0479 0x1398 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:03:25.0542 0x1398 aspnet_state - ok
09:03:25.0604 0x1398 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:03:25.0666 0x1398 AsyncMac - ok
09:03:25.0729 0x1398 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
09:03:25.0744 0x1398 atapi - ok
09:03:25.0807 0x1398 [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
09:03:25.0869 0x1398 AtiHdmiService - ok
09:03:25.0947 0x1398 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:03:26.0119 0x1398 AudioEndpointBuilder - ok
09:03:26.0166 0x1398 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:03:26.0228 0x1398 AudioSrv - ok
09:03:26.0337 0x1398 [ 0909E9AD4019AFF25C58E0DFFDCD744E, D1C1A6C7C1EABAC32B24C45E3E6BE3BC7C74A46996CFA6697E7A98E1A6D05531 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
09:03:26.0368 0x1398 avgntflt - ok
09:03:26.0431 0x1398 [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
09:03:26.0462 0x1398 avipbb - ok
09:03:26.0524 0x1398 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
09:03:26.0540 0x1398 avkmgr - ok
09:03:26.0587 0x1398 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
09:03:26.0618 0x1398 avnetflt - ok
09:03:26.0665 0x1398 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:03:26.0790 0x1398 AxInstSV - ok
09:03:26.0852 0x1398 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:03:26.0961 0x1398 b06bdrv - ok
09:03:27.0008 0x1398 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:03:27.0086 0x1398 b57nd60a - ok
09:03:27.0226 0x1398 [ B44879610F2DC4A046B14BEFA3AE72DE, B9C17872E0DA23A495B6EC4D4C249AA96F82409DD83B6A17F557D9171D1D7089 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
09:03:27.0429 0x1398 BCM43XX - ok
09:03:27.0460 0x1398 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:03:27.0523 0x1398 BDESVC - ok
09:03:27.0570 0x1398 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:03:27.0663 0x1398 Beep - ok
09:03:27.0741 0x1398 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
09:03:27.0835 0x1398 BFE - ok
09:03:27.0882 0x1398 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
09:03:28.0006 0x1398 BITS - ok
09:03:28.0053 0x1398 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:03:28.0100 0x1398 blbdrive - ok
09:03:28.0147 0x1398 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:03:28.0209 0x1398 bowser - ok
09:03:28.0240 0x1398 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:03:28.0318 0x1398 BrFiltLo - ok
09:03:28.0334 0x1398 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:03:28.0350 0x1398 BrFiltUp - ok
09:03:28.0412 0x1398 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
09:03:28.0459 0x1398 Browser - ok
09:03:28.0490 0x1398 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:03:28.0568 0x1398 Brserid - ok
09:03:28.0584 0x1398 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:03:28.0630 0x1398 BrSerWdm - ok
09:03:28.0677 0x1398 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:03:28.0740 0x1398 BrUsbMdm - ok
09:03:28.0755 0x1398 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:03:28.0786 0x1398 BrUsbSer - ok
09:03:28.0880 0x1398 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:03:28.0989 0x1398 BthEnum - ok
09:03:29.0036 0x1398 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:03:29.0083 0x1398 BTHMODEM - ok
09:03:29.0114 0x1398 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:03:29.0161 0x1398 BthPan - ok
09:03:29.0254 0x1398 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:03:29.0332 0x1398 BTHPORT - ok
09:03:29.0379 0x1398 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
09:03:29.0442 0x1398 bthserv - ok
09:03:29.0520 0x1398 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:03:29.0566 0x1398 BTHUSB - ok
09:03:29.0598 0x1398 [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
09:03:29.0613 0x1398 btusbflt - ok
09:03:29.0660 0x1398 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:03:29.0738 0x1398 cdfs - ok
09:03:29.0800 0x1398 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:03:29.0847 0x1398 cdrom - ok
09:03:29.0925 0x1398 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
09:03:30.0003 0x1398 CertPropSvc - ok
09:03:30.0050 0x1398 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:03:30.0112 0x1398 circlass - ok
09:03:30.0175 0x1398 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
09:03:30.0237 0x1398 CLFS - ok
09:03:30.0315 0x1398 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:03:30.0346 0x1398 clr_optimization_v2.0.50727_32 - ok
09:03:30.0362 0x1398 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:03:30.0378 0x1398 clr_optimization_v2.0.50727_64 - ok
09:03:30.0518 0x1398 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:03:30.0596 0x1398 clr_optimization_v4.0.30319_32 - ok
09:03:30.0627 0x1398 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:03:30.0705 0x1398 clr_optimization_v4.0.30319_64 - ok
09:03:30.0721 0x1398 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:03:30.0768 0x1398 CmBatt - ok
09:03:30.0814 0x1398 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:03:30.0846 0x1398 cmdide - ok
09:03:30.0908 0x1398 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
09:03:30.0986 0x1398 CNG - ok
09:03:31.0017 0x1398 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:03:31.0033 0x1398 Compbatt - ok
09:03:31.0095 0x1398 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:03:31.0158 0x1398 CompositeBus - ok
09:03:31.0204 0x1398 COMSysApp - ok
09:03:31.0236 0x1398 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:03:31.0267 0x1398 crcdisk - ok
09:03:31.0314 0x1398 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:03:31.0392 0x1398 CryptSvc - ok
09:03:31.0454 0x1398 [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
09:03:31.0470 0x1398 CVirtA - ok
09:03:31.0610 0x1398 [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
09:03:31.0719 0x1398 CVPND - ok
09:03:31.0750 0x1398 [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
09:03:31.0766 0x1398 CVPNDRVA - ok
09:03:31.0844 0x1398 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:03:31.0922 0x1398 DcomLaunch - ok
09:03:31.0969 0x1398 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
09:03:32.0094 0x1398 defragsvc - ok
09:03:32.0140 0x1398 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:03:32.0203 0x1398 DfsC - ok
09:03:32.0281 0x1398 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:03:32.0374 0x1398 Dhcp - ok
09:03:32.0406 0x1398 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
09:03:32.0452 0x1398 discache - ok
09:03:32.0484 0x1398 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:03:32.0499 0x1398 Disk - ok
09:03:32.0577 0x1398 [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
09:03:32.0608 0x1398 DNE - ok
09:03:32.0671 0x1398 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:03:32.0733 0x1398 Dnscache - ok
09:03:32.0780 0x1398 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
09:03:32.0874 0x1398 dot3svc - ok
09:03:32.0952 0x1398 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:03:33.0030 0x1398 Dot4 - ok
09:03:33.0061 0x1398 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:03:33.0108 0x1398 Dot4Print - ok
09:03:33.0139 0x1398 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:03:33.0186 0x1398 dot4usb - ok
09:03:33.0248 0x1398 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
09:03:33.0326 0x1398 DPS - ok
09:03:33.0373 0x1398 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:03:33.0420 0x1398 drmkaud - ok
09:03:33.0498 0x1398 [ 61E894FE1E9CC720C909E6E343351794, 2C8540ED0A2C7028B242289078B4C2D8678D26FB7429AB3B33C136BB47B178C3 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:03:33.0544 0x1398 DsiWMIService - ok
09:03:33.0607 0x1398 [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:03:33.0669 0x1398 dtsoftbus01 - ok
09:03:33.0747 0x1398 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:03:33.0825 0x1398 DXGKrnl - ok
09:03:33.0856 0x1398 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
09:03:33.0919 0x1398 EapHost - ok
09:03:34.0075 0x1398 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:03:34.0278 0x1398 ebdrv - ok
09:03:34.0340 0x1398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
09:03:34.0387 0x1398 EFS - ok
09:03:34.0512 0x1398 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:03:34.0636 0x1398 ehRecvr - ok
09:03:34.0668 0x1398 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
09:03:34.0761 0x1398 ehSched - ok
09:03:34.0824 0x1398 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
09:03:34.0855 0x1398 ElbyCDFL - ok
09:03:34.0902 0x1398 [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
09:03:34.0933 0x1398 ElbyCDIO - ok
09:03:34.0995 0x1398 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:03:35.0042 0x1398 elxstor - ok
09:03:35.0167 0x1398 [ 49EEF52BFB986A2B5D70F4EC12637D7B, C42C93EC36B4BD0AFF4248AD571F56FB5F39D5C57B93C01EBB34997A262E41A9 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
09:03:35.0229 0x1398 ePowerSvc - ok
09:03:35.0292 0x1398 [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
09:03:35.0354 0x1398 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
09:03:38.0193 0x1398 Detect skipped due to KSN trusted
09:03:38.0193 0x1398 EpsonBidirectionalService - ok
09:03:38.0287 0x1398 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:03:38.0318 0x1398 ErrDev - ok
09:03:38.0412 0x1398 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
09:03:38.0505 0x1398 EventSystem - ok
09:03:38.0552 0x1398 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
09:03:38.0599 0x1398 exfat - ok
09:03:38.0630 0x1398 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:03:38.0692 0x1398 fastfat - ok
09:03:38.0786 0x1398 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
09:03:38.0880 0x1398 Fax - ok
09:03:38.0911 0x1398 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:03:38.0958 0x1398 fdc - ok
09:03:39.0004 0x1398 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
09:03:39.0082 0x1398 fdPHost - ok
09:03:39.0114 0x1398 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
09:03:39.0176 0x1398 FDResPub - ok
09:03:39.0207 0x1398 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:03:39.0223 0x1398 FileInfo - ok
09:03:39.0254 0x1398 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:03:39.0316 0x1398 Filetrace - ok
09:03:39.0394 0x1398 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:03:39.0472 0x1398 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:03:46.0024 0x1398 Detect skipped due to KSN trusted
09:03:46.0024 0x1398 FLEXnet Licensing Service - ok
09:03:46.0102 0x1398 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:03:46.0134 0x1398 flpydisk - ok
09:03:46.0180 0x1398 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:03:46.0243 0x1398 FltMgr - ok
09:03:46.0336 0x1398 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
09:03:46.0430 0x1398 FontCache - ok
09:03:46.0492 0x1398 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:03:46.0524 0x1398 FontCache3.0.0.0 - ok
09:03:46.0555 0x1398 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:03:46.0570 0x1398 FsDepends - ok
09:03:46.0617 0x1398 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:03:46.0648 0x1398 Fs_Rec - ok
09:03:46.0711 0x1398 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:03:46.0758 0x1398 fvevol - ok
09:03:46.0773 0x1398 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:03:46.0789 0x1398 gagp30kx - ok
09:03:46.0882 0x1398 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
09:03:46.0976 0x1398 gpsvc - ok
09:03:47.0101 0x1398 [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
09:03:47.0132 0x1398 Greg_Service - ok
09:03:47.0241 0x1398 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:03:47.0257 0x1398 gupdate - ok
09:03:47.0272 0x1398 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:03:47.0288 0x1398 gupdatem - ok
09:03:47.0366 0x1398 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:03:47.0397 0x1398 gusvc - ok
09:03:47.0428 0x1398 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:03:47.0491 0x1398 hcw85cir - ok
09:03:47.0569 0x1398 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:03:47.0631 0x1398 HdAudAddService - ok
09:03:47.0662 0x1398 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:03:47.0709 0x1398 HDAudBus - ok
09:03:47.0756 0x1398 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:03:47.0772 0x1398 HECIx64 - ok
09:03:47.0803 0x1398 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:03:47.0865 0x1398 HidBatt - ok
09:03:47.0881 0x1398 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:03:47.0943 0x1398 HidBth - ok
09:03:47.0974 0x1398 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:03:47.0990 0x1398 HidIr - ok
09:03:48.0021 0x1398 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
09:03:48.0099 0x1398 hidserv - ok
09:03:48.0162 0x1398 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:03:48.0193 0x1398 HidUsb - ok
09:03:48.0240 0x1398 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:03:48.0318 0x1398 hkmsvc - ok
09:03:48.0396 0x1398 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:03:48.0489 0x1398 HomeGroupListener - ok
09:03:48.0536 0x1398 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:03:48.0598 0x1398 HomeGroupProvider - ok
09:03:48.0661 0x1398 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:03:48.0692 0x1398 HpSAMD - ok
09:03:48.0832 0x1398 [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
09:03:49.0363 0x1398 HPSLPSVC - ok
09:03:49.0425 0x1398 [ CF44B25AE808765D7308F412AD492DDB, 97A16ACCD6D624B2A57DDA913C8005320FF91542C0EF7F39456741D99D7B2725 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
09:03:49.0503 0x1398 HTCAND64 - ok
09:03:49.0566 0x1398 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
09:03:49.0597 0x1398 htcnprot - ok
09:03:49.0690 0x1398 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:03:49.0768 0x1398 HTTP - ok
09:03:49.0815 0x1398 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:03:49.0831 0x1398 hwpolicy - ok
09:03:49.0893 0x1398 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:03:49.0924 0x1398 i8042prt - ok
09:03:49.0987 0x1398 [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:03:50.0018 0x1398 iaStor - ok
09:03:50.0065 0x1398 [ 48362E5DB5CB2C000C514EE1F3890ACD, 561FB7BE085A624770832B0138DA1B9859981BCC66540A8F98D9F7D5B8EE6707 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:03:50.0096 0x1398 IAStorDataMgrSvc - ok
09:03:50.0143 0x1398 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:03:50.0190 0x1398 iaStorV - ok
09:03:50.0299 0x1398 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:03:50.0424 0x1398 idsvc - ok
09:03:50.0470 0x1398 IEEtwCollectorService - ok
09:03:50.0502 0x1398 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:03:50.0533 0x1398 iirsp - ok
09:03:50.0642 0x1398 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
09:03:50.0767 0x1398 IKEEXT - ok
09:03:50.0829 0x1398 [ C48567D80AD357613CD0EEADE18780AE, AFFAB3C915C5B48A39F7F8F9438A3085DBEBA1E431DD35861A5A08EA1CBE4D37 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
09:03:50.0907 0x1398 Impcd - ok
09:03:51.0063 0x1398 [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:03:51.0282 0x1398 IntcAzAudAddService - ok
09:03:51.0344 0x1398 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
09:03:51.0360 0x1398 intelide - ok
09:03:51.0406 0x1398 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:03:51.0453 0x1398 intelppm - ok
09:03:51.0500 0x1398 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:03:51.0562 0x1398 IPBusEnum - ok
09:03:51.0609 0x1398 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:03:51.0687 0x1398 IpFilterDriver - ok
09:03:51.0781 0x1398 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:03:51.0890 0x1398 iphlpsvc - ok
09:03:51.0937 0x1398 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:03:51.0968 0x1398 IPMIDRV - ok
09:03:51.0999 0x1398 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:03:52.0062 0x1398 IPNAT - ok
09:03:52.0093 0x1398 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:03:52.0202 0x1398 IRENUM - ok
09:03:52.0264 0x1398 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:03:52.0280 0x1398 isapnp - ok
09:03:52.0327 0x1398 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:03:52.0374 0x1398 iScsiPrt - ok
09:03:52.0420 0x1398 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:03:52.0436 0x1398 IviRegMgr - ok
09:03:52.0483 0x1398 [ C9B4ECC187581E5BF3F76648884B7829, D4DDFDD92FEFDFAF293633C2B3860C37D7DC59965170E55AD181EFAFCFD1DB13 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
09:03:52.0514 0x1398 k57nd60a - ok
09:03:52.0561 0x1398 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:03:52.0608 0x1398 kbdclass - ok
09:03:52.0654 0x1398 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:03:52.0701 0x1398 kbdhid - ok
09:03:52.0717 0x1398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
09:03:52.0732 0x1398 KeyIso - ok
09:03:52.0779 0x1398 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:03:52.0795 0x1398 KSecDD - ok
09:03:52.0826 0x1398 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:03:52.0842 0x1398 KSecPkg - ok
09:03:52.0888 0x1398 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:03:52.0966 0x1398 ksthunk - ok
09:03:52.0998 0x1398 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
09:03:53.0107 0x1398 KtmRm - ok
09:03:53.0185 0x1398 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:03:53.0278 0x1398 LanmanServer - ok
09:03:53.0325 0x1398 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:03:53.0419 0x1398 LanmanWorkstation - ok
09:03:53.0450 0x1398 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:03:53.0497 0x1398 lltdio - ok
09:03:53.0528 0x1398 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:03:53.0590 0x1398 lltdsvc - ok
09:03:53.0622 0x1398 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:03:53.0653 0x1398 lmhosts - ok
09:03:53.0762 0x1398 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:03:53.0809 0x1398 LMS - ok
09:03:53.0856 0x1398 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:03:53.0871 0x1398 LSI_FC - ok
09:03:53.0887 0x1398 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:03:53.0918 0x1398 LSI_SAS - ok
09:03:53.0934 0x1398 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:03:53.0949 0x1398 LSI_SAS2 - ok
09:03:53.0965 0x1398 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:03:53.0996 0x1398 LSI_SCSI - ok
09:03:54.0012 0x1398 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
09:03:54.0090 0x1398 luafv - ok
09:03:54.0152 0x1398 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:03:54.0230 0x1398 Mcx2Svc - ok
09:03:54.0246 0x1398 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:03:54.0261 0x1398 megasas - ok
09:03:54.0292 0x1398 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:03:54.0324 0x1398 MegaSR - ok
09:03:54.0433 0x1398 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
09:03:54.0464 0x1398 Microsoft Office Groove Audit Service - ok
09:03:54.0480 0x1398 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
09:03:54.0558 0x1398 MMCSS - ok
09:03:54.0589 0x1398 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
09:03:54.0651 0x1398 Modem - ok
09:03:54.0682 0x1398 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:03:54.0729 0x1398 monitor - ok
09:03:54.0807 0x1398 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:03:54.0838 0x1398 mouclass - ok
09:03:54.0870 0x1398 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:03:54.0901 0x1398 mouhid - ok
09:03:54.0979 0x1398 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:03:54.0994 0x1398 mountmgr - ok
09:03:55.0088 0x1398 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:03:55.0135 0x1398 MozillaMaintenance - ok
09:03:55.0182 0x1398 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:03:55.0197 0x1398 mpio - ok
09:03:55.0244 0x1398 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:03:55.0306 0x1398 mpsdrv - ok
09:03:55.0400 0x1398 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:03:55.0525 0x1398 MpsSvc - ok
09:03:55.0572 0x1398 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:03:55.0618 0x1398 MRxDAV - ok
09:03:55.0650 0x1398 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:03:55.0712 0x1398 mrxsmb - ok
09:03:55.0743 0x1398 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:03:55.0790 0x1398 mrxsmb10 - ok
09:03:55.0806 0x1398 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:03:55.0852 0x1398 mrxsmb20 - ok
09:03:55.0884 0x1398 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
09:03:55.0899 0x1398 msahci - ok
09:03:55.0915 0x1398 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:03:55.0930 0x1398 msdsm - ok
09:03:55.0946 0x1398 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
09:03:55.0993 0x1398 MSDTC - ok
09:03:56.0040 0x1398 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:03:56.0086 0x1398 Msfs - ok
09:03:56.0118 0x1398 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:03:56.0180 0x1398 mshidkmdf - ok
09:03:56.0211 0x1398 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:03:56.0227 0x1398 msisadrv - ok
09:03:56.0274 0x1398 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:03:56.0352 0x1398 MSiSCSI - ok
09:03:56.0352 0x1398 msiserver - ok
09:03:56.0383 0x1398 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:03:56.0414 0x1398 MSKSSRV - ok
09:03:56.0430 0x1398 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:03:56.0492 0x1398 MSPCLOCK - ok
09:03:56.0508 0x1398 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:03:56.0601 0x1398 MSPQM - ok
09:03:56.0648 0x1398 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:03:56.0695 0x1398 MsRPC - ok
09:03:56.0742 0x1398 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:03:56.0773 0x1398 mssmbios - ok
09:03:56.0804 0x1398 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:03:56.0866 0x1398 MSTEE - ok
09:03:56.0882 0x1398 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:03:56.0913 0x1398 MTConfig - ok
09:03:56.0944 0x1398 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
09:03:56.0960 0x1398 Mup - ok
09:03:57.0022 0x1398 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
09:03:57.0116 0x1398 napagent - ok
09:03:57.0178 0x1398 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:03:57.0256 0x1398 NativeWifiP - ok
09:03:57.0319 0x1398 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
09:03:57.0350 0x1398 NDIS - ok
09:03:57.0366 0x1398 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:03:57.0412 0x1398 NdisCap - ok
09:03:57.0444 0x1398 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:03:57.0522 0x1398 NdisTapi - ok
09:03:57.0584 0x1398 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:03:57.0631 0x1398 Ndisuio - ok
09:03:57.0678 0x1398 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:03:57.0771 0x1398 NdisWan - ok
09:03:57.0818 0x1398 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:03:57.0896 0x1398 NDProxy - ok
09:03:57.0958 0x1398 [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:03:57.0990 0x1398 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:04:08.0086 0x1398 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:04:08.0086 0x1398 Force sending object to P2P due to detect: C:\Windows\system32\HPZinw12.dll
09:04:28.0086 0x1398 Object send P2P result: false
09:04:30.0866 0x1398 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:04:30.0946 0x1398 NetBIOS - ok
09:04:31.0006 0x1398 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:04:31.0076 0x1398 NetBT - ok
09:04:31.0106 0x1398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
09:04:31.0116 0x1398 Netlogon - ok
09:04:31.0156 0x1398 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
09:04:31.0246 0x1398 Netman - ok
09:04:31.0316 0x1398 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0356 0x1398 NetMsmqActivator - ok
09:04:31.0366 0x1398 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0386 0x1398 NetPipeActivator - ok
09:04:31.0406 0x1398 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
09:04:31.0476 0x1398 netprofm - ok
09:04:31.0486 0x1398 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0496 0x1398 NetTcpActivator - ok
09:04:31.0506 0x1398 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0516 0x1398 NetTcpPortSharing - ok
09:04:31.0786 0x1398 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
09:04:32.0206 0x1398 NETw5s64 - ok
09:04:32.0256 0x1398 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:04:32.0276 0x1398 nfrd960 - ok
09:04:32.0326 0x1398 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:04:32.0386 0x1398 NlaSvc - ok
09:04:32.0416 0x1398 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:04:32.0466 0x1398 Npfs - ok
09:04:32.0486 0x1398 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
09:04:32.0566 0x1398 nsi - ok
09:04:32.0586 0x1398 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:04:32.0646 0x1398 nsiproxy - ok
09:04:32.0736 0x1398 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:04:32.0846 0x1398 Ntfs - ok
09:04:32.0946 0x1398 [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:04:32.0966 0x1398 NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:04:35.0706 0x1398 Detect skipped due to KSN trusted
09:04:35.0706 0x1398 NTI IScheduleSvc - ok
09:04:35.0806 0x1398 [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:04:35.0836 0x1398 NTIBackupSvc - ok
09:04:35.0856 0x1398 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:04:35.0876 0x1398 NTIDrvr - ok
09:04:35.0896 0x1398 [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:04:35.0946 0x1398 NTISchedulerSvc - ok
09:04:35.0986 0x1398 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
09:04:36.0066 0x1398 Null - ok
09:04:36.0096 0x1398 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:04:36.0116 0x1398 nvraid - ok
09:04:36.0166 0x1398 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:04:36.0206 0x1398 nvstor - ok
09:04:36.0276 0x1398 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:04:36.0296 0x1398 nv_agp - ok
09:04:36.0406 0x1398 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:04:36.0466 0x1398 odserv - ok
09:04:36.0496 0x1398 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:04:36.0536 0x1398 ohci1394 - ok
09:04:36.0616 0x1398 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:04:36.0656 0x1398 ose - ok
09:04:36.0696 0x1398 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:04:36.0796 0x1398 p2pimsvc - ok
09:04:36.0836 0x1398 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
09:04:36.0886 0x1398 p2psvc - ok
09:04:36.0916 0x1398 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:04:36.0936 0x1398 Parport - ok
09:04:36.0976 0x1398 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:04:37.0006 0x1398 partmgr - ok
09:04:37.0056 0x1398 [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
09:04:37.0096 0x1398 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
09:04:39.0886 0x1398 Detect skipped due to KSN trusted
09:04:39.0886 0x1398 PassThru Service - ok
09:04:39.0996 0x1398 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
09:04:40.0056 0x1398 PcaSvc - ok
09:04:40.0106 0x1398 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
09:04:40.0136 0x1398 pci - ok
09:04:40.0176 0x1398 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
09:04:40.0206 0x1398 pciide - ok
09:04:40.0256 0x1398 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:04:40.0306 0x1398 pcmcia - ok
09:04:40.0326 0x1398 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
09:04:40.0346 0x1398 pcw - ok
09:04:40.0376 0x1398 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:04:40.0496 0x1398 PEAUTH - ok
09:04:40.0586 0x1398 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:04:40.0636 0x1398 PerfHost - ok
09:04:40.0736 0x1398 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
09:04:40.0876 0x1398 pla - ok
09:04:40.0966 0x1398 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:04:41.0036 0x1398 PlugPlay - ok
09:04:41.0066 0x1398 [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:04:41.0096 0x1398 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:04:43.0886 0x1398 Detect skipped due to KSN trusted
09:04:43.0886 0x1398 Pml Driver HPZ12 - ok
09:04:44.0026 0x1398 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:04:44.0066 0x1398 PNRPAutoReg - ok
09:04:44.0096 0x1398 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:04:44.0126 0x1398 PNRPsvc - ok
09:04:44.0196 0x1398 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:04:44.0286 0x1398 PolicyAgent - ok
09:04:44.0336 0x1398 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
09:04:44.0426 0x1398 Power - ok
09:04:44.0496 0x1398 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:04:44.0556 0x1398 PptpMiniport - ok
09:04:44.0586 0x1398 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:04:44.0646 0x1398 Processor - ok
09:04:44.0696 0x1398 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
09:04:44.0726 0x1398 ProfSvc - ok
09:04:44.0746 0x1398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:04:44.0756 0x1398 ProtectedStorage - ok
09:04:44.0796 0x1398 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:04:44.0856 0x1398 Psched - ok
09:04:44.0886 0x1398 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:04:44.0906 0x1398 PSI_SVC_2 - ok
09:04:44.0966 0x1398 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:04:45.0076 0x1398 ql2300 - ok
09:04:45.0106 0x1398 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:04:45.0126 0x1398 ql40xx - ok
09:04:45.0166 0x1398 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
09:04:45.0246 0x1398 QWAVE - ok
09:04:45.0266 0x1398 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:04:45.0306 0x1398 QWAVEdrv - ok
09:04:45.0326 0x1398 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:04:45.0386 0x1398 RasAcd - ok
09:04:45.0436 0x1398 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:04:45.0486 0x1398 RasAgileVpn - ok
09:04:45.0506 0x1398 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
09:04:45.0586 0x1398 RasAuto - ok
09:04:45.0616 0x1398 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:04:45.0716 0x1398 Rasl2tp - ok
09:04:45.0806 0x1398 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
09:04:45.0916 0x1398 RasMan - ok
09:04:45.0956 0x1398 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:04:46.0016 0x1398 RasPppoe - ok
09:04:46.0066 0x1398 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:04:46.0126 0x1398 RasSstp - ok
09:04:46.0196 0x1398 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:04:46.0276 0x1398 rdbss - ok
09:04:46.0316 0x1398 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:04:46.0346 0x1398 rdpbus - ok
09:04:46.0366 0x1398 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:04:46.0426 0x1398 RDPCDD - ok
09:04:46.0446 0x1398 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:04:46.0506 0x1398 RDPENCDD - ok
09:04:46.0526 0x1398 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:04:46.0566 0x1398 RDPREFMP - ok
09:04:46.0616 0x1398 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:04:46.0676 0x1398 RDPWD - ok
09:04:46.0726 0x1398 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:04:46.0776 0x1398 rdyboost - ok
09:04:46.0806 0x1398 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:04:46.0876 0x1398 RemoteAccess - ok
09:04:46.0906 0x1398 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:04:46.0976 0x1398 RemoteRegistry - ok
09:04:47.0026 0x1398 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:04:47.0076 0x1398 RFCOMM - ok
09:04:47.0106 0x1398 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:04:47.0156 0x1398 RpcEptMapper - ok
09:04:47.0186 0x1398 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
09:04:47.0226 0x1398 RpcLocator - ok
09:04:47.0266 0x1398 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
09:04:47.0316 0x1398 RpcSs - ok
09:04:47.0366 0x1398 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:04:47.0436 0x1398 rspndr - ok
09:04:47.0516 0x1398 [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
09:04:47.0546 0x1398 RSUSBSTOR - ok
09:04:47.0586 0x1398 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
09:04:47.0616 0x1398 RS_Service - ok
09:04:47.0666 0x1398 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
09:04:47.0726 0x1398 RTHDMIAzAudService - ok
09:04:47.0756 0x1398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
09:04:47.0776 0x1398 SamSs - ok
09:04:47.0826 0x1398 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:04:47.0846 0x1398 sbp2port - ok
09:04:47.0886 0x1398 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:04:47.0956 0x1398 SCardSvr - ok
09:04:47.0986 0x1398 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:04:48.0046 0x1398 scfilter - ok
09:04:48.0096 0x1398 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
09:04:48.0226 0x1398 Schedule - ok
09:04:48.0266 0x1398 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:04:48.0296 0x1398 SCPolicySvc - ok
09:04:48.0346 0x1398 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:04:48.0396 0x1398 SDRSVC - ok
09:04:48.0456 0x1398 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:04:48.0536 0x1398 secdrv - ok
09:04:48.0576 0x1398 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
09:04:48.0626 0x1398 seclogon - ok
09:04:48.0656 0x1398 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
09:04:48.0716 0x1398 SENS - ok
09:04:48.0746 0x1398 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:04:48.0786 0x1398 SensrSvc - ok
09:04:48.0836 0x1398 [ 2437720D4480523562360B2B6B5864A7, 314725F4786B3E660D6C58AF611ABD41D9938CEF5A7F19762632DF51CB3A52D5 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
09:04:48.0906 0x1398 Ser2pl - ok
09:04:48.0936 0x1398 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:04:48.0976 0x1398 Serenum - ok
09:04:49.0006 0x1398 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:04:49.0056 0x1398 Serial - ok
09:04:49.0106 0x1398 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:04:49.0156 0x1398 sermouse - ok
09:04:49.0206 0x1398 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
09:04:49.0266 0x1398 SessionEnv - ok
09:04:49.0296 0x1398 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:04:49.0346 0x1398 sffdisk - ok
09:04:49.0366 0x1398 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:04:49.0416 0x1398 sffp_mmc - ok
09:04:49.0446 0x1398 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:04:49.0496 0x1398 sffp_sd - ok
09:04:49.0536 0x1398 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:04:49.0576 0x1398 sfloppy - ok
09:04:49.0636 0x1398 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:04:49.0716 0x1398 SharedAccess - ok
09:04:49.0786 0x1398 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:04:49.0846 0x1398 ShellHWDetection - ok
09:04:49.0856 0x1398 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:04:49.0876 0x1398 SiSRaid2 - ok
09:04:49.0906 0x1398 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:04:49.0926 0x1398 SiSRaid4 - ok
09:04:50.0156 0x1398 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:04:50.0316 0x1398 Skype C2C Service - ok
09:04:50.0446 0x1398 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:04:50.0516 0x1398 SkypeUpdate - ok
09:04:50.0546 0x1398 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:04:50.0586 0x1398 Smb - ok
09:04:50.0626 0x1398 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:04:50.0666 0x1398 SNMPTRAP - ok
09:04:50.0696 0x1398 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
09:04:50.0716 0x1398 spldr - ok
09:04:50.0776 0x1398 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
09:04:50.0846 0x1398 Spooler - ok
09:04:51.0026 0x1398 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
09:04:51.0266 0x1398 sppsvc - ok
09:04:51.0306 0x1398 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:04:51.0396 0x1398 sppuinotify - ok
09:04:51.0446 0x1398 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:04:51.0546 0x1398 srv - ok
09:04:51.0566 0x1398 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:04:51.0686 0x1398 srv2 - ok
09:04:51.0716 0x1398 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:04:51.0786 0x1398 srvnet - ok
09:04:51.0856 0x1398 [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
09:04:51.0876 0x1398 ssadbus - ok
09:04:51.0936 0x1398 [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
09:04:51.0956 0x1398 ssadmdfl - ok
09:04:52.0016 0x1398 [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
09:04:52.0046 0x1398 ssadmdm - ok
09:04:52.0126 0x1398 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:04:52.0226 0x1398 SSDPSRV - ok
09:04:52.0246 0x1398 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:04:52.0286 0x1398 SstpSvc - ok
09:04:52.0316 0x1398 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:04:52.0326 0x1398 stexstor - ok
09:04:52.0386 0x1398 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
09:04:52.0426 0x1398 StillCam - ok
09:04:52.0496 0x1398 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
09:04:52.0576 0x1398 stisvc - ok
09:04:52.0616 0x1398 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
09:04:52.0626 0x1398 swenum - ok
09:04:52.0666 0x1398 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
09:04:52.0746 0x1398 swprv - ok
09:04:52.0806 0x1398 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:04:52.0856 0x1398 SynTP - ok
09:04:52.0976 0x1398 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
09:04:53.0096 0x1398 SysMain - ok
09:04:53.0136 0x1398 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:04:53.0186 0x1398 TabletInputService - ok
09:04:53.0206 0x1398 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:04:53.0296 0x1398 TapiSrv - ok
09:04:53.0326 0x1398 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
09:04:53.0376 0x1398 TBS - ok
09:04:53.0486 0x1398 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:04:53.0686 0x1398 Tcpip - ok
09:04:53.0796 0x1398 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:04:53.0846 0x1398 TCPIP6 - ok
09:04:53.0886 0x1398 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:04:53.0926 0x1398 tcpipreg - ok
09:04:53.0956 0x1398 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:04:53.0976 0x1398 TDPIPE - ok
09:04:54.0016 0x1398 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:04:54.0076 0x1398 TDTCP - ok
09:04:54.0126 0x1398 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:04:54.0196 0x1398 tdx - ok
09:04:54.0506 0x1398 [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
09:04:54.0746 0x1398 TeamViewer8 - ok
09:04:54.0796 0x1398 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
09:04:54.0836 0x1398 TermDD - ok
09:04:54.0916 0x1398 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
09:04:54.0996 0x1398 TermService - ok
09:04:55.0026 0x1398 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
09:04:55.0066 0x1398 Themes - ok
09:04:55.0106 0x1398 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
09:04:55.0146 0x1398 THREADORDER - ok
09:04:55.0266 0x1398 [ F620772888B6E3EDEF5C3E71E3D447F0, 67CFC8E94ACCA0B31E7D2062D587C1BD37911F95A02C8CCB1B4A3E0EBDADC8B0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
09:04:55.0286 0x1398 TomTomHOMEService - ok
09:04:55.0316 0x1398 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
09:04:55.0376 0x1398 TrkWks - ok
09:04:55.0466 0x1398 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:04:55.0536 0x1398 TrustedInstaller - ok
09:04:55.0576 0x1398 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:04:55.0636 0x1398 tssecsrv - ok
09:04:55.0716 0x1398 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:04:55.0766 0x1398 TsUsbFlt - ok
09:04:55.0826 0x1398 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:04:55.0906 0x1398 tunnel - ok
09:04:55.0966 0x1398 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:04:55.0996 0x1398 uagp35 - ok
09:04:56.0016 0x1398 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:04:56.0026 0x1398 UBHelper - ok
09:04:56.0076 0x1398 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:04:56.0146 0x1398 udfs - ok
09:04:56.0176 0x1398 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:04:56.0196 0x1398 UI0Detect - ok
09:04:56.0226 0x1398 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:04:56.0246 0x1398 uliagpkx - ok
09:04:56.0316 0x1398 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:04:56.0356 0x1398 umbus - ok
09:04:56.0396 0x1398 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:04:56.0426 0x1398 UmPass - ok
09:04:56.0576 0x1398 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:04:56.0676 0x1398 UNS - ok
09:04:56.0736 0x1398 [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:04:56.0756 0x1398 Updater Service - ok
09:04:56.0796 0x1398 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
09:04:56.0866 0x1398 upnphost - ok
09:04:56.0906 0x1398 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:04:56.0926 0x1398 usbccgp - ok
09:04:56.0976 0x1398 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:04:57.0026 0x1398 usbcir - ok
09:04:57.0066 0x1398 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:04:57.0126 0x1398 usbehci - ok
09:04:57.0166 0x1398 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:04:57.0226 0x1398 usbhub - ok
09:04:57.0266 0x1398 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:04:57.0306 0x1398 usbohci - ok
09:04:57.0346 0x1398 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:04:57.0406 0x1398 usbprint - ok
09:04:57.0436 0x1398 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:04:57.0486 0x1398 usbscan - ok
09:04:57.0576 0x1398 [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser C:\Windows\system32\DRIVERS\usbser.sys
09:04:57.0646 0x1398 usbser - ok
09:04:57.0666 0x1398 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:04:57.0746 0x1398 USBSTOR - ok
09:04:57.0776 0x1398 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:04:57.0816 0x1398 usbuhci - ok
09:04:57.0886 0x1398 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:04:57.0956 0x1398 usbvideo - ok
09:04:58.0006 0x1398 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
09:04:58.0056 0x1398 usb_rndisx - ok
09:04:58.0096 0x1398 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
09:04:58.0176 0x1398 UxSms - ok
09:04:58.0206 0x1398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
09:04:58.0216 0x1398 VaultSvc - ok
09:04:58.0236 0x1398 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:04:58.0256 0x1398 vdrvroot - ok
09:04:58.0306 0x1398 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
09:04:58.0356 0x1398 vds - ok
09:04:58.0406 0x1398 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:04:58.0436 0x1398 vga - ok
09:04:58.0456 0x1398 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:04:58.0526 0x1398 VgaSave - ok
09:04:58.0576 0x1398 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:04:58.0616 0x1398 vhdmp - ok
09:04:58.0656 0x1398 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
09:04:58.0686 0x1398 viaide - ok
09:04:58.0706 0x1398 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:04:58.0736 0x1398 volmgr - ok
09:04:58.0796 0x1398 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:04:58.0846 0x1398 volmgrx - ok
09:04:58.0866 0x1398 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:04:58.0896 0x1398 volsnap - ok
09:04:58.0936 0x1398 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:04:58.0976 0x1398 vsmraid - ok
09:04:59.0086 0x1398 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
09:04:59.0226 0x1398 VSS - ok
09:04:59.0256 0x1398 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:04:59.0276 0x1398 vwifibus - ok
09:04:59.0296 0x1398 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:04:59.0326 0x1398 vwififlt - ok
09:04:59.0356 0x1398 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:04:59.0376 0x1398 vwifimp - ok
09:04:59.0416 0x1398 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
09:04:59.0496 0x1398 W32Time - ok
09:04:59.0536 0x1398 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:04:59.0586 0x1398 WacomPen - ok
09:04:59.0646 0x1398 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:04:59.0726 0x1398 WANARP - ok
09:04:59.0746 0x1398 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:04:59.0786 0x1398 Wanarpv6 - ok
09:04:59.0886 0x1398 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:04:59.0996 0x1398 WatAdminSvc - ok
09:05:00.0106 0x1398 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
09:05:00.0206 0x1398 wbengine - ok
09:05:00.0236 0x1398 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:05:00.0276 0x1398 WbioSrvc - ok
09:05:00.0336 0x1398 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:05:00.0436 0x1398 wcncsvc - ok
09:05:00.0456 0x1398 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:05:00.0506 0x1398 WcsPlugInService - ok
09:05:00.0516 0x1398 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:05:00.0536 0x1398 Wd - ok
09:05:00.0616 0x1398 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:05:00.0696 0x1398 Wdf01000 - ok
09:05:00.0716 0x1398 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:05:00.0856 0x1398 WdiServiceHost - ok
09:05:00.0876 0x1398 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:05:00.0896 0x1398 WdiSystemHost - ok
09:05:00.0936 0x1398 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
09:05:00.0966 0x1398 WebClient - ok
09:05:01.0016 0x1398 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:05:01.0086 0x1398 Wecsvc - ok
09:05:01.0106 0x1398 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:05:01.0166 0x1398 wercplsupport - ok
09:05:01.0196 0x1398 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
09:05:01.0246 0x1398 WerSvc - ok
09:05:01.0276 0x1398 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:05:01.0316 0x1398 WfpLwf - ok
09:05:01.0326 0x1398 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:05:01.0346 0x1398 WIMMount - ok
09:05:01.0366 0x1398 WinDefend - ok
09:05:01.0376 0x1398 WinHttpAutoProxySvc - ok
09:05:01.0436 0x1398 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:05:01.0516 0x1398 Winmgmt - ok
09:05:01.0646 0x1398 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
09:05:01.0806 0x1398 WinRM - ok
09:05:01.0886 0x1398 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:05:01.0936 0x1398 WinUsb - ok
09:05:02.0016 0x1398 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:05:02.0106 0x1398 Wlansvc - ok
09:05:02.0306 0x1398 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:05:02.0436 0x1398 wlidsvc - ok
09:05:02.0486 0x1398 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:05:02.0536 0x1398 WmiAcpi - ok
09:05:02.0566 0x1398 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:05:02.0636 0x1398 wmiApSrv - ok
09:05:02.0676 0x1398 WMPNetworkSvc - ok
09:05:02.0706 0x1398 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:05:02.0746 0x1398 WPCSvc - ok
09:05:02.0786 0x1398 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:05:02.0806 0x1398 WPDBusEnum - ok
09:05:02.0836 0x1398 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:05:02.0896 0x1398 ws2ifsl - ok
09:05:02.0936 0x1398 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
09:05:02.0956 0x1398 wscsvc - ok
09:05:03.0006 0x1398 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:05:03.0046 0x1398 WSDPrintDevice - ok
09:05:03.0076 0x1398 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
09:05:03.0086 0x1398 WSDScan - ok
09:05:03.0096 0x1398 WSearch - ok
09:05:03.0176 0x1398 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
09:05:03.0286 0x1398 wuauserv - ok
09:05:03.0326 0x1398 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:05:03.0356 0x1398 WudfPf - ok
09:05:03.0406 0x1398 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:05:03.0446 0x1398 WUDFRd - ok
09:05:03.0476 0x1398 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:05:03.0516 0x1398 wudfsvc - ok
09:05:03.0556 0x1398 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:05:03.0606 0x1398 WwanSvc - ok
09:05:03.0656 0x1398 ================ Scan global ===============================
09:05:03.0676 0x1398 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:05:03.0736 0x1398 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:05:03.0766 0x1398 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:05:03.0806 0x1398 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:05:03.0826 0x1398 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:05:03.0836 0x1398 [ Global ] - ok
09:05:03.0836 0x1398 ================ Scan MBR ==================================
09:05:03.0856 0x1398 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:05:04.0316 0x1398 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
09:05:04.0316 0x1398 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:05:07.0006 0x1398 ================ Scan VBR ==================================
09:05:07.0006 0x1398 [ A494A22B5EFEED048E8B225C0B4F343E ] \Device\Harddisk0\DR0\Partition1
09:05:07.0006 0x1398 \Device\Harddisk0\DR0\Partition1 - ok
09:05:07.0076 0x1398 [ 25F5849B729BA047868E7BFDFFD3EFF8 ] \Device\Harddisk0\DR0\Partition2
09:05:07.0086 0x1398 \Device\Harddisk0\DR0\Partition2 - ok
09:05:07.0086 0x1398 Waiting for KSN requests completion. In queue: 197
09:05:08.0086 0x1398 Waiting for KSN requests completion. In queue: 197
09:05:09.0086 0x1398 Waiting for KSN requests completion. In queue: 197
09:05:10.0086 0x1398 Waiting for KSN requests completion. In queue: 197
09:05:11.0226 0x1398 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
09:05:11.0246 0x1398 Win FW state via NFP2: enabled
09:05:25.0956 0x1398 ============================================================
09:05:25.0956 0x1398 Scan finished
09:05:25.0956 0x1398 ============================================================
09:05:25.0966 0x0d30 Detected object count: 2
09:05:25.0966 0x0d30 Actual detected object count: 2
09:12:51.0930 0x0d30 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:12:51.0930 0x0d30 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:12:51.0930 0x0d30 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:12:51.0930 0x0d30 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
09:12:56.0595 0x19d4 Deinitialize success
Was soll ich nun als nächstes tun? Vielen Dank schon mal für die Hilfe!  lg |
|
02.12.2013, 09:56
| #2 |
| /// the machine /// TB-Ausbilder    | BOO/TDss.O Virus gefunden Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
TDSSKiller nochmal laufen lassen, neben TDSS File System bitte Cure wählen und weiter. Dann bitte das Logfile posten.
__________________ |
|
02.12.2013, 10:01
| #3 |
| | BOO/TDss.O Virus gefunden wow, das ging schnell!
__________________listparts: Code:
ATTFilter ListParts by Farbar Version: 20-10-2013
Ran by Richi (administrator) on 02-12-2013 at 09:16:13
Windows 7 (X64)
Running From: C:\Users\Richi\Desktop
Language: 0407
************************************************************
========================= Memory info ======================
Percentage of memory in use: 43%
Total physical RAM: 3958.7 MB
Available physical RAM: 2244.45 MB
Total Pagefile: 7915.59 MB
Available Pagefile: 5490.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
======================= Partitions =========================
1 Drive c: (Acer) (Fixed) (Total:348.24 GB) (Free:162.9 GB) NTFS
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 465 GB 0 B
Partitions of Disk 0:
===============
Datentr„ger-ID: 6027F48B
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Wiederherstellun 12 GB 31 KB
Partition 2 Prim„r 101 MB 12 GB
Partition 3 Prim„r 348 GB 12 GB
Partition 4 Prim„r 10 GB 360 GB
======================================================================================================
Disk: 0
Partition 1
Typ : 27
Versteckt: Ja
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 PQSERVICE NTFS Partition 12 GB Fehlerfre Versteck
======================================================================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 SYSTEM RESE NTFS Partition 101 MB Fehlerfre System (partition with boot components)
======================================================================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C Acer NTFS Partition 348 GB Fehlerfre Startpar
======================================================================================================
Disk: 0
Partition 4
Typ : 17
Versteckt: Ja
Aktiv : Nein
Dieser Partition ist kein Volume zugewiesen.
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: 6027F48B
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10 GB) - (Type=17)
****** End Of Log ******
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by Richi (administrator) on MEINER on 02-12-2013 09:20:17
Running from C:\Users\Richi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Macrovision Corporation) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Farbar) C:\Users\Richi\Desktop\ListParts64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-02] (Google Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [Epson Stylus SX525WD(Netzwerk)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\Windows\TEMP\E_S639.tmp" /EF "HKCU"
MountPoints2: {a6ed1acf-0e98-11e1-b824-705ab6d3fc5a} - E:\wubi.exe
MountPoints2: {eb34f6dd-6377-11e1-b883-705ab6d3fc5a} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
AppInit_DLLs: C:\Windows\System32\acaptuser64.dll [36984 2007-05-10] (Adobe Systems, Inc.)
AppInit_DLLs-x32: acaptuser32.dll [112248 2007-05-10] (Adobe Systems, Inc.)
Startup: C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=travelmate_5740g&r=27361111n205l0454z1j5x4572m28n
URLSearchHook: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
SearchScopes: HKCU - DefaultScope {09C9F427-A44D-4124-BE7A-E35344C6F88A} URL = hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
SearchScopes: HKCU - {09C9F427-A44D-4124-BE7A-E35344C6F88A} URL = hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=116198&tt=4012_4&babsrc=SP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll (Montera Technologeis LTD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default
FF user.js: detected! => C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\user.js
FF Homepage: www.orf.at
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Richi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\footiefox.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\funmoods.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\twitter-.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch, erweitert für Österreich - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\de-AT@dictionaries.addons.mozilla.org
FF Extension: Xmarks - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\foxmarks@kei.com
FF Extension: Evernote Web Clipper - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: twitter.address.bar.search - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\twitter.address.bar.search@firefox.twitter.xpi
FF Extension: youtube2mp3 - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
Chrome:
=======
CHR HomePage: hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
CHR RestoreOnStartup: "hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5"
CHR Plugin: (Shockwave Flash) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (AdBlock) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\Richi\AppData\Local\Temp\ccex.crx
==================== Services (Whitelisted) =================
R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [3536896 2009-04-14] (ANSYS, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-14] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-02 09:20 - 2013-12-02 09:20 - 00022437 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 01959184 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 20:32 - 2013-11-26 20:34 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 18:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:18 - 2013-11-26 18:35 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 11:59 - 2013-11-23 20:12 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-16 15:40 - 2013-11-16 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 10:51 - 2013-11-19 19:22 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-13 16:02 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:02 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:02 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:02 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 16:02 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:01 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:01 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:01 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:01 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:44 - 2013-11-12 22:57 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-10 17:58 - 2013-11-10 17:59 - 00000000 ____D C:\Users\Richi\bitcoin
==================== One Month Modified Files and Folders =======
2013-12-02 09:20 - 2013-12-02 09:20 - 00022437 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 01959184 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:14 - 2011-11-01 21:32 - 01376753 _____ C:\Windows\WindowsUpdate.log
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-02 08:49 - 2011-11-02 12:49 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-02 08:37 - 2011-11-01 22:22 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Skype
2013-12-02 08:29 - 2012-08-20 09:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-02 08:26 - 2011-11-04 17:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 08:14 - 2012-04-05 21:17 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-01 23:31 - 2013-08-13 19:55 - 00014573 _____ C:\Windows\setupact.log
2013-12-01 22:38 - 2011-11-02 12:49 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-01 22:32 - 2011-11-04 17:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 12:10 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 12:10 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 12:03 - 2011-11-21 15:23 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Dropbox
2013-12-01 12:02 - 2012-05-03 12:59 - 00000000 ___RD C:\Users\Richi\Google Drive
2013-12-01 12:02 - 2011-11-21 15:24 - 00000000 ___RD C:\Users\Richi\Dropbox
2013-12-01 12:01 - 2012-05-03 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-01 12:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-30 16:19 - 2013-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-28 18:20 - 2013-10-06 13:00 - 00099066 _____ C:\Windows\PFRO.log
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-08-09 09:51 - 00000000 ____D C:\ProgramData\Avira
2013-11-26 20:34 - 2013-11-26 20:32 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 19:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 18:44 - 2011-11-06 11:08 - 00001425 _____ C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 18:43 - 2010-03-29 11:25 - 00000000 ____D C:\Windows\Panther
2013-11-26 18:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 18:35 - 2013-11-26 18:18 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:12 - 2011-11-01 21:39 - 00000000 ____D C:\Users\Richi
2013-11-26 18:11 - 2013-06-07 23:22 - 00000000 ____D C:\Windows\Minidump
2013-11-26 18:11 - 2012-02-09 18:45 - 00000000 ____D C:\Program Files\CCleaner
2013-11-26 18:11 - 2011-12-08 02:20 - 00000000 ____D C:\Users\Richi\AppData\Roaming\vlc
2013-11-26 18:11 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 20:12 - 2013-11-23 11:59 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-20 14:14 - 2011-11-02 08:55 - 00000000 ____D C:\Users\Richi\AppData\Local\Adobe
2013-11-19 19:29 - 2012-04-05 21:17 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-11-19 19:22 - 2013-11-16 10:51 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-16 15:41 - 2013-11-16 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 14:48 - 2013-03-23 13:35 - 00000000 ____D C:\Users\Richi\Bewerbung
2013-11-14 13:52 - 2010-03-29 10:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 13:48 - 2013-08-01 19:47 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:48 - 2011-11-06 10:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 22:57 - 2013-11-12 20:44 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-12 16:35 - 2011-11-01 21:48 - 00000000 ____D C:\Users\Richi\Downloads\Programme
2013-11-12 16:10 - 2011-11-02 06:15 - 00700608 _____ C:\Windows\system32\perfh007.dat
2013-11-12 16:10 - 2011-11-02 06:15 - 00149372 _____ C:\Windows\system32\perfc007.dat
2013-11-12 16:10 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:50 - 2011-11-01 22:10 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 17:59 - 2013-11-10 17:58 - 00000000 ____D C:\Users\Richi\bitcoin
2013-11-09 23:50 - 2011-11-01 21:57 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Mozilla
2013-11-09 14:44 - 2012-02-02 20:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-08 15:33 - 2012-03-07 18:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 15:33 - 2011-11-01 22:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 20:10 - 2011-11-04 07:54 - 00000000 ____D C:\Users\Richi\Segeln
Files to move or delete:
====================
C:\Users\Richi\Keygen.exe
Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 21:25
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013
Ran by Richi at 2013-12-02 09:21:15
Running from C:\Users\Richi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 6.2.2)
Acer Backup Manager (x32 Version: 2.0.1.60)
Acer Crystal Eye webcam (x32 Version: 1.0.2.0)
Acer ePower Management (x32 Version: 5.00.3002)
Acer eRecovery Management (x32 Version: 4.05.3007)
Acer Registration (x32 Version: 1.02.3006)
Acer ScreenSaver (x32 Version: 1.1.0203.2010)
Acer Updater (x32 Version: 1.01.3014)
Acer VCM (x32 Version: 4.05.3002)
Acrobat 3D 64-bit Add-On (Version: 8.1.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe Acrobat 3D version 8 (x32 Version: 8.1.0)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Advanced Renamer (x32 Version: 3.15)
AnvSoft Photo Flash Maker Free 5.41 (x32 Version: 5.41)
Apple Application Support (x32 Version: 2.1.5)
Apple Software Update (x32 Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.758.0)
Avira Free Antivirus (x32 Version: 14.0.1.749)
Azureus (x32 Version: 2.5.0.4)
Backup Manager Advance (x32 Version: 2.0.1.60)
Bitcoin (HKCU Version: 0.7.2)
Blender (Version: 2.64-release)
Broadcom Gigabit NetLink Controller (Version: 12.52.04)
Canon MX410 series MP Drivers
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Light (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0122.858.16002)
Catalyst Control Center InstallProxy (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Localization All (x32 Version: 2010.0122.858.16002)
CCC Help Chinese Standard (x32 Version: 2010.0122.0857.16002)
CCC Help Chinese Traditional (x32 Version: 2010.0122.0857.16002)
CCC Help Czech (x32 Version: 2010.0122.0857.16002)
CCC Help Danish (x32 Version: 2010.0122.0857.16002)
CCC Help Dutch (x32 Version: 2010.0122.0857.16002)
CCC Help English (x32 Version: 2010.0122.0857.16002)
CCC Help Finnish (x32 Version: 2010.0122.0857.16002)
CCC Help French (x32 Version: 2010.0122.0857.16002)
CCC Help German (x32 Version: 2010.0122.0857.16002)
CCC Help Greek (x32 Version: 2010.0122.0857.16002)
CCC Help Hungarian (x32 Version: 2010.0122.0857.16002)
CCC Help Italian (x32 Version: 2010.0122.0857.16002)
CCC Help Japanese (x32 Version: 2010.0122.0857.16002)
CCC Help Korean (x32 Version: 2010.0122.0857.16002)
CCC Help Norwegian (x32 Version: 2010.0122.0857.16002)
CCC Help Polish (x32 Version: 2010.0122.0857.16002)
CCC Help Portuguese (x32 Version: 2010.0122.0857.16002)
CCC Help Russian (x32 Version: 2010.0122.0857.16002)
CCC Help Spanish (x32 Version: 2010.0122.0857.16002)
CCC Help Swedish (x32 Version: 2010.0122.0857.16002)
CCC Help Thai (x32 Version: 2010.0122.0857.16002)
CCC Help Turkish (x32 Version: 2010.0122.0857.16002)
ccc-core-static (x32 Version: 2010.0122.858.16002)
ccc-utility64 (Version: 2010.0122.858.16002)
CCleaner (Version: 4.04)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
Claro LTD toolbar (x32)
CloneCD (x32)
DAEMON Tools Lite (x32 Version: 4.45.1.0236)
Deluxe Ski Jump 4 (x32 Version: 1.3.2)
DivX-Setup (x32 Version: 2.6.0.34)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000)
Dropbox (HKCU Version: 2.0.22)
EPSON Scan (x32)
EPSON SX525WD Series Printer Uninstall
EpsonNet Print (x32 Version: 2.6.0)
EpsonNet Setup 3.3 (x32 Version: 3.3b)
eSobi v2 (x32 Version: 2.0.4.000274)
Evernote v. 4.6 (x32 Version: 4.6.0.7670)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
fit2sail-SBF_SKS (x32 Version: 1.00.0000)
Fugawi 4.5 (x32 Version: 4.5)
Game Alarm (HKCU)
GEODOG-SOFTWARE (x32 Version: 1.8.2342)
Google Chrome (HKCU Version: 31.0.1650.57)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth (x32 Version: 7.1.1.1888)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Google Update Helper (x32 Version: 1.3.21.165)
GPL Ghostscript (Version: 9.02)
GSview 4.9
HammerHead Rhythm Station (x32)
HappyFoto-Designer 5.1 (x32)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
HTC Driver Installer (x32 Version: 3.0.0.007)
Identity Card (x32 Version: 1.00.3003)
InfraRecorder (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.5.6.1001)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.01.00.1005)
InterVideo WinDVD 8 (x32 Version: 8.5.10.75)
Java 7 Update 21 (x32 Version: 7.0.210)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 29 (x32 Version: 6.0.290)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 14.0.8089.726)
Launch Manager (x32 Version: 4.0.7)
MATLAB R2007b (Version: 7.5)
MegaCAD 3D 2005 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Flight (x32 Version: 1.0.0000.129)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MozBackup 1.5.1 (x32)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
MyPhoneExplorer (x32 Version: 1.8.4)
Network64 (Version: 140.0.215.000)
NTI Backup Now 5 (x32 Version: 5.1.2.628)
NTI Backup Now Standard (x32 Version: 5.1.2.628)
NTI Media Maker 8 (x32 Version: 8.0.12.6630)
Picasa 3 (x32 Version: 3.9)
Pixum Fotobuch (x32 Version: 5.0.1)
PL-2303 USB-to-Serial (x32 Version: 1.4.17)
Plancal® nova 8.1 x64 (Version: 8.1.0.5)
PX Profile Update (x32 Version: 1.00.1.)
QuickTime (x32 Version: 7.71.80.42)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6037)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30113)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Scan (x32 Version: 140.0.80.000)
Shredder Classic 4 (x32)
Ski Challenge 12 (AT) (HKCU)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.10 (x32 Version: 6.10.104)
Softonic toolbar on IE and Chrome (x32)
Spotify (HKCU Version: 0.6.4)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
TeamViewer 8 (x32 Version: 8.0.22298)
TeXnicCenter Version 1.0 Stable RC1 (x32 Version: Version 1.0 Stable RC1)
TomTom HOME (x32 Version: 2.9.3)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Toolbox (x32 Version: 140.0.428.000)
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VirtualDJ Home FREE (x32 Version: 7.0.5)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Vsk5Online (x32)
Vuze (x32 Version: 4.7)
Vuze Remote Toolbar (x32 Version: 6.8.5.1)
Welcome Center (x32 Version: 1.00.3013)
Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) (Version: 01/06/2010 6.2.0.9416)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Messenger (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
WinSCP 4.3.5 (x32 Version: 4.3.5)
Xming 6.9.0.31 (x32 Version: 6.9.0.31)
Xvid Video Codec (x32 Version: 1.3.2)
==================== Restore Points =========================
19-11-2013 18:33:55 Windows Update
26-11-2013 16:57:20 Windows Update
26-11-2013 17:02:15 Wiederherstellungsvorgang
26-11-2013 17:17:18 Windows Update
26-11-2013 17:29:23 Windows Update
30-11-2013 14:45:15 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0776AE2D-FD27-4F36-B711-3998A63A9D5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04] (Google Inc.)
Task: {6B691179-72AD-4723-A33F-FCF1D83066D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02] (Google Inc.)
Task: {6D8A6D77-F7A2-40CA-AE83-63F27B79373A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04] (Google Inc.)
Task: {6F72DA02-B884-46B2-BEE0-5A2B5287989D} - System32\Tasks\{82284C48-A882-4361-82BB-C716422CDACF} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.8.0.158.259&LastError=12002
Task: {7382EF3D-0750-4427-8151-A89891BD8E46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {7605269D-D3BB-4A2A-BD39-F31BC1545567} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {95FDD2E1-778B-466B-945D-D480D6108CF3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {B5C5CADE-C598-40C2-8070-FFB68E813D8C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {F4DD4678-6B77-4151-B448-0ABA6B9AF030} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-11-28 15:50 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-01-07 14:42 - 2010-01-07 14:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-01 21:32 - 2011-11-01 21:32 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-26 20:36 - 2013-10-31 19:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Richi\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-01 12:01 - 2013-12-01 12:01 - 00098816 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32api.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00110080 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pywintypes27.dll
2013-12-01 12:01 - 2013-12-01 12:01 - 00364544 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pythoncom27.dll
2013-12-01 12:01 - 2013-12-01 12:01 - 00044032 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_socket.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 01153024 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_ssl.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00320512 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32com.shell.shell.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00711680 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_hashlib.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 01175040 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._core_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00805888 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._gdi_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00811008 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._windows_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 01062400 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._controls_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00735232 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._misc_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00128512 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_elementtree.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00127488 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pyexpat.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00557056 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pysqlite2._sqlite.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00087040 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_ctypes.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00119808 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32file.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00108544 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32security.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00018432 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32event.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00038912 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32inet.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00122368 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._wizard.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00686080 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\unicodedata.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00026624 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_multiprocessing.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00070656 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._html2.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00010240 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\select.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00025600 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32pdh.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00504832 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\windows._cacheinvalidation.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00011264 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32crypt.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00035840 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32process.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00017408 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32profile.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00022528 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32ts.pyd
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-03-29 11:23 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2010-03-29 10:47 - 2009-12-24 01:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-16 15:40 - 2013-11-16 15:40 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-18 16:59 - 2013-11-30 16:19 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-18 16:59 - 2013-11-30 16:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-18 16:59 - 2013-11-30 16:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-11-26 20:36 - 2013-10-31 19:25 - 00394808 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows:72850EB04904A401
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: GEODOG Pro Device (COM6)
Description: GEODOG Pro Device
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: GEODOG GmbH
Service: usbser
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: GEODOG Plus Device (COM7)
Description: GEODOG Plus Device
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: GEODOG GmbH
Service: usbser
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/28/2013 07:59:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (11/26/2013 08:31:10 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/26/2013 08:25:49 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (11/26/2013 08:25:18 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (11/26/2013 08:13:53 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (11/26/2013 07:14:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (11/26/2013 06:43:24 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (11/26/2013 06:20:18 PM) (Source: Application Hang) (User: )
Description: Programm avcenter.exe, Version 13.6.20.2100 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17a4
Startzeit: 01ceeacb87e7729c
Endzeit: 50843
Anwendungspfad: C:\program files (x86)\avira\antivir desktop\avcenter.exe
Berichts-ID: da4d3d39-56be-11e3-8d59-705ab6d3fc5a
Error: (11/26/2013 06:18:57 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (11/26/2013 06:18:53 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
System errors:
=============
Error: (12/01/2013 00:22:10 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.
Error: (12/01/2013 00:02:47 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.
Error: (12/01/2013 00:02:34 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/30/2013 03:58:33 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.
Error: (11/30/2013 03:39:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (11/30/2013 03:39:05 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.
Error: (11/30/2013 03:38:57 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/28/2013 06:41:29 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.
Error: (11/28/2013 06:22:20 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.
Error: (11/28/2013 06:22:03 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 3958.7 MB
Available physical RAM: 2123.39 MB
Total Pagefile: 7915.59 MB
Available Pagefile: 5440.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:348.24 GB) (Free:162.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6027F48B)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10 GB) - (Type=17)
==================== End Of Log ============================
|
|
02.12.2013, 10:16
| #4 |
| | BOO/TDss.O Virus gefunden Hier nochmal das logfile von tdsskiller Code:
ATTFilter 10:08:45.0421 0x1878 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
10:08:48.0166 0x1878 ============================================================
10:08:48.0166 0x1878 Current date / time: 2013/12/02 10:08:48.0166
10:08:48.0166 0x1878 SystemInfo:
10:08:48.0166 0x1878
10:08:48.0166 0x1878 OS Version: 6.1.7601 ServicePack: 1.0
10:08:48.0166 0x1878 Product type: Workstation
10:08:48.0166 0x1878 ComputerName: MEINER
10:08:48.0182 0x1878 UserName: Richi
10:08:48.0182 0x1878 Windows directory: C:\Windows
10:08:48.0182 0x1878 System windows directory: C:\Windows
10:08:48.0182 0x1878 Running under WOW64
10:08:48.0182 0x1878 Processor architecture: Intel x64
10:08:48.0182 0x1878 Number of processors: 4
10:08:48.0182 0x1878 Page size: 0x1000
10:08:48.0182 0x1878 Boot type: Normal boot
10:08:48.0182 0x1878 ============================================================
10:08:48.0993 0x1878 KLMD registered as C:\Windows\system32\drivers\25161414.sys
10:08:49.0165 0x1878 System UUID: {9B46AF8B-8495-C385-0BD8-CEB1480BA967}
10:08:49.0695 0x1878 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:08:49.0711 0x1878 ============================================================
10:08:49.0711 0x1878 \Device\Harddisk0\DR0:
10:08:49.0711 0x1878 MBR partitions:
10:08:49.0711 0x1878 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
10:08:49.0711 0x1878 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2B879904
10:08:49.0711 0x1878 ============================================================
10:08:49.0742 0x1878 C: <-> \Device\Harddisk0\DR0\Partition2
10:08:49.0742 0x1878 ============================================================
10:08:49.0742 0x1878 Initialize success
10:08:49.0742 0x1878 ============================================================
10:08:56.0622 0x1240 ============================================================
10:08:56.0622 0x1240 Scan started
10:08:56.0622 0x1240 Mode: Manual; SigCheck; TDLFS;
10:08:56.0622 0x1240 ============================================================
10:08:56.0622 0x1240 KSN ping started
10:09:10.0396 0x1240 KSN ping finished: true
10:09:10.0724 0x1240 ================ Scan system memory ========================
10:09:10.0724 0x1240 System memory - ok
10:09:10.0724 0x1240 ================ Scan services =============================
10:09:11.0223 0x1240 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:09:11.0270 0x1240 1394ohci - ok
10:09:11.0348 0x1240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:09:11.0395 0x1240 ACPI - ok
10:09:11.0410 0x1240 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:09:11.0426 0x1240 AcpiPmi - ok
10:09:11.0566 0x1240 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:09:11.0582 0x1240 AdobeARMservice - ok
10:09:11.0738 0x1240 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:09:11.0754 0x1240 AdobeFlashPlayerUpdateSvc - ok
10:09:11.0800 0x1240 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:09:11.0816 0x1240 adp94xx - ok
10:09:11.0863 0x1240 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:09:11.0878 0x1240 adpahci - ok
10:09:11.0910 0x1240 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:09:11.0925 0x1240 adpu320 - ok
10:09:11.0956 0x1240 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:09:11.0988 0x1240 AeLookupSvc - ok
10:09:12.0066 0x1240 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
10:09:12.0097 0x1240 AFD - ok
10:09:12.0159 0x1240 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:09:12.0175 0x1240 agp440 - ok
10:09:12.0190 0x1240 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:09:12.0206 0x1240 ALG - ok
10:09:12.0268 0x1240 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:09:12.0284 0x1240 aliide - ok
10:09:12.0315 0x1240 [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:09:12.0346 0x1240 AMD External Events Utility - ok
10:09:12.0378 0x1240 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:09:12.0393 0x1240 amdide - ok
10:09:12.0440 0x1240 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:09:12.0456 0x1240 AmdK8 - ok
10:09:12.0752 0x1240 [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
10:09:12.0939 0x1240 amdkmdag - ok
10:09:13.0033 0x1240 [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:09:13.0048 0x1240 amdkmdap - ok
10:09:13.0080 0x1240 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:09:13.0095 0x1240 AmdPPM - ok
10:09:13.0158 0x1240 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:09:13.0173 0x1240 amdsata - ok
10:09:13.0204 0x1240 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:09:13.0220 0x1240 amdsbs - ok
10:09:13.0236 0x1240 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:09:13.0251 0x1240 amdxata - ok
10:09:13.0298 0x1240 [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
10:09:13.0329 0x1240 androidusb - ok
10:09:13.0548 0x1240 [ 02E2B39AFE9EA2AEC4B15B20A0A4C3A6, 5F345F7CDF7F464DACB72D10B287774799DF990A134608F6920B9B810FC8347D ] ANSYS, Inc. License Manager C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
10:09:13.0657 0x1240 ANSYS, Inc. License Manager - detected UnsignedFile.Multi.Generic ( 1 )
10:09:16.0418 0x1240 Detect skipped due to KSN trusted
10:09:16.0418 0x1240 ANSYS, Inc. License Manager - ok
10:09:16.0636 0x1240 [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:09:16.0652 0x1240 AntiVirSchedulerService - ok
10:09:16.0746 0x1240 [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:09:16.0761 0x1240 AntiVirService - ok
10:09:16.0855 0x1240 [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:09:16.0886 0x1240 AntiVirWebService - ok
10:09:16.0980 0x1240 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:09:17.0026 0x1240 AppID - ok
10:09:17.0058 0x1240 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:09:17.0104 0x1240 AppIDSvc - ok
10:09:17.0151 0x1240 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:09:17.0167 0x1240 Appinfo - ok
10:09:17.0198 0x1240 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:09:17.0214 0x1240 arc - ok
10:09:17.0214 0x1240 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:09:17.0229 0x1240 arcsas - ok
10:09:17.0370 0x1240 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:09:17.0385 0x1240 aspnet_state - ok
10:09:17.0432 0x1240 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:09:17.0479 0x1240 AsyncMac - ok
10:09:17.0526 0x1240 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:09:17.0557 0x1240 atapi - ok
10:09:17.0619 0x1240 [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
10:09:17.0635 0x1240 AtiHdmiService - ok
10:09:17.0713 0x1240 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:09:17.0760 0x1240 AudioEndpointBuilder - ok
10:09:17.0791 0x1240 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:09:17.0853 0x1240 AudioSrv - ok
10:09:17.0978 0x1240 [ 0909E9AD4019AFF25C58E0DFFDCD744E, D1C1A6C7C1EABAC32B24C45E3E6BE3BC7C74A46996CFA6697E7A98E1A6D05531 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:09:17.0994 0x1240 avgntflt - ok
10:09:18.0072 0x1240 [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:09:18.0087 0x1240 avipbb - ok
10:09:18.0150 0x1240 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:09:18.0165 0x1240 avkmgr - ok
10:09:18.0212 0x1240 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
10:09:18.0228 0x1240 avnetflt - ok
10:09:18.0274 0x1240 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:09:18.0306 0x1240 AxInstSV - ok
10:09:18.0368 0x1240 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:09:18.0415 0x1240 b06bdrv - ok
10:09:18.0446 0x1240 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:09:18.0477 0x1240 b57nd60a - ok
10:09:18.0649 0x1240 [ B44879610F2DC4A046B14BEFA3AE72DE, B9C17872E0DA23A495B6EC4D4C249AA96F82409DD83B6A17F557D9171D1D7089 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
10:09:18.0727 0x1240 BCM43XX - ok
10:09:18.0789 0x1240 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:09:18.0805 0x1240 BDESVC - ok
10:09:18.0820 0x1240 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:09:18.0852 0x1240 Beep - ok
10:09:18.0930 0x1240 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:09:18.0976 0x1240 BFE - ok
10:09:19.0039 0x1240 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:09:19.0101 0x1240 BITS - ok
10:09:19.0132 0x1240 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:09:19.0148 0x1240 blbdrive - ok
10:09:19.0195 0x1240 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:09:19.0210 0x1240 bowser - ok
10:09:19.0257 0x1240 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:09:19.0273 0x1240 BrFiltLo - ok
10:09:19.0288 0x1240 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:09:19.0304 0x1240 BrFiltUp - ok
10:09:19.0351 0x1240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:09:19.0366 0x1240 Browser - ok
10:09:19.0398 0x1240 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:09:19.0413 0x1240 Brserid - ok
10:09:19.0444 0x1240 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:09:19.0460 0x1240 BrSerWdm - ok
10:09:19.0476 0x1240 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:09:19.0491 0x1240 BrUsbMdm - ok
10:09:19.0507 0x1240 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:09:19.0522 0x1240 BrUsbSer - ok
10:09:19.0585 0x1240 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:09:19.0600 0x1240 BthEnum - ok
10:09:19.0632 0x1240 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:09:19.0647 0x1240 BTHMODEM - ok
10:09:19.0678 0x1240 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:09:19.0694 0x1240 BthPan - ok
10:09:19.0725 0x1240 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:09:19.0756 0x1240 BTHPORT - ok
10:09:19.0803 0x1240 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:09:19.0866 0x1240 bthserv - ok
10:09:19.0881 0x1240 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:09:19.0897 0x1240 BTHUSB - ok
10:09:19.0944 0x1240 [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
10:09:19.0959 0x1240 btusbflt - ok
10:09:19.0990 0x1240 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:09:20.0037 0x1240 cdfs - ok
10:09:20.0100 0x1240 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:09:20.0115 0x1240 cdrom - ok
10:09:20.0178 0x1240 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:09:20.0209 0x1240 CertPropSvc - ok
10:09:20.0224 0x1240 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:09:20.0240 0x1240 circlass - ok
10:09:20.0287 0x1240 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:09:20.0302 0x1240 CLFS - ok
10:09:20.0365 0x1240 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:09:20.0396 0x1240 clr_optimization_v2.0.50727_32 - ok
10:09:20.0427 0x1240 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:09:20.0443 0x1240 clr_optimization_v2.0.50727_64 - ok
10:09:20.0568 0x1240 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:09:20.0583 0x1240 clr_optimization_v4.0.30319_32 - ok
10:09:20.0630 0x1240 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:09:20.0646 0x1240 clr_optimization_v4.0.30319_64 - ok
10:09:20.0677 0x1240 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:09:20.0677 0x1240 CmBatt - ok
10:09:20.0724 0x1240 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:09:20.0755 0x1240 cmdide - ok
10:09:20.0833 0x1240 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:09:20.0864 0x1240 CNG - ok
10:09:20.0911 0x1240 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:09:20.0911 0x1240 Compbatt - ok
10:09:20.0958 0x1240 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:09:20.0989 0x1240 CompositeBus - ok
10:09:21.0004 0x1240 COMSysApp - ok
10:09:21.0036 0x1240 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:09:21.0051 0x1240 crcdisk - ok
10:09:21.0114 0x1240 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:09:21.0145 0x1240 CryptSvc - ok
10:09:21.0207 0x1240 [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
10:09:21.0223 0x1240 CVirtA - ok
10:09:21.0363 0x1240 [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
10:09:21.0426 0x1240 CVPND - ok
10:09:21.0457 0x1240 [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
10:09:21.0457 0x1240 CVPNDRVA - ok
10:09:21.0535 0x1240 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:09:21.0597 0x1240 DcomLaunch - ok
10:09:21.0644 0x1240 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:09:21.0691 0x1240 defragsvc - ok
10:09:21.0722 0x1240 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:09:21.0769 0x1240 DfsC - ok
10:09:21.0831 0x1240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:09:21.0878 0x1240 Dhcp - ok
10:09:21.0909 0x1240 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:09:21.0940 0x1240 discache - ok
10:09:21.0972 0x1240 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:09:21.0987 0x1240 Disk - ok
10:09:22.0050 0x1240 [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
10:09:22.0065 0x1240 DNE - ok
10:09:22.0112 0x1240 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:09:22.0128 0x1240 Dnscache - ok
10:09:22.0206 0x1240 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:09:22.0268 0x1240 dot3svc - ok
10:09:22.0315 0x1240 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:09:22.0330 0x1240 Dot4 - ok
10:09:22.0377 0x1240 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:09:22.0393 0x1240 Dot4Print - ok
10:09:22.0408 0x1240 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:09:22.0424 0x1240 dot4usb - ok
10:09:22.0502 0x1240 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:09:22.0564 0x1240 DPS - ok
10:09:22.0611 0x1240 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:09:22.0627 0x1240 drmkaud - ok
10:09:22.0674 0x1240 [ 61E894FE1E9CC720C909E6E343351794, 2C8540ED0A2C7028B242289078B4C2D8678D26FB7429AB3B33C136BB47B178C3 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
10:09:22.0689 0x1240 DsiWMIService - ok
10:09:22.0767 0x1240 [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:09:22.0783 0x1240 dtsoftbus01 - ok
10:09:22.0876 0x1240 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:09:22.0908 0x1240 DXGKrnl - ok
10:09:22.0939 0x1240 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:09:22.0970 0x1240 EapHost - ok
10:09:23.0126 0x1240 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:09:23.0235 0x1240 ebdrv - ok
10:09:23.0266 0x1240 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
10:09:23.0282 0x1240 EFS - ok
10:09:23.0391 0x1240 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:09:23.0422 0x1240 ehRecvr - ok
10:09:23.0454 0x1240 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:09:23.0469 0x1240 ehSched - ok
10:09:23.0532 0x1240 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
10:09:23.0563 0x1240 ElbyCDFL - ok
10:09:23.0578 0x1240 [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:09:23.0578 0x1240 ElbyCDIO - ok
10:09:23.0656 0x1240 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:09:23.0688 0x1240 elxstor - ok
10:09:23.0828 0x1240 [ 49EEF52BFB986A2B5D70F4EC12637D7B, C42C93EC36B4BD0AFF4248AD571F56FB5F39D5C57B93C01EBB34997A262E41A9 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
10:09:23.0859 0x1240 ePowerSvc - ok
10:09:23.0922 0x1240 [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
10:09:23.0937 0x1240 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
10:09:26.0823 0x1240 Detect skipped due to KSN trusted
10:09:26.0823 0x1240 EpsonBidirectionalService - ok
10:09:26.0901 0x1240 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:09:26.0917 0x1240 ErrDev - ok
10:09:26.0979 0x1240 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:09:27.0026 0x1240 EventSystem - ok
10:09:27.0057 0x1240 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:09:27.0104 0x1240 exfat - ok
10:09:27.0120 0x1240 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:09:27.0166 0x1240 fastfat - ok
10:09:27.0229 0x1240 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:09:27.0260 0x1240 Fax - ok
10:09:27.0291 0x1240 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:09:27.0307 0x1240 fdc - ok
10:09:27.0322 0x1240 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:09:27.0354 0x1240 fdPHost - ok
10:09:27.0385 0x1240 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:09:27.0416 0x1240 FDResPub - ok
10:09:27.0463 0x1240 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:09:27.0463 0x1240 FileInfo - ok
10:09:27.0478 0x1240 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:09:27.0510 0x1240 Filetrace - ok
10:09:27.0588 0x1240 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:09:27.0619 0x1240 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
10:09:30.0458 0x1240 Detect skipped due to KSN trusted
10:09:30.0458 0x1240 FLEXnet Licensing Service - ok
10:09:30.0505 0x1240 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:09:30.0536 0x1240 flpydisk - ok
10:09:30.0583 0x1240 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:09:30.0598 0x1240 FltMgr - ok
10:09:30.0692 0x1240 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:09:30.0739 0x1240 FontCache - ok
10:09:30.0832 0x1240 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:09:30.0864 0x1240 FontCache3.0.0.0 - ok
10:09:30.0895 0x1240 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:09:30.0910 0x1240 FsDepends - ok
10:09:30.0957 0x1240 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:09:30.0957 0x1240 Fs_Rec - ok
10:09:31.0051 0x1240 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:09:31.0066 0x1240 fvevol - ok
10:09:31.0082 0x1240 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:09:31.0098 0x1240 gagp30kx - ok
10:09:31.0160 0x1240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:09:31.0222 0x1240 gpsvc - ok
10:09:31.0347 0x1240 [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
10:09:31.0378 0x1240 Greg_Service - ok
10:09:31.0488 0x1240 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:09:31.0488 0x1240 gupdate - ok
10:09:31.0519 0x1240 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:09:31.0519 0x1240 gupdatem - ok
10:09:31.0597 0x1240 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:09:31.0612 0x1240 gusvc - ok
10:09:31.0659 0x1240 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:09:31.0675 0x1240 hcw85cir - ok
10:09:31.0737 0x1240 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:09:31.0768 0x1240 HdAudAddService - ok
10:09:31.0800 0x1240 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:09:31.0815 0x1240 HDAudBus - ok
10:09:31.0846 0x1240 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:09:31.0862 0x1240 HECIx64 - ok
10:09:31.0893 0x1240 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:09:31.0909 0x1240 HidBatt - ok
10:09:31.0924 0x1240 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:09:31.0940 0x1240 HidBth - ok
10:09:31.0956 0x1240 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:09:31.0971 0x1240 HidIr - ok
10:09:31.0987 0x1240 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:09:32.0034 0x1240 hidserv - ok
10:09:32.0096 0x1240 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:09:32.0112 0x1240 HidUsb - ok
10:09:32.0158 0x1240 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:09:32.0190 0x1240 hkmsvc - ok
10:09:32.0252 0x1240 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:09:32.0268 0x1240 HomeGroupListener - ok
10:09:32.0314 0x1240 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:09:32.0330 0x1240 HomeGroupProvider - ok
10:09:32.0377 0x1240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:09:32.0392 0x1240 HpSAMD - ok
10:09:32.0517 0x1240 [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:09:32.0548 0x1240 HPSLPSVC - ok
10:09:32.0595 0x1240 [ CF44B25AE808765D7308F412AD492DDB, 97A16ACCD6D624B2A57DDA913C8005320FF91542C0EF7F39456741D99D7B2725 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
10:09:32.0611 0x1240 HTCAND64 - ok
10:09:32.0658 0x1240 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
10:09:32.0673 0x1240 htcnprot - ok
10:09:32.0736 0x1240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:09:32.0798 0x1240 HTTP - ok
10:09:32.0829 0x1240 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:09:32.0845 0x1240 hwpolicy - ok
10:09:32.0907 0x1240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:09:32.0923 0x1240 i8042prt - ok
10:09:32.0970 0x1240 [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:09:32.0985 0x1240 iaStor - ok
10:09:33.0048 0x1240 [ 48362E5DB5CB2C000C514EE1F3890ACD, 561FB7BE085A624770832B0138DA1B9859981BCC66540A8F98D9F7D5B8EE6707 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:09:33.0063 0x1240 IAStorDataMgrSvc - ok
10:09:33.0110 0x1240 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:09:33.0126 0x1240 iaStorV - ok
10:09:33.0204 0x1240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:09:33.0235 0x1240 idsvc - ok
10:09:33.0282 0x1240 IEEtwCollectorService - ok
10:09:33.0328 0x1240 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:09:33.0328 0x1240 iirsp - ok
10:09:33.0406 0x1240 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:09:33.0453 0x1240 IKEEXT - ok
10:09:33.0500 0x1240 [ C48567D80AD357613CD0EEADE18780AE, AFFAB3C915C5B48A39F7F8F9438A3085DBEBA1E431DD35861A5A08EA1CBE4D37 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
10:09:33.0516 0x1240 Impcd - ok
10:09:33.0640 0x1240 [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:09:33.0703 0x1240 IntcAzAudAddService - ok
10:09:33.0750 0x1240 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:09:33.0781 0x1240 intelide - ok
10:09:33.0812 0x1240 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:09:33.0828 0x1240 intelppm - ok
10:09:33.0890 0x1240 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:09:33.0937 0x1240 IPBusEnum - ok
10:09:33.0984 0x1240 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:09:34.0015 0x1240 IpFilterDriver - ok
10:09:34.0077 0x1240 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:09:34.0093 0x1240 iphlpsvc - ok
10:09:34.0140 0x1240 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:09:34.0155 0x1240 IPMIDRV - ok
10:09:34.0186 0x1240 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:09:34.0218 0x1240 IPNAT - ok
10:09:34.0249 0x1240 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:09:34.0264 0x1240 IRENUM - ok
10:09:34.0327 0x1240 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:09:34.0327 0x1240 isapnp - ok
10:09:34.0374 0x1240 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:09:34.0389 0x1240 iScsiPrt - ok
10:09:34.0436 0x1240 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
10:09:34.0452 0x1240 IviRegMgr - ok
10:09:34.0498 0x1240 [ C9B4ECC187581E5BF3F76648884B7829, D4DDFDD92FEFDFAF293633C2B3860C37D7DC59965170E55AD181EFAFCFD1DB13 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
10:09:34.0514 0x1240 k57nd60a - ok
10:09:34.0545 0x1240 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:09:34.0561 0x1240 kbdclass - ok
10:09:34.0608 0x1240 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:09:34.0623 0x1240 kbdhid - ok
10:09:34.0639 0x1240 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
10:09:34.0654 0x1240 KeyIso - ok
10:09:34.0701 0x1240 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:09:34.0701 0x1240 KSecDD - ok
10:09:34.0717 0x1240 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:09:34.0732 0x1240 KSecPkg - ok
10:09:34.0779 0x1240 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:09:34.0810 0x1240 ksthunk - ok
10:09:34.0857 0x1240 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:09:34.0904 0x1240 KtmRm - ok
10:09:34.0966 0x1240 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:09:35.0013 0x1240 LanmanServer - ok
10:09:35.0060 0x1240 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:09:35.0107 0x1240 LanmanWorkstation - ok
10:09:35.0138 0x1240 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:09:35.0169 0x1240 lltdio - ok
10:09:35.0216 0x1240 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:09:35.0263 0x1240 lltdsvc - ok
10:09:35.0294 0x1240 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:09:35.0325 0x1240 lmhosts - ok
10:09:35.0403 0x1240 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:09:35.0419 0x1240 LMS - ok
10:09:35.0466 0x1240 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:09:35.0481 0x1240 LSI_FC - ok
10:09:35.0497 0x1240 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:09:35.0512 0x1240 LSI_SAS - ok
10:09:35.0528 0x1240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:09:35.0544 0x1240 LSI_SAS2 - ok
10:09:35.0559 0x1240 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:09:35.0575 0x1240 LSI_SCSI - ok
10:09:35.0606 0x1240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:09:35.0637 0x1240 luafv - ok
10:09:35.0700 0x1240 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:09:35.0715 0x1240 Mcx2Svc - ok
10:09:35.0746 0x1240 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:09:35.0746 0x1240 megasas - ok
10:09:35.0778 0x1240 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:09:35.0793 0x1240 MegaSR - ok
10:09:35.0918 0x1240 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:09:35.0918 0x1240 Microsoft Office Groove Audit Service - ok
10:09:35.0949 0x1240 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:09:35.0980 0x1240 MMCSS - ok
10:09:36.0012 0x1240 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:09:36.0043 0x1240 Modem - ok
10:09:36.0074 0x1240 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:09:36.0074 0x1240 monitor - ok
10:09:36.0136 0x1240 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:09:36.0136 0x1240 mouclass - ok
10:09:36.0168 0x1240 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:09:36.0183 0x1240 mouhid - ok
10:09:36.0246 0x1240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:09:36.0261 0x1240 mountmgr - ok
10:09:36.0370 0x1240 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:09:36.0370 0x1240 MozillaMaintenance - ok
10:09:36.0433 0x1240 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:09:36.0448 0x1240 mpio - ok
10:09:36.0480 0x1240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:09:36.0511 0x1240 mpsdrv - ok
10:09:36.0604 0x1240 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:09:36.0667 0x1240 MpsSvc - ok
10:09:36.0698 0x1240 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:09:36.0745 0x1240 MRxDAV - ok
10:09:36.0807 0x1240 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:09:36.0823 0x1240 mrxsmb - ok
10:09:36.0838 0x1240 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:09:36.0854 0x1240 mrxsmb10 - ok
10:09:36.0870 0x1240 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:09:36.0885 0x1240 mrxsmb20 - ok
10:09:36.0948 0x1240 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:09:36.0963 0x1240 msahci - ok
10:09:36.0994 0x1240 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:09:37.0010 0x1240 msdsm - ok
10:09:37.0026 0x1240 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:09:37.0041 0x1240 MSDTC - ok
10:09:37.0072 0x1240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:09:37.0104 0x1240 Msfs - ok
10:09:37.0119 0x1240 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:09:37.0150 0x1240 mshidkmdf - ok
10:09:37.0197 0x1240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:09:37.0213 0x1240 msisadrv - ok
10:09:37.0260 0x1240 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:09:37.0291 0x1240 MSiSCSI - ok
10:09:37.0306 0x1240 msiserver - ok
10:09:37.0338 0x1240 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:09:37.0384 0x1240 MSKSSRV - ok
10:09:37.0400 0x1240 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:09:37.0447 0x1240 MSPCLOCK - ok
10:09:37.0462 0x1240 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:09:37.0509 0x1240 MSPQM - ok
10:09:37.0556 0x1240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:09:37.0572 0x1240 MsRPC - ok
10:09:37.0618 0x1240 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:09:37.0634 0x1240 mssmbios - ok
10:09:37.0665 0x1240 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:09:37.0696 0x1240 MSTEE - ok
10:09:37.0712 0x1240 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:09:37.0728 0x1240 MTConfig - ok
10:09:37.0743 0x1240 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:09:37.0743 0x1240 Mup - ok
10:09:37.0806 0x1240 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:09:37.0852 0x1240 napagent - ok
10:09:37.0899 0x1240 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:09:37.0930 0x1240 NativeWifiP - ok
10:09:38.0008 0x1240 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:09:38.0055 0x1240 NDIS - ok
10:09:38.0071 0x1240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:09:38.0102 0x1240 NdisCap - ok
10:09:38.0133 0x1240 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:09:38.0164 0x1240 NdisTapi - ok
10:09:38.0227 0x1240 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:09:38.0274 0x1240 Ndisuio - ok
10:09:38.0320 0x1240 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:09:38.0352 0x1240 NdisWan - ok
10:09:38.0398 0x1240 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:09:38.0430 0x1240 NDProxy - ok
10:09:38.0492 0x1240 [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:09:38.0492 0x1240 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:09:41.0269 0x1240 Detect skipped due to KSN trusted
10:09:41.0269 0x1240 Net Driver HPZ12 - ok
10:09:41.0362 0x1240 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:09:41.0409 0x1240 NetBIOS - ok
10:09:41.0472 0x1240 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:09:41.0518 0x1240 NetBT - ok
10:09:41.0550 0x1240 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
10:09:41.0565 0x1240 Netlogon - ok
10:09:41.0596 0x1240 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:09:41.0643 0x1240 Netman - ok
10:09:41.0721 0x1240 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0752 0x1240 NetMsmqActivator - ok
10:09:41.0768 0x1240 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0768 0x1240 NetPipeActivator - ok
10:09:41.0799 0x1240 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:09:41.0846 0x1240 netprofm - ok
10:09:41.0846 0x1240 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0862 0x1240 NetTcpActivator - ok
10:09:41.0877 0x1240 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0893 0x1240 NetTcpPortSharing - ok
10:09:42.0158 0x1240 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
10:09:42.0376 0x1240 NETw5s64 - ok
10:09:42.0548 0x1240 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:09:42.0564 0x1240 nfrd960 - ok
10:09:42.0626 0x1240 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:09:42.0657 0x1240 NlaSvc - ok
10:09:42.0657 0x1240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:09:42.0704 0x1240 Npfs - ok
10:09:42.0720 0x1240 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:09:42.0751 0x1240 nsi - ok
10:09:42.0766 0x1240 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:09:42.0813 0x1240 nsiproxy - ok
10:09:42.0891 0x1240 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:09:42.0954 0x1240 Ntfs - ok
10:09:43.0000 0x1240 [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
10:09:43.0016 0x1240 NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:09:45.0871 0x1240 Detect skipped due to KSN trusted
10:09:45.0871 0x1240 NTI IScheduleSvc - ok
10:09:45.0933 0x1240 [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
10:09:45.0949 0x1240 NTIBackupSvc - ok
10:09:45.0964 0x1240 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
10:09:45.0980 0x1240 NTIDrvr - ok
10:09:45.0996 0x1240 [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
10:09:45.0996 0x1240 NTISchedulerSvc - ok
10:09:46.0027 0x1240 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:09:46.0058 0x1240 Null - ok
10:09:46.0089 0x1240 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:09:46.0105 0x1240 nvraid - ok
10:09:46.0167 0x1240 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:09:46.0198 0x1240 nvstor - ok
10:09:46.0245 0x1240 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:09:46.0245 0x1240 nv_agp - ok
10:09:46.0386 0x1240 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:09:46.0401 0x1240 odserv - ok
10:09:46.0448 0x1240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:09:46.0464 0x1240 ohci1394 - ok
10:09:46.0557 0x1240 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:09:46.0573 0x1240 ose - ok
10:09:46.0635 0x1240 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:09:46.0651 0x1240 p2pimsvc - ok
10:09:46.0698 0x1240 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:09:46.0729 0x1240 p2psvc - ok
10:09:46.0760 0x1240 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:09:46.0776 0x1240 Parport - ok
10:09:46.0838 0x1240 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:09:46.0854 0x1240 partmgr - ok
10:09:46.0916 0x1240 [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
10:09:46.0916 0x1240 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
10:09:49.0662 0x1240 Detect skipped due to KSN trusted
10:09:49.0662 0x1240 PassThru Service - ok
10:09:49.0740 0x1240 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:09:49.0786 0x1240 PcaSvc - ok
10:09:49.0833 0x1240 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:09:49.0849 0x1240 pci - ok
10:09:49.0896 0x1240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:09:49.0896 0x1240 pciide - ok
10:09:49.0942 0x1240 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:09:49.0958 0x1240 pcmcia - ok
10:09:49.0974 0x1240 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:09:49.0974 0x1240 pcw - ok
10:09:50.0020 0x1240 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:09:50.0067 0x1240 PEAUTH - ok
10:09:50.0130 0x1240 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:09:50.0161 0x1240 PerfHost - ok
10:09:50.0239 0x1240 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:09:50.0317 0x1240 pla - ok
10:09:50.0395 0x1240 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:09:50.0426 0x1240 PlugPlay - ok
10:09:50.0457 0x1240 [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:09:50.0473 0x1240 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:09:53.0296 0x1240 Detect skipped due to KSN trusted
10:09:53.0296 0x1240 Pml Driver HPZ12 - ok
10:09:53.0390 0x1240 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:09:53.0406 0x1240 PNRPAutoReg - ok
10:09:53.0437 0x1240 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:09:53.0468 0x1240 PNRPsvc - ok
10:09:53.0546 0x1240 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:09:53.0608 0x1240 PolicyAgent - ok
10:09:53.0640 0x1240 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:09:53.0671 0x1240 Power - ok
10:09:53.0733 0x1240 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:09:53.0796 0x1240 PptpMiniport - ok
10:09:53.0811 0x1240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:09:53.0827 0x1240 Processor - ok
10:09:53.0874 0x1240 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
10:09:53.0905 0x1240 ProfSvc - ok
10:09:53.0920 0x1240 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:09:53.0936 0x1240 ProtectedStorage - ok
10:09:53.0998 0x1240 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:09:54.0045 0x1240 Psched - ok
10:09:54.0061 0x1240 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
10:09:54.0076 0x1240 PSI_SVC_2 - ok
10:09:54.0139 0x1240 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:09:54.0186 0x1240 ql2300 - ok
10:09:54.0217 0x1240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:09:54.0232 0x1240 ql40xx - ok
10:09:54.0264 0x1240 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:09:54.0295 0x1240 QWAVE - ok
10:09:54.0310 0x1240 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:09:54.0326 0x1240 QWAVEdrv - ok
10:09:54.0342 0x1240 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:09:54.0373 0x1240 RasAcd - ok
10:09:54.0404 0x1240 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:09:54.0451 0x1240 RasAgileVpn - ok
10:09:54.0466 0x1240 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:09:54.0513 0x1240 RasAuto - ok
10:09:54.0560 0x1240 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:09:54.0622 0x1240 Rasl2tp - ok
10:09:54.0685 0x1240 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:09:54.0716 0x1240 RasMan - ok
10:09:54.0778 0x1240 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:09:54.0810 0x1240 RasPppoe - ok
10:09:54.0872 0x1240 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:09:54.0934 0x1240 RasSstp - ok
10:09:54.0981 0x1240 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:09:55.0028 0x1240 rdbss - ok
10:09:55.0059 0x1240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:09:55.0075 0x1240 rdpbus - ok
10:09:55.0090 0x1240 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:09:55.0122 0x1240 RDPCDD - ok
10:09:55.0153 0x1240 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:09:55.0184 0x1240 RDPENCDD - ok
10:09:55.0200 0x1240 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:09:55.0246 0x1240 RDPREFMP - ok
10:09:55.0293 0x1240 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:09:55.0309 0x1240 RDPWD - ok
10:09:55.0356 0x1240 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:09:55.0371 0x1240 rdyboost - ok
10:09:55.0402 0x1240 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:09:55.0449 0x1240 RemoteAccess - ok
10:09:55.0480 0x1240 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:09:55.0512 0x1240 RemoteRegistry - ok
10:09:55.0558 0x1240 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:09:55.0590 0x1240 RFCOMM - ok
10:09:55.0605 0x1240 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:09:55.0652 0x1240 RpcEptMapper - ok
10:09:55.0668 0x1240 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:09:55.0683 0x1240 RpcLocator - ok
10:09:55.0730 0x1240 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:09:55.0792 0x1240 RpcSs - ok
10:09:55.0839 0x1240 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:09:55.0870 0x1240 rspndr - ok
10:09:55.0948 0x1240 [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
10:09:55.0980 0x1240 RSUSBSTOR - ok
10:09:56.0026 0x1240 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
10:09:56.0058 0x1240 RS_Service - ok
10:09:56.0089 0x1240 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
10:09:56.0104 0x1240 RTHDMIAzAudService - ok
10:09:56.0120 0x1240 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
10:09:56.0136 0x1240 SamSs - ok
10:09:56.0182 0x1240 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:09:56.0198 0x1240 sbp2port - ok
10:09:56.0245 0x1240 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:09:56.0307 0x1240 SCardSvr - ok
10:09:56.0354 0x1240 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:09:56.0385 0x1240 scfilter - ok
10:09:56.0432 0x1240 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:09:56.0494 0x1240 Schedule - ok
10:09:56.0541 0x1240 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:09:56.0588 0x1240 SCPolicySvc - ok
10:09:56.0619 0x1240 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:09:56.0635 0x1240 SDRSVC - ok
10:09:56.0682 0x1240 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:09:56.0713 0x1240 secdrv - ok
10:09:56.0760 0x1240 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:09:56.0806 0x1240 seclogon - ok
10:09:56.0838 0x1240 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:09:56.0869 0x1240 SENS - ok
10:09:56.0884 0x1240 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:09:56.0900 0x1240 SensrSvc - ok
10:09:56.0947 0x1240 [ 2437720D4480523562360B2B6B5864A7, 314725F4786B3E660D6C58AF611ABD41D9938CEF5A7F19762632DF51CB3A52D5 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
10:09:56.0962 0x1240 Ser2pl - ok
10:09:56.0994 0x1240 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:09:56.0994 0x1240 Serenum - ok
10:09:57.0025 0x1240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:09:57.0040 0x1240 Serial - ok
10:09:57.0118 0x1240 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:09:57.0134 0x1240 sermouse - ok
10:09:57.0181 0x1240 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:09:57.0228 0x1240 SessionEnv - ok
10:09:57.0259 0x1240 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:09:57.0274 0x1240 sffdisk - ok
10:09:57.0290 0x1240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:09:57.0306 0x1240 sffp_mmc - ok
10:09:57.0306 0x1240 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:09:57.0321 0x1240 sffp_sd - ok
10:09:57.0352 0x1240 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:09:57.0368 0x1240 sfloppy - ok
10:09:57.0430 0x1240 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:09:57.0477 0x1240 SharedAccess - ok
10:09:57.0555 0x1240 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:09:57.0633 0x1240 ShellHWDetection - ok
10:09:57.0649 0x1240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:09:57.0664 0x1240 SiSRaid2 - ok
10:09:57.0696 0x1240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:09:57.0696 0x1240 SiSRaid4 - ok
10:09:57.0930 0x1240 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:09:58.0008 0x1240 Skype C2C Service - ok
10:09:58.0101 0x1240 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:09:58.0132 0x1240 SkypeUpdate - ok
10:09:58.0179 0x1240 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:09:58.0226 0x1240 Smb - ok
10:09:58.0273 0x1240 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:09:58.0288 0x1240 SNMPTRAP - ok
10:09:58.0320 0x1240 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:09:58.0335 0x1240 spldr - ok
10:09:58.0398 0x1240 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:09:58.0444 0x1240 Spooler - ok
10:09:58.0616 0x1240 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:09:58.0756 0x1240 sppsvc - ok
10:09:58.0772 0x1240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:09:58.0803 0x1240 sppuinotify - ok
10:09:58.0866 0x1240 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:09:58.0881 0x1240 srv - ok
10:09:58.0912 0x1240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:09:58.0928 0x1240 srv2 - ok
10:09:58.0959 0x1240 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:09:58.0975 0x1240 srvnet - ok
10:09:59.0037 0x1240 [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
10:09:59.0053 0x1240 ssadbus - ok
10:09:59.0084 0x1240 [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
10:09:59.0100 0x1240 ssadmdfl - ok
10:09:59.0115 0x1240 [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
10:09:59.0131 0x1240 ssadmdm - ok
10:09:59.0178 0x1240 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:09:59.0209 0x1240 SSDPSRV - ok
10:09:59.0224 0x1240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:09:59.0271 0x1240 SstpSvc - ok
10:09:59.0302 0x1240 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:09:59.0302 0x1240 stexstor - ok
10:09:59.0365 0x1240 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
10:09:59.0380 0x1240 StillCam - ok
10:09:59.0458 0x1240 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:09:59.0505 0x1240 stisvc - ok
10:09:59.0552 0x1240 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:09:59.0568 0x1240 swenum - ok
10:09:59.0614 0x1240 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:09:59.0661 0x1240 swprv - ok
10:09:59.0708 0x1240 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:09:59.0724 0x1240 SynTP - ok
10:09:59.0848 0x1240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:09:59.0911 0x1240 SysMain - ok
10:09:59.0973 0x1240 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:09:59.0989 0x1240 TabletInputService - ok
10:10:00.0004 0x1240 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:10:00.0051 0x1240 TapiSrv - ok
10:10:00.0082 0x1240 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:10:00.0114 0x1240 TBS - ok
10:10:00.0238 0x1240 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:10:00.0285 0x1240 Tcpip - ok
10:10:00.0394 0x1240 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:10:00.0457 0x1240 TCPIP6 - ok
10:10:00.0504 0x1240 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:10:00.0519 0x1240 tcpipreg - ok
10:10:00.0550 0x1240 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:10:00.0566 0x1240 TDPIPE - ok
10:10:00.0613 0x1240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:10:00.0628 0x1240 TDTCP - ok
10:10:00.0675 0x1240 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:10:00.0738 0x1240 tdx - ok
10:10:01.0096 0x1240 [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
10:10:01.0221 0x1240 TeamViewer8 - ok
10:10:01.0252 0x1240 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:10:01.0268 0x1240 TermDD - ok
10:10:01.0346 0x1240 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
10:10:01.0408 0x1240 TermService - ok
10:10:01.0440 0x1240 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:10:01.0455 0x1240 Themes - ok
10:10:01.0486 0x1240 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:10:01.0518 0x1240 THREADORDER - ok
10:10:01.0611 0x1240 [ F620772888B6E3EDEF5C3E71E3D447F0, 67CFC8E94ACCA0B31E7D2062D587C1BD37911F95A02C8CCB1B4A3E0EBDADC8B0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
10:10:01.0627 0x1240 TomTomHOMEService - ok
10:10:01.0658 0x1240 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:10:01.0689 0x1240 TrkWks - ok
10:10:01.0767 0x1240 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:10:01.0814 0x1240 TrustedInstaller - ok
10:10:01.0861 0x1240 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:10:01.0876 0x1240 tssecsrv - ok
10:10:01.0939 0x1240 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:10:01.0954 0x1240 TsUsbFlt - ok
10:10:02.0017 0x1240 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:10:02.0064 0x1240 tunnel - ok
10:10:02.0095 0x1240 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:10:02.0110 0x1240 uagp35 - ok
10:10:02.0110 0x1240 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
10:10:02.0126 0x1240 UBHelper - ok
10:10:02.0173 0x1240 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:10:02.0220 0x1240 udfs - ok
10:10:02.0235 0x1240 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:10:02.0251 0x1240 UI0Detect - ok
10:10:02.0266 0x1240 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:10:02.0266 0x1240 uliagpkx - ok
10:10:02.0344 0x1240 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:10:02.0360 0x1240 umbus - ok
10:10:02.0391 0x1240 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:10:02.0407 0x1240 UmPass - ok
10:10:02.0532 0x1240 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:10:02.0594 0x1240 UNS - ok
10:10:02.0672 0x1240 [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
10:10:02.0688 0x1240 Updater Service - ok
10:10:02.0734 0x1240 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:10:02.0797 0x1240 upnphost - ok
10:10:02.0859 0x1240 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:10:02.0875 0x1240 usbccgp - ok
10:10:02.0922 0x1240 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:10:02.0953 0x1240 usbcir - ok
10:10:03.0000 0x1240 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:10:03.0015 0x1240 usbehci - ok
10:10:03.0062 0x1240 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:10:03.0078 0x1240 usbhub - ok
10:10:03.0124 0x1240 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:10:03.0156 0x1240 usbohci - ok
10:10:03.0187 0x1240 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:10:03.0218 0x1240 usbprint - ok
10:10:03.0265 0x1240 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:10:03.0296 0x1240 usbscan - ok
10:10:03.0374 0x1240 [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser C:\Windows\system32\DRIVERS\usbser.sys
10:10:03.0405 0x1240 usbser - ok
10:10:03.0421 0x1240 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:10:03.0436 0x1240 USBSTOR - ok
10:10:03.0483 0x1240 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:10:03.0514 0x1240 usbuhci - ok
10:10:03.0561 0x1240 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:10:03.0592 0x1240 usbvideo - ok
10:10:03.0639 0x1240 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
10:10:03.0655 0x1240 usb_rndisx - ok
10:10:03.0686 0x1240 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:10:03.0717 0x1240 UxSms - ok
10:10:03.0733 0x1240 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
10:10:03.0748 0x1240 VaultSvc - ok
10:10:03.0764 0x1240 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:10:03.0780 0x1240 vdrvroot - ok
10:10:03.0842 0x1240 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:10:03.0904 0x1240 vds - ok
10:10:03.0936 0x1240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:10:03.0967 0x1240 vga - ok
10:10:03.0982 0x1240 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:10:04.0029 0x1240 VgaSave - ok
10:10:04.0076 0x1240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:10:04.0107 0x1240 vhdmp - ok
10:10:04.0138 0x1240 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:10:04.0170 0x1240 viaide - ok
10:10:04.0185 0x1240 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:10:04.0201 0x1240 volmgr - ok
10:10:04.0248 0x1240 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:10:04.0279 0x1240 volmgrx - ok
10:10:04.0310 0x1240 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:10:04.0326 0x1240 volsnap - ok
10:10:04.0372 0x1240 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:10:04.0404 0x1240 vsmraid - ok
10:10:04.0513 0x1240 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:10:04.0591 0x1240 VSS - ok
10:10:04.0606 0x1240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:10:04.0622 0x1240 vwifibus - ok
10:10:04.0653 0x1240 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:10:04.0669 0x1240 vwififlt - ok
10:10:04.0731 0x1240 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:10:04.0762 0x1240 vwifimp - ok
10:10:04.0840 0x1240 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:10:04.0903 0x1240 W32Time - ok
10:10:04.0918 0x1240 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:10:04.0934 0x1240 WacomPen - ok
10:10:04.0981 0x1240 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:10:05.0043 0x1240 WANARP - ok
10:10:05.0059 0x1240 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:10:05.0090 0x1240 Wanarpv6 - ok
10:10:05.0215 0x1240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:10:05.0246 0x1240 WatAdminSvc - ok
10:10:05.0355 0x1240 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:10:05.0402 0x1240 wbengine - ok
10:10:05.0449 0x1240 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:10:05.0480 0x1240 WbioSrvc - ok
10:10:05.0542 0x1240 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:10:05.0589 0x1240 wcncsvc - ok
10:10:05.0605 0x1240 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:10:05.0620 0x1240 WcsPlugInService - ok
10:10:05.0636 0x1240 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:10:05.0652 0x1240 Wd - ok
10:10:05.0730 0x1240 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:10:05.0761 0x1240 Wdf01000 - ok
10:10:05.0776 0x1240 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:10:05.0808 0x1240 WdiServiceHost - ok
10:10:05.0823 0x1240 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:10:05.0839 0x1240 WdiSystemHost - ok
10:10:05.0886 0x1240 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:10:05.0901 0x1240 WebClient - ok
10:10:05.0932 0x1240 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:10:05.0979 0x1240 Wecsvc - ok
10:10:05.0995 0x1240 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:10:06.0026 0x1240 wercplsupport - ok
10:10:06.0057 0x1240 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:10:06.0104 0x1240 WerSvc - ok
10:10:06.0135 0x1240 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:10:06.0182 0x1240 WfpLwf - ok
10:10:06.0182 0x1240 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:10:06.0198 0x1240 WIMMount - ok
10:10:06.0213 0x1240 WinDefend - ok
10:10:06.0229 0x1240 WinHttpAutoProxySvc - ok
10:10:06.0276 0x1240 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:10:06.0322 0x1240 Winmgmt - ok
10:10:06.0432 0x1240 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:10:06.0525 0x1240 WinRM - ok
10:10:06.0588 0x1240 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:10:06.0619 0x1240 WinUsb - ok
10:10:06.0666 0x1240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:10:06.0712 0x1240 Wlansvc - ok
10:10:06.0900 0x1240 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:10:06.0962 0x1240 wlidsvc - ok
10:10:07.0024 0x1240 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:10:07.0056 0x1240 WmiAcpi - ok
10:10:07.0071 0x1240 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:10:07.0087 0x1240 wmiApSrv - ok
10:10:07.0134 0x1240 WMPNetworkSvc - ok
10:10:07.0165 0x1240 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:10:07.0180 0x1240 WPCSvc - ok
10:10:07.0227 0x1240 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:10:07.0243 0x1240 WPDBusEnum - ok
10:10:07.0258 0x1240 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:10:07.0305 0x1240 ws2ifsl - ok
10:10:07.0321 0x1240 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:10:07.0336 0x1240 wscsvc - ok
10:10:07.0399 0x1240 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:10:07.0414 0x1240 WSDPrintDevice - ok
10:10:07.0446 0x1240 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
10:10:07.0461 0x1240 WSDScan - ok
10:10:07.0461 0x1240 WSearch - ok
10:10:07.0555 0x1240 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
10:10:07.0617 0x1240 wuauserv - ok
10:10:07.0664 0x1240 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:10:07.0695 0x1240 WudfPf - ok
10:10:07.0742 0x1240 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:10:07.0773 0x1240 WUDFRd - ok
10:10:07.0789 0x1240 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:10:07.0804 0x1240 wudfsvc - ok
10:10:07.0867 0x1240 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:10:07.0898 0x1240 WwanSvc - ok
10:10:07.0929 0x1240 ================ Scan global ===============================
10:10:07.0960 0x1240 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:10:08.0023 0x1240 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:10:08.0054 0x1240 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:10:08.0085 0x1240 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:10:08.0116 0x1240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:10:08.0116 0x1240 [ Global ] - ok
10:10:08.0116 0x1240 ================ Scan MBR ==================================
10:10:08.0148 0x1240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:10:08.0647 0x1240 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
10:10:08.0647 0x1240 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:10:22.0422 0x1240 ================ Scan VBR ==================================
10:10:22.0484 0x1240 [ A494A22B5EFEED048E8B225C0B4F343E ] \Device\Harddisk0\DR0\Partition1
10:10:22.0484 0x1240 \Device\Harddisk0\DR0\Partition1 - ok
10:10:22.0500 0x1240 [ 25F5849B729BA047868E7BFDFFD3EFF8 ] \Device\Harddisk0\DR0\Partition2
10:10:22.0500 0x1240 \Device\Harddisk0\DR0\Partition2 - ok
10:10:22.0500 0x1240 Waiting for KSN requests completion. In queue: 182
10:10:23.0529 0x1240 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
10:10:23.0529 0x1240 Win FW state via NFP2: enabled
10:10:26.0290 0x1240 ============================================================
10:10:26.0290 0x1240 Scan finished
10:10:26.0290 0x1240 ============================================================
10:10:26.0290 0x1a04 Detected object count: 1
10:10:26.0290 0x1a04 Actual detected object count: 1
10:10:42.0795 0x1a04 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
10:10:42.0811 0x1a04 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
10:10:42.0811 0x1a04 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
10:10:42.0811 0x1a04 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
10:10:42.0811 0x1a04 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
10:10:42.0811 0x1a04 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
10:10:42.0827 0x1a04 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
10:10:42.0827 0x1a04 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
10:10:42.0858 0x1a04 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
10:10:42.0873 0x1a04 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
10:10:42.0873 0x1a04 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
10:10:42.0889 0x1a04 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
10:10:42.0889 0x1a04 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
10:10:42.0889 0x1a04 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
10:10:42.0889 0x1a04 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
10:10:42.0905 0x1a04 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
10:10:42.0905 0x1a04 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
10:10:42.0983 0x1a04 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
10:10:43.0045 0x1a04 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
10:10:43.0045 0x1a04 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
10:10:43.0092 0x1a04 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
10:10:43.0107 0x1a04 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
10:10:43.0123 0x1a04 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
10:10:43.0139 0x1a04 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
10:10:43.0139 0x1a04 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
10:10:47.0819 0x1564 Deinitialize success
Geändert von pace123 (02.12.2013 um 10:11 Uhr) |
|
02.12.2013, 11:51
| #5 | |
| /// the machine /// TB-Ausbilder | BOO/TDss.O Virus gefundenCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.12.2013, 13:27
| #6 |
| | BOO/TDss.O Virus gefunden Hier mein logfile von Combofix: Code:
ATTFilter ComboFix 13-12-01.01 - Richi 02.12.2013 12:52:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3959.1873 [GMT 1:00]
ausgeführt von:: c:\users\Richi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Richi\AppData\Local\Temp\_MEI27842\_ctypes.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_elementtree.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_hashlib.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_multiprocessing.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_socket.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_ssl.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\msvcp100.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\msvcr100.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\pyexpat.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\pysqlite2._sqlite.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\python27.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\pythoncom27.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\PyWinTypes27.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\select.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\unicodedata.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32api.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32com.shell.shell.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32crypt.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32event.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32file.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32inet.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32pdh.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32process.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32profile.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32security.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32ts.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\windows._cacheinvalidation.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._controls_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._core_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._gdi_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._html2.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._misc_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._windows_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._wizard.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxbase294u_net_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxbase294u_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_adv_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_core_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_html_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_webview_vc90.dll
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-11-02 bis 2013-12-02 ))))))))))))))))))))))))))))))
.
.
2013-12-02 11:59 . 2013-12-02 11:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-02 09:10 . 2013-12-02 09:10 -------- d-----w- C:\TDSSKiller_Quarantine
2013-12-02 08:19 . 2013-12-02 08:19 -------- d-----w- C:\FRST
2013-11-30 14:46 . 2013-11-18 00:28 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5ED1C31A-7FFB-426B-9662-6ADCFE451AAE}\mpengine.dll
2013-11-26 19:45 . 2013-11-26 19:45 -------- d-----w- c:\users\Richi\AppData\Roaming\Avira
2013-11-26 19:36 . 2013-10-31 18:25 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-11-26 19:36 . 2013-10-31 18:25 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-26 19:36 . 2013-10-31 18:25 132600 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-11-26 19:36 . 2013-10-31 18:25 106904 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-11-26 19:36 . 2013-11-26 19:36 -------- d-----w- c:\program files (x86)\Avira
2013-11-26 17:35 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-26 17:31 . 2013-11-26 17:31 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:31 . 2013-11-26 17:31 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-13 15:02 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 15:02 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2013-11-13 15:02 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2013-11-13 15:02 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-13 15:02 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-11-13 15:02 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-11-13 15:02 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-13 15:02 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-10 16:58 . 2013-11-10 16:59 -------- d-----w- c:\users\Richi\bitcoin
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 12:48 . 2011-11-06 09:38 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-11 04:50 . 2011-11-01 21:10 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-10 14:29 . 2011-11-01 21:55 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 22:18 . 2012-11-10 13:28 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-10-08 22:18 . 2013-10-08 22:18 824144 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-09-08 02:30 . 2013-10-10 14:00 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 14:00 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 14:00 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-11-01 16:00 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-11-01 16:00 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-11-01 16:00 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-11-01 16:00 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-11-01 16:00 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-11-01 16:00 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-11-01 16:00 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}]
2012-07-09 00:09 263272 ----a-w- c:\program files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-03-15 13:57 242384 ----a-w- c:\program files (x86)\Softonic\Softonic\1.5.21.0\bh\Softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll" [2012-03-15 250576]
"{9E131A93-EED7-4BEB-B015-A0ADB30B5646}"= "c:\program files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll" [2012-07-09 287848]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{9e131a93-eed7-4beb-b015-a0adb30b5646}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-09-25 20133824]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-31 683576]
.
c:\users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager;c:\program files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe;c:\program files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 14:29]
.
2013-12-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
- c:\users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-05 08:22]
.
2013-12-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
- c:\users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-05 08:22]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04 16:07]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04 16:07]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
- c:\users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02 11:49]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
- c:\users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02 11:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-05 860192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\
FF - prefs.js: browser.startup.homepage - www.orf.at
user_pref('network.proxy.ftp', ''); user_pref('network.proxy.ftp_port', 80); user_pref('network.proxy.gopher', ''); user_pref('network.proxy.gopher_port', 80); user_pref('network.proxy.http', ''); user_pref('network.proxy.http_port', 80); user_pref('network.proxy.socks', ''); user_pref('network.proxy.socks_port', 80); user_pref('network.proxy.ssl', ''); user_pref('network.proxy.ssl_port', 80); FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=ddrnw
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=ddrnw
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=
FF - user.js: extensions.funmoods_i.id - e4a08d4b00000000000078e4002ed2f5
FF - user.js: extensions.funmoods_i.instlDay - 15372
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1620:34
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - ddrnw
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef -
FF - user.js: extensions.funmoods_i.dfltLng -
FF - user.js: extensions.funmoods_i.excTlbr - false
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - e4a08d4b00000000000078e4002ed2f5
FF - user.js: extensions.Softonic.instlDay - 15475
FF - user.js: extensions.Softonic.vrsn - 1.5.21.0
FF - user.js: extensions.Softonic.vrsni - 1.5.21.0
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.21.021:55
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00015
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.claro.id - e4a08d4b00000000000078e4002ed2f5
FF - user.js: extensions.claro.instlDay - 15618
FF - user.js: extensions.claro.vrsn - 1.6.4.1
FF - user.js: extensions.claro.vrsni - 1.6.4.1
FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.112:27
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - claro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-02 13:06:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-12-02 12:06
.
Vor Suchlauf: 12 Verzeichnis(se), 174.565.728.256 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 174.892.130.304 Bytes frei
.
- - End Of File - - C96B17CDB05A7B3323714A589B996043
|
|
03.12.2013, 09:42
| #7 |
| /// the machine /// TB-Ausbilder | BOO/TDss.O Virus gefunden Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.12.2013, 10:35
| #8 |
| | BOO/TDss.O Virus gefunden also hier mal die das Malwarebytes logfile: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.03.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Richi :: MEINER [Administrator] 03.12.2013 10:02:31 mbam-log-2013-12-03 (10-02-31).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 215898 Laufzeit: 4 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 3 C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Richi\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Richi\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 6 C:\Users\Richi\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Richi\Keygen.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Richi\Microsoft Office 2007 Enterprise Keygen.rar (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Richi\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Richi\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 03/12/2013 um 10:17:04
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Richi - MEINER
# Gestartet von : C:\Users\Richi\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azureus
Ordner Gelöscht : C:\Program Files (x86)\Claro LTD
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\file scout
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\Vuze_Remote
Ordner Gelöscht : C:\Program Files (x86)\Azureus
Ordner Gelöscht : C:\Users\Richi\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Claro LTD
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Vuze_Remote
Ordner Gelöscht : C:\Users\Richi\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Richi\AppData\Roaming\Azureus
Ordner Gelöscht : C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Azureus
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\funmoods.xml
Datei Gelöscht : C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-flash-maker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-flash-maker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_shredder-classic_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_shredder-classic_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj-free-home-edition_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj-free-home-edition_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B972AA18-C742-46F7-B200-3444DC69EE94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05BD01CA-E290-4DDB-A214-08461D3E5271}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Claro LTD
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Azureus
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Vuze_Remote
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Claro LTD
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Azureus
Schlüssel Gelöscht : HKLM\Software\Vuze_Remote
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Azureus
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\prefs.js ]
Zeile gelöscht : user_pref("CT2504091.autoDisableScopes", -1);
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.id", "e4a08d4b00000000000078e4002ed2f5");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "15475");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MON00015");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.5.21.0");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.5.21.0");
Zeile gelöscht : user_pref("extensions.Softonic_i.newTab", false);
Zeile gelöscht : user_pref("extensions.Softonic_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.021:55:01");
Zeile gelöscht : user_pref("extensions.claro.admin", false);
Zeile gelöscht : user_pref("extensions.claro.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.claro.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.claro.excTlbr", false);
Zeile gelöscht : user_pref("extensions.claro.id", "e4a08d4b00000000000078e4002ed2f5");
Zeile gelöscht : user_pref("extensions.claro.instlDay", "15618");
Zeile gelöscht : user_pref("extensions.claro.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.claro.prdct", "claro");
Zeile gelöscht : user_pref("extensions.claro.prtnrId", "claro");
Zeile gelöscht : user_pref("extensions.claro.tlbrId", "claro");
Zeile gelöscht : user_pref("extensions.claro.vrsn", "1.6.4.1");
Zeile gelöscht : user_pref("extensions.claro.vrsni", "1.6.4.1");
Zeile gelöscht : user_pref("extensions.claro_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.claro_i.vrsnTs", "1.6.4.112:27:21");
Zeile gelöscht : user_pref("extensions.funmoods_i.aflt", "ddrnw");
Zeile gelöscht : user_pref("extensions.funmoods_i.dfltLng", "");
Zeile gelöscht : user_pref("extensions.funmoods_i.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.dnsErr", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.excTlbr", false);
Zeile gelöscht : user_pref("extensions.funmoods_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ddrnw");
Zeile gelöscht : user_pref("extensions.funmoods_i.id", "e4a08d4b00000000000078e4002ed2f5");
Zeile gelöscht : user_pref("extensions.funmoods_i.instlDay", "15372");
Zeile gelöscht : user_pref("extensions.funmoods_i.instlRef", "");
Zeile gelöscht : user_pref("extensions.funmoods_i.newTab", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ddrnw");
Zeile gelöscht : user_pref("extensions.funmoods_i.prdct", "funmoods");
Zeile gelöscht : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Zeile gelöscht : user_pref("extensions.funmoods_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Zeile gelöscht : user_pref("extensions.funmoods_i.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=");
Zeile gelöscht : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Zeile gelöscht : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1620:34:21");
Zeile gelöscht : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.activityViewPoint", false);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableAutoplayViewPoint", false);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableContextMenuViewPoint", true);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableEmbedViewPoint", true);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableFileViewPoint", true);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.playerparamsviewpoint", "%f");
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.playerviewpoint", "");
-\\ Google Chrome v
[ Datei : C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [25433 octets] - [03/12/2013 10:16:00]
AdwCleaner[S0].txt - [23705 octets] - [03/12/2013 10:17:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23766 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Richi on 03.12.2013 at 10:24:07,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{09C9F427-A44D-4124-BE7A-E35344C6F88A}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Richi\AppData\Roaming\mozilla\firefox\profiles\ncp7yj3m.default\prefs.js
user_pref("extensions.twitter.trends", "[{\"title\":\"Lady Gaga's boyfriend bust\",\"url\":\"hxxp://tr.oneriotads.com/LQq74ShJW27saEY-seK1ltDFJBXgYK_1dpC-9jRmXnUEmCKLjFSrn9PBH
Emptied folder: C:\Users\Richi\AppData\Roaming\mozilla\firefox\profiles\ncp7yj3m.default\minidumps [406 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2013 at 10:30:15,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013
Ran by Richi (administrator) on MEINER on 03-12-2013 10:33:50
Running from C:\Users\Richi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Macrovision Corporation) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dropbox, Inc.) C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
AppInit_DLLs: C:\Windows\System32\acaptuser64.dll [36984 2007-05-10] (Adobe Systems, Inc.)
Startup: C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default
FF Homepage: www.orf.at
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Richi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\footiefox.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\twitter-.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch, erweitert für Österreich - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\de-AT@dictionaries.addons.mozilla.org
FF Extension: Xmarks - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\foxmarks@kei.com
FF Extension: Evernote Web Clipper - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: twitter.address.bar.search - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\twitter.address.bar.search@firefox.twitter.xpi
FF Extension: youtube2mp3 - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (AdBlock) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [3536896 2009-04-14] (ANSYS, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-14] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-03 10:33 - 2013-12-03 10:33 - 01959434 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:15 - 2013-12-03 10:17 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 12:50 - 2013-12-02 13:07 - 00000000 ____D C:\Qoobox
2013-12-02 12:50 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-02 12:50 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-02 12:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-02 12:49 - 2013-12-02 13:05 - 00000000 ____D C:\Windows\erdnt
2013-12-02 11:59 - 2013-12-02 12:00 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:20 - 2013-12-03 10:33 - 00018853 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-12-03 09:30 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 20:32 - 2013-11-26 20:34 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 18:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:18 - 2013-11-26 18:35 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 11:59 - 2013-11-23 20:12 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-16 15:40 - 2013-11-16 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 10:51 - 2013-11-19 19:22 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-13 16:02 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:02 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:02 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:02 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 16:02 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:01 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:01 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:01 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:01 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:44 - 2013-11-12 22:57 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-10 17:58 - 2013-11-10 17:59 - 00000000 ____D C:\Users\Richi\bitcoin
==================== One Month Modified Files and Folders =======
2013-12-03 10:34 - 2013-12-02 09:20 - 00018853 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-03 10:33 - 2013-12-03 10:33 - 01959434 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:29 - 2012-08-20 09:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-03 10:27 - 2012-04-05 21:17 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-03 10:27 - 2012-04-05 21:17 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-03 10:27 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:27 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:26 - 2011-11-04 17:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:24 - 2011-11-01 22:22 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Skype
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:19 - 2011-11-21 15:24 - 00000000 ___RD C:\Users\Richi\Dropbox
2013-12-03 10:19 - 2011-11-21 15:23 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Dropbox
2013-12-03 10:18 - 2013-08-13 19:55 - 00015357 _____ C:\Windows\setupact.log
2013-12-03 10:18 - 2012-05-03 12:59 - 00000000 ___RD C:\Users\Richi\Google Drive
2013-12-03 10:18 - 2011-11-04 17:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-03 10:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 10:17 - 2013-12-03 10:15 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:17 - 2011-11-01 21:32 - 01472968 _____ C:\Windows\WindowsUpdate.log
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 10:10 - 2013-10-06 13:00 - 00103868 _____ C:\Windows\PFRO.log
2013-12-03 10:07 - 2011-11-01 21:39 - 00000000 ____D C:\Users\Richi
2013-12-03 09:49 - 2011-11-02 12:49 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:30 - 2013-11-26 20:36 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 20:49 - 2011-11-02 12:49 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-02 13:07 - 2013-12-02 12:50 - 00000000 ____D C:\Qoobox
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 13:05 - 2013-12-02 12:49 - 00000000 ____D C:\Windows\erdnt
2013-12-02 13:01 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-02 12:00 - 2013-12-02 11:59 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 12:01 - 2012-05-03 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-30 16:19 - 2013-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-08-09 09:51 - 00000000 ____D C:\ProgramData\Avira
2013-11-26 20:34 - 2013-11-26 20:32 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 19:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 18:44 - 2011-11-06 11:08 - 00001425 _____ C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 18:43 - 2010-03-29 11:25 - 00000000 ____D C:\Windows\Panther
2013-11-26 18:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 18:35 - 2013-11-26 18:18 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:11 - 2013-06-07 23:22 - 00000000 ____D C:\Windows\Minidump
2013-11-26 18:11 - 2012-02-09 18:45 - 00000000 ____D C:\Program Files\CCleaner
2013-11-26 18:11 - 2011-12-08 02:20 - 00000000 ____D C:\Users\Richi\AppData\Roaming\vlc
2013-11-26 18:11 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 20:12 - 2013-11-23 11:59 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-20 14:14 - 2011-11-02 08:55 - 00000000 ____D C:\Users\Richi\AppData\Local\Adobe
2013-11-19 19:22 - 2013-11-16 10:51 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-16 15:41 - 2013-11-16 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 14:48 - 2013-03-23 13:35 - 00000000 ____D C:\Users\Richi\Bewerbung
2013-11-14 13:52 - 2010-03-29 10:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 13:48 - 2013-08-01 19:47 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:48 - 2011-11-06 10:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 22:57 - 2013-11-12 20:44 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-12 16:35 - 2011-11-01 21:48 - 00000000 ____D C:\Users\Richi\Downloads\Programme
2013-11-12 16:10 - 2011-11-02 06:15 - 00700608 _____ C:\Windows\system32\perfh007.dat
2013-11-12 16:10 - 2011-11-02 06:15 - 00149372 _____ C:\Windows\system32\perfc007.dat
2013-11-12 16:10 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:50 - 2011-11-01 22:10 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 17:59 - 2013-11-10 17:58 - 00000000 ____D C:\Users\Richi\bitcoin
2013-11-09 23:50 - 2011-11-01 21:57 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Mozilla
2013-11-09 14:44 - 2012-02-02 20:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-08 15:33 - 2012-03-07 18:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 15:33 - 2011-11-01 22:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 20:10 - 2011-11-04 07:54 - 00000000 ____D C:\Users\Richi\Segeln
Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\avgnt.exe
C:\Users\Richi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-02 09:38
==================== End Of Log ============================
--- --- --- |
|
04.12.2013, 10:12
| #9 |
| /// the machine /// TB-Ausbilder | BOO/TDss.O Virus gefundenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.12.2013, 19:11
| #10 |
| | BOO/TDss.O Virus gefunden so nach 3h(!) eset kam es zu folgenden logfile: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=eb00843b140a4c41808c704a3cfafcce
# engine=16132
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-04 05:41:45
# local_time=2013-12-04 06:41:45 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 15033 2938587 7807 0
# compatibility_mode=5893 16776573 100 94 115951 137808755 0 0
# scanned=459156
# found=19
# cleaned=0
# scan_time=11113
sh=1B55A807FB047C47C0CFF49162A91BE77E50F051 ft=1 fh=4a92c2fd18962af4 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0005.dta"
sh=7C794856DA9A3D40740431C1C355324BF15F7B9F ft=1 fh=3c404436a28ba5f7 vn="a variant of Generik.CIVPCAN trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0006.dta"
sh=8FC47002C94322D27E7CC23DE0E09366278D1FAC ft=1 fh=b59116e9ea4b609b vn="Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0007.dta"
sh=C1537F8F8308DB428A17D8309AF853CBDDD86378 ft=1 fh=c25e6ab804e54205 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0008.dta"
sh=D5F20E8DD68BF3F2755756925DE31F78941EFD8F ft=1 fh=533da6b67824c7dc vn="a variant of Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0009.dta"
sh=BD23CFA926B0FE04CDE450F63D7BDC381D238E12 ft=1 fh=e7aec2c971424e71 vn="Win64/Olmasco.V trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0010.dta"
sh=614A4E374797F94A1327F4C7D08A79A948660E9A ft=1 fh=1cb93ee4eea17c9e vn="Win32/Olmasco.Q trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0011.dta"
sh=0052E97FFDEB7172B5306B68B008697EB61862A4 ft=1 fh=98c9107c7a5c7106 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0012.dta"
sh=3F20A1B9A9B3BD3FE2D0A633163354FAA0F88CB0 ft=1 fh=84c5424661190d94 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0018.dta"
sh=EE9BF7F76862D0FE3D465778CE2FC95CE5193BBA ft=1 fh=89e67a75a2cd2bcc vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0019.dta"
sh=5474B198E55E9FC5CA0164692178832F5F9014E4 ft=1 fh=7f460b92ec8cf3d3 vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0020.dta"
sh=5042BE31C99C1BC56ECD4E17F2EA9C62429D7E0B ft=1 fh=2daf6b25d34e32de vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0021.dta"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\Dropbox\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
sh=0444530407A5461C2FF4220D90AFBB38B292BBAD ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard\Wechseldatenträger\backups\apps\jds.smsbomb-1.apk"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard\Wechseldatenträger\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
sh=0444530407A5461C2FF4220D90AFBB38B292BBAD ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard1\Wechseldatenträger\backups\apps\jds.smsbomb-1.apk"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard1\Wechseldatenträger\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
sh=0444530407A5461C2FF4220D90AFBB38B292BBAD ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard2\Wechseldatenträger\backups\apps\jds.smsbomb-1.apk"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard2\Wechseldatenträger\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
Code:
ATTFilter Results of screen317's Security Check version 0.99.76 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java(TM) 6 Update 29 Java 7 Update 21 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (25.0.1) Mozilla Thunderbird (24.1.1) Google Chrome 30.0.1599.101 Google Chrome 31.0.1650.57 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by Richi (administrator) on MEINER on 04-12-2013 18:55:55
Running from C:\Users\Richi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Macrovision Corporation) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Dropbox, Inc.) C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
AppInit_DLLs: C:\Windows\System32\acaptuser64.dll [36984 2007-05-10] (Adobe Systems, Inc.)
Startup: C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default
FF Homepage: www.orf.at
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Richi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\footiefox.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\twitter-.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch, erweitert für Österreich - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\de-AT@dictionaries.addons.mozilla.org
FF Extension: Xmarks - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\foxmarks@kei.com
FF Extension: Evernote Web Clipper - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: twitter.address.bar.search - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\twitter.address.bar.search@firefox.twitter.xpi
FF Extension: youtube2mp3 - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (AdBlock) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [3536896 2009-04-14] (ANSYS, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-14] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-04 18:46 - 2013-12-04 18:46 - 00891184 _____ C:\Users\Richi\Desktop\SecurityCheck.exe
2013-12-04 15:31 - 2013-12-04 15:31 - 02347384 _____ (ESET) C:\Users\Richi\Desktop\esetsmartinstaller_enu.exe
2013-12-03 10:33 - 2013-12-04 18:55 - 01959766 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:15 - 2013-12-03 10:17 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 12:50 - 2013-12-02 13:07 - 00000000 ____D C:\Qoobox
2013-12-02 12:50 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-02 12:50 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-02 12:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-02 12:49 - 2013-12-02 13:05 - 00000000 ____D C:\Windows\erdnt
2013-12-02 11:59 - 2013-12-02 12:00 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:20 - 2013-12-04 18:55 - 00018865 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-12-03 09:30 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 20:32 - 2013-11-26 20:34 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 18:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:18 - 2013-11-26 18:35 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 11:59 - 2013-11-23 20:12 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-16 15:40 - 2013-11-16 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 10:51 - 2013-11-19 19:22 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-13 16:02 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:02 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:02 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:02 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 16:02 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:01 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:01 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:01 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:01 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:44 - 2013-11-12 22:57 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-10 17:58 - 2013-11-10 17:59 - 00000000 ____D C:\Users\Richi\bitcoin
==================== One Month Modified Files and Folders =======
2013-12-04 18:56 - 2013-12-02 09:20 - 00018865 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-04 18:55 - 2013-12-03 10:33 - 01959766 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-04 18:49 - 2011-11-02 12:49 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-04 18:46 - 2013-12-04 18:46 - 00891184 _____ C:\Users\Richi\Desktop\SecurityCheck.exe
2013-12-04 18:33 - 2011-11-01 21:32 - 01502854 _____ C:\Windows\WindowsUpdate.log
2013-12-04 18:29 - 2012-08-20 09:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-04 18:27 - 2011-11-04 17:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-04 16:27 - 2012-04-05 21:17 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-04 15:38 - 2011-11-04 17:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-04 15:31 - 2013-12-04 15:31 - 02347384 _____ (ESET) C:\Users\Richi\Desktop\esetsmartinstaller_enu.exe
2013-12-04 15:30 - 2013-08-13 19:55 - 00016029 _____ C:\Windows\setupact.log
2013-12-04 15:30 - 2012-04-05 21:17 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-03 21:01 - 2011-11-02 12:49 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-03 10:59 - 2011-11-01 22:22 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Skype
2013-12-03 10:49 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:49 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:41 - 2011-11-21 15:24 - 00000000 ___RD C:\Users\Richi\Dropbox
2013-12-03 10:41 - 2011-11-21 15:23 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Dropbox
2013-12-03 10:40 - 2012-05-03 12:59 - 00000000 ___RD C:\Users\Richi\Google Drive
2013-12-03 10:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:17 - 2013-12-03 10:15 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 10:10 - 2013-10-06 13:00 - 00103868 _____ C:\Windows\PFRO.log
2013-12-03 10:07 - 2011-11-01 21:39 - 00000000 ____D C:\Users\Richi
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:30 - 2013-11-26 20:36 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 13:07 - 2013-12-02 12:50 - 00000000 ____D C:\Qoobox
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 13:05 - 2013-12-02 12:49 - 00000000 ____D C:\Windows\erdnt
2013-12-02 13:01 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-02 12:00 - 2013-12-02 11:59 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 12:01 - 2012-05-03 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-30 16:19 - 2013-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-08-09 09:51 - 00000000 ____D C:\ProgramData\Avira
2013-11-26 20:34 - 2013-11-26 20:32 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 19:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 18:44 - 2011-11-06 11:08 - 00001425 _____ C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 18:43 - 2010-03-29 11:25 - 00000000 ____D C:\Windows\Panther
2013-11-26 18:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 18:35 - 2013-11-26 18:18 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:11 - 2013-06-07 23:22 - 00000000 ____D C:\Windows\Minidump
2013-11-26 18:11 - 2012-02-09 18:45 - 00000000 ____D C:\Program Files\CCleaner
2013-11-26 18:11 - 2011-12-08 02:20 - 00000000 ____D C:\Users\Richi\AppData\Roaming\vlc
2013-11-26 18:11 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 20:12 - 2013-11-23 11:59 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-20 14:14 - 2011-11-02 08:55 - 00000000 ____D C:\Users\Richi\AppData\Local\Adobe
2013-11-19 19:22 - 2013-11-16 10:51 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-16 15:41 - 2013-11-16 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 14:48 - 2013-03-23 13:35 - 00000000 ____D C:\Users\Richi\Bewerbung
2013-11-14 13:52 - 2010-03-29 10:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 13:48 - 2013-08-01 19:47 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:48 - 2011-11-06 10:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 22:57 - 2013-11-12 20:44 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-12 16:35 - 2011-11-01 21:48 - 00000000 ____D C:\Users\Richi\Downloads\Programme
2013-11-12 16:10 - 2011-11-02 06:15 - 00700608 _____ C:\Windows\system32\perfh007.dat
2013-11-12 16:10 - 2011-11-02 06:15 - 00149372 _____ C:\Windows\system32\perfc007.dat
2013-11-12 16:10 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:50 - 2011-11-01 22:10 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 17:59 - 2013-11-10 17:58 - 00000000 ____D C:\Users\Richi\bitcoin
2013-11-09 23:50 - 2011-11-01 21:57 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Mozilla
2013-11-09 14:44 - 2012-02-02 20:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-08 15:33 - 2012-03-07 18:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 15:33 - 2011-11-01 22:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 20:10 - 2011-11-04 07:54 - 00000000 ____D C:\Users\Richi\Segeln
Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\avgnt.exe
C:\Users\Richi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-02 09:38
==================== End Of Log ============================
--- --- --- --- --- --- danke mal für die detaillierte Vorgehensweise. Muss aber leider vermelden, dass nach einem Neustart immer noch die gleiche Meldung Code:
ATTFilter Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
|
|
05.12.2013, 12:06
| #11 |
| /// the machine /// TB-Ausbilder | BOO/TDss.O Virus gefunden hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.12.2013, 13:01
| #12 |
| | BOO/TDss.O Virus gefunden danke, und hier das logfile Code:
ATTFilter 12:36:50.0153 0x16dc TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
12:36:53.0337 0x16dc ============================================================
12:36:53.0337 0x16dc Current date / time: 2013/12/05 12:36:53.0337
12:36:53.0337 0x16dc SystemInfo:
12:36:53.0337 0x16dc
12:36:53.0337 0x16dc OS Version: 6.1.7601 ServicePack: 1.0
12:36:53.0337 0x16dc Product type: Workstation
12:36:53.0337 0x16dc ComputerName: MEINER
12:36:53.0338 0x16dc UserName: Richi
12:36:53.0338 0x16dc Windows directory: C:\Windows
12:36:53.0338 0x16dc System windows directory: C:\Windows
12:36:53.0338 0x16dc Running under WOW64
12:36:53.0338 0x16dc Processor architecture: Intel x64
12:36:53.0338 0x16dc Number of processors: 4
12:36:53.0338 0x16dc Page size: 0x1000
12:36:53.0338 0x16dc Boot type: Normal boot
12:36:53.0338 0x16dc ============================================================
12:36:54.0202 0x16dc KLMD registered as C:\Windows\system32\drivers\48580110.sys
12:36:54.0442 0x16dc System UUID: {9B46AF8B-8495-C385-0BD8-CEB1480BA967}
12:36:55.0018 0x16dc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:36:55.0027 0x16dc ============================================================
12:36:55.0027 0x16dc \Device\Harddisk0\DR0:
12:36:55.0028 0x16dc MBR partitions:
12:36:55.0028 0x16dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
12:36:55.0028 0x16dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2B879904
12:36:55.0028 0x16dc ============================================================
12:36:55.0067 0x16dc C: <-> \Device\Harddisk0\DR0\Partition2
12:36:55.0067 0x16dc ============================================================
12:36:55.0068 0x16dc Initialize success
12:36:55.0068 0x16dc ============================================================
12:37:26.0740 0x02d8 ============================================================
12:37:26.0740 0x02d8 Scan started
12:37:26.0740 0x02d8 Mode: Manual; SigCheck; TDLFS;
12:37:26.0740 0x02d8 ============================================================
12:37:26.0740 0x02d8 KSN ping started
12:37:41.0473 0x02d8 KSN ping finished: true
12:37:44.0058 0x02d8 ================ Scan system memory ========================
12:37:44.0058 0x02d8 System memory - ok
12:37:44.0059 0x02d8 ================ Scan services =============================
12:37:44.0271 0x02d8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:37:44.0445 0x02d8 1394ohci - ok
12:37:44.0554 0x02d8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:37:44.0620 0x02d8 ACPI - ok
12:37:44.0681 0x02d8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:37:44.0781 0x02d8 AcpiPmi - ok
12:37:44.0932 0x02d8 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:37:44.0963 0x02d8 AdobeARMservice - ok
12:37:45.0155 0x02d8 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:37:45.0180 0x02d8 AdobeFlashPlayerUpdateSvc - ok
12:37:45.0260 0x02d8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:37:45.0315 0x02d8 adp94xx - ok
12:37:45.0328 0x02d8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:37:45.0357 0x02d8 adpahci - ok
12:37:45.0378 0x02d8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:37:45.0401 0x02d8 adpu320 - ok
12:37:45.0431 0x02d8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:37:45.0593 0x02d8 AeLookupSvc - ok
12:37:45.0682 0x02d8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:37:45.0793 0x02d8 AFD - ok
12:37:45.0860 0x02d8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:37:45.0891 0x02d8 agp440 - ok
12:37:45.0926 0x02d8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:37:46.0008 0x02d8 ALG - ok
12:37:46.0068 0x02d8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:37:46.0095 0x02d8 aliide - ok
12:37:46.0181 0x02d8 [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:37:46.0296 0x02d8 AMD External Events Utility - ok
12:37:46.0347 0x02d8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:37:46.0375 0x02d8 amdide - ok
12:37:46.0425 0x02d8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:37:46.0497 0x02d8 AmdK8 - ok
12:37:46.0748 0x02d8 [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
12:37:47.0216 0x02d8 amdkmdag - ok
12:37:47.0257 0x02d8 [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:37:47.0294 0x02d8 amdkmdap - ok
12:37:47.0315 0x02d8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:37:47.0366 0x02d8 AmdPPM - ok
12:37:47.0439 0x02d8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:37:47.0471 0x02d8 amdsata - ok
12:37:47.0517 0x02d8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:37:47.0564 0x02d8 amdsbs - ok
12:37:47.0587 0x02d8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:37:47.0602 0x02d8 amdxata - ok
12:37:47.0642 0x02d8 [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
12:37:47.0741 0x02d8 androidusb - ok
12:37:47.0976 0x02d8 [ 02E2B39AFE9EA2AEC4B15B20A0A4C3A6, 5F345F7CDF7F464DACB72D10B287774799DF990A134608F6920B9B810FC8347D ] ANSYS, Inc. License Manager C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
12:37:48.0178 0x02d8 ANSYS, Inc. License Manager - detected UnsignedFile.Multi.Generic ( 1 )
12:37:50.0934 0x02d8 Detect skipped due to KSN trusted
12:37:50.0935 0x02d8 ANSYS, Inc. License Manager - ok
12:37:51.0204 0x02d8 [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:37:51.0263 0x02d8 AntiVirSchedulerService - ok
12:37:51.0353 0x02d8 [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:37:51.0389 0x02d8 AntiVirService - ok
12:37:51.0489 0x02d8 [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:37:51.0628 0x02d8 AntiVirWebService - ok
12:37:51.0696 0x02d8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:37:51.0918 0x02d8 AppID - ok
12:37:51.0954 0x02d8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:37:52.0054 0x02d8 AppIDSvc - ok
12:37:52.0135 0x02d8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:37:52.0193 0x02d8 Appinfo - ok
12:37:52.0247 0x02d8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:37:52.0279 0x02d8 arc - ok
12:37:52.0284 0x02d8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:37:52.0303 0x02d8 arcsas - ok
12:37:52.0437 0x02d8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:37:52.0512 0x02d8 aspnet_state - ok
12:37:52.0568 0x02d8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:37:52.0649 0x02d8 AsyncMac - ok
12:37:52.0694 0x02d8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:37:52.0722 0x02d8 atapi - ok
12:37:52.0775 0x02d8 [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
12:37:52.0848 0x02d8 AtiHdmiService - ok
12:37:52.0925 0x02d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:37:53.0017 0x02d8 AudioEndpointBuilder - ok
12:37:53.0071 0x02d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:37:53.0127 0x02d8 AudioSrv - ok
12:37:53.0251 0x02d8 [ 471321EA23309699AE61611CC1559C5E, CA48D874B1EA430613BC4E17869DCD52C6FBF317454B3614AFD5BB600DEC8403 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:37:53.0286 0x02d8 avgntflt - ok
12:37:53.0355 0x02d8 [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:37:53.0392 0x02d8 avipbb - ok
12:37:53.0439 0x02d8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:37:53.0464 0x02d8 avkmgr - ok
12:37:53.0540 0x02d8 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
12:37:53.0571 0x02d8 avnetflt - ok
12:37:53.0625 0x02d8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:37:53.0757 0x02d8 AxInstSV - ok
12:37:53.0832 0x02d8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:37:53.0938 0x02d8 b06bdrv - ok
12:37:53.0985 0x02d8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:37:54.0061 0x02d8 b57nd60a - ok
12:37:54.0275 0x02d8 [ B44879610F2DC4A046B14BEFA3AE72DE, B9C17872E0DA23A495B6EC4D4C249AA96F82409DD83B6A17F557D9171D1D7089 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:37:54.0486 0x02d8 BCM43XX - ok
12:37:54.0518 0x02d8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:37:54.0583 0x02d8 BDESVC - ok
12:37:54.0637 0x02d8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:37:54.0737 0x02d8 Beep - ok
12:37:54.0831 0x02d8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:37:54.0940 0x02d8 BFE - ok
12:37:55.0038 0x02d8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
12:37:55.0148 0x02d8 BITS - ok
12:37:55.0180 0x02d8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:37:55.0214 0x02d8 blbdrive - ok
12:37:55.0269 0x02d8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:37:55.0337 0x02d8 bowser - ok
12:37:55.0373 0x02d8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:37:55.0454 0x02d8 BrFiltLo - ok
12:37:55.0472 0x02d8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:37:55.0490 0x02d8 BrFiltUp - ok
12:37:55.0523 0x02d8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:37:55.0587 0x02d8 BridgeMP - ok
12:37:55.0663 0x02d8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:37:55.0730 0x02d8 Browser - ok
12:37:55.0780 0x02d8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:37:55.0876 0x02d8 Brserid - ok
12:37:55.0912 0x02d8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:37:55.0965 0x02d8 BrSerWdm - ok
12:37:55.0989 0x02d8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:37:56.0047 0x02d8 BrUsbMdm - ok
12:37:56.0068 0x02d8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:37:56.0108 0x02d8 BrUsbSer - ok
12:37:56.0207 0x02d8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:37:56.0305 0x02d8 BthEnum - ok
12:37:56.0342 0x02d8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:37:56.0394 0x02d8 BTHMODEM - ok
12:37:56.0447 0x02d8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:37:56.0508 0x02d8 BthPan - ok
12:37:56.0569 0x02d8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
12:37:56.0681 0x02d8 BTHPORT - ok
12:37:56.0717 0x02d8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:37:56.0814 0x02d8 bthserv - ok
12:37:56.0850 0x02d8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:37:56.0887 0x02d8 BTHUSB - ok
12:37:56.0925 0x02d8 [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
12:37:56.0951 0x02d8 btusbflt - ok
12:37:56.0967 0x02d8 catchme - ok
12:37:57.0000 0x02d8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:37:57.0071 0x02d8 cdfs - ok
12:37:57.0140 0x02d8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:37:57.0180 0x02d8 cdrom - ok
12:37:57.0245 0x02d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:37:57.0305 0x02d8 CertPropSvc - ok
12:37:57.0349 0x02d8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:37:57.0384 0x02d8 circlass - ok
12:37:57.0433 0x02d8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:37:57.0454 0x02d8 CLFS - ok
12:37:57.0514 0x02d8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:37:57.0533 0x02d8 clr_optimization_v2.0.50727_32 - ok
12:37:57.0557 0x02d8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:37:57.0576 0x02d8 clr_optimization_v2.0.50727_64 - ok
12:37:57.0694 0x02d8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:37:57.0771 0x02d8 clr_optimization_v4.0.30319_32 - ok
12:37:57.0779 0x02d8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:37:57.0802 0x02d8 clr_optimization_v4.0.30319_64 - ok
12:37:57.0850 0x02d8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:37:57.0881 0x02d8 CmBatt - ok
12:37:57.0919 0x02d8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:37:57.0933 0x02d8 cmdide - ok
12:37:58.0009 0x02d8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:37:58.0086 0x02d8 CNG - ok
12:37:58.0136 0x02d8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:37:58.0152 0x02d8 Compbatt - ok
12:37:58.0205 0x02d8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:37:58.0261 0x02d8 CompositeBus - ok
12:37:58.0283 0x02d8 COMSysApp - ok
12:37:58.0308 0x02d8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:37:58.0333 0x02d8 crcdisk - ok
12:37:58.0391 0x02d8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:37:58.0455 0x02d8 CryptSvc - ok
12:37:58.0514 0x02d8 [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
12:37:58.0534 0x02d8 CVirtA - ok
12:37:58.0678 0x02d8 [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
12:37:58.0750 0x02d8 CVPND - ok
12:37:58.0771 0x02d8 [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
12:37:58.0797 0x02d8 CVPNDRVA - ok
12:37:58.0872 0x02d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:37:58.0958 0x02d8 DcomLaunch - ok
12:37:59.0033 0x02d8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:37:59.0156 0x02d8 defragsvc - ok
12:37:59.0193 0x02d8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:37:59.0252 0x02d8 DfsC - ok
12:37:59.0323 0x02d8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:37:59.0426 0x02d8 Dhcp - ok
12:37:59.0458 0x02d8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:37:59.0526 0x02d8 discache - ok
12:37:59.0560 0x02d8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:37:59.0578 0x02d8 Disk - ok
12:37:59.0652 0x02d8 [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
12:37:59.0682 0x02d8 DNE - ok
12:37:59.0736 0x02d8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:37:59.0803 0x02d8 Dnscache - ok
12:37:59.0864 0x02d8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:37:59.0996 0x02d8 dot3svc - ok
12:38:00.0062 0x02d8 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:38:00.0127 0x02d8 Dot4 - ok
12:38:00.0175 0x02d8 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:38:00.0217 0x02d8 Dot4Print - ok
12:38:00.0282 0x02d8 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:38:00.0328 0x02d8 dot4usb - ok
12:38:00.0392 0x02d8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:38:00.0481 0x02d8 DPS - ok
12:38:00.0519 0x02d8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:38:00.0556 0x02d8 drmkaud - ok
12:38:00.0629 0x02d8 [ 61E894FE1E9CC720C909E6E343351794, 2C8540ED0A2C7028B242289078B4C2D8678D26FB7429AB3B33C136BB47B178C3 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:38:00.0682 0x02d8 DsiWMIService - ok
12:38:00.0753 0x02d8 [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:38:00.0801 0x02d8 dtsoftbus01 - ok
12:38:00.0867 0x02d8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:38:00.0946 0x02d8 DXGKrnl - ok
12:38:00.0968 0x02d8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:38:01.0028 0x02d8 EapHost - ok
12:38:01.0181 0x02d8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:38:01.0396 0x02d8 ebdrv - ok
12:38:01.0463 0x02d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
12:38:01.0527 0x02d8 EFS - ok
12:38:01.0631 0x02d8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:38:01.0752 0x02d8 ehRecvr - ok
12:38:01.0789 0x02d8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:38:01.0872 0x02d8 ehSched - ok
12:38:01.0945 0x02d8 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
12:38:01.0976 0x02d8 ElbyCDFL - ok
12:38:01.0995 0x02d8 [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
12:38:02.0020 0x02d8 ElbyCDIO - ok
12:38:02.0086 0x02d8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:38:02.0150 0x02d8 elxstor - ok
12:38:02.0287 0x02d8 [ 49EEF52BFB986A2B5D70F4EC12637D7B, C42C93EC36B4BD0AFF4248AD571F56FB5F39D5C57B93C01EBB34997A262E41A9 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:38:02.0347 0x02d8 ePowerSvc - ok
12:38:02.0425 0x02d8 [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
12:38:02.0475 0x02d8 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
12:38:05.0195 0x02d8 Detect skipped due to KSN trusted
12:38:05.0195 0x02d8 EpsonBidirectionalService - ok
12:38:05.0223 0x02d8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:38:05.0271 0x02d8 ErrDev - ok
12:38:05.0335 0x02d8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:38:05.0440 0x02d8 EventSystem - ok
12:38:05.0480 0x02d8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:38:05.0558 0x02d8 exfat - ok
12:38:05.0585 0x02d8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:38:05.0655 0x02d8 fastfat - ok
12:38:05.0743 0x02d8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:38:05.0830 0x02d8 Fax - ok
12:38:05.0857 0x02d8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:38:05.0876 0x02d8 fdc - ok
12:38:05.0906 0x02d8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:38:05.0992 0x02d8 fdPHost - ok
12:38:06.0013 0x02d8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:38:06.0066 0x02d8 FDResPub - ok
12:38:06.0107 0x02d8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:38:06.0125 0x02d8 FileInfo - ok
12:38:06.0143 0x02d8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:38:06.0239 0x02d8 Filetrace - ok
12:38:06.0333 0x02d8 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:38:06.0445 0x02d8 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
12:38:09.0155 0x02d8 Detect skipped due to KSN trusted
12:38:09.0155 0x02d8 FLEXnet Licensing Service - ok
12:38:09.0228 0x02d8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:38:09.0258 0x02d8 flpydisk - ok
12:38:09.0308 0x02d8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:38:09.0356 0x02d8 FltMgr - ok
12:38:09.0461 0x02d8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:38:09.0541 0x02d8 FontCache - ok
12:38:09.0623 0x02d8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:38:09.0650 0x02d8 FontCache3.0.0.0 - ok
12:38:09.0680 0x02d8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:38:09.0701 0x02d8 FsDepends - ok
12:38:09.0750 0x02d8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:38:09.0779 0x02d8 Fs_Rec - ok
12:38:09.0848 0x02d8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:38:09.0884 0x02d8 fvevol - ok
12:38:09.0906 0x02d8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:38:09.0936 0x02d8 gagp30kx - ok
12:38:10.0015 0x02d8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:38:10.0110 0x02d8 gpsvc - ok
12:38:10.0225 0x02d8 [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
12:38:10.0278 0x02d8 Greg_Service - ok
12:38:10.0389 0x02d8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:10.0409 0x02d8 gupdate - ok
12:38:10.0432 0x02d8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:10.0450 0x02d8 gupdatem - ok
12:38:10.0524 0x02d8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:38:10.0557 0x02d8 gusvc - ok
12:38:10.0584 0x02d8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:38:10.0659 0x02d8 hcw85cir - ok
12:38:10.0741 0x02d8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:38:10.0840 0x02d8 HdAudAddService - ok
12:38:10.0877 0x02d8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:38:10.0925 0x02d8 HDAudBus - ok
12:38:10.0978 0x02d8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:38:10.0998 0x02d8 HECIx64 - ok
12:38:11.0026 0x02d8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:38:11.0064 0x02d8 HidBatt - ok
12:38:11.0093 0x02d8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:38:11.0140 0x02d8 HidBth - ok
12:38:11.0176 0x02d8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:38:11.0204 0x02d8 HidIr - ok
12:38:11.0230 0x02d8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
12:38:11.0287 0x02d8 hidserv - ok
12:38:11.0353 0x02d8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:38:11.0418 0x02d8 HidUsb - ok
12:38:11.0481 0x02d8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:38:11.0573 0x02d8 hkmsvc - ok
12:38:11.0636 0x02d8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:38:11.0724 0x02d8 HomeGroupListener - ok
12:38:11.0770 0x02d8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:38:11.0821 0x02d8 HomeGroupProvider - ok
12:38:11.0884 0x02d8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:38:11.0916 0x02d8 HpSAMD - ok
12:38:12.0062 0x02d8 [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:38:12.0152 0x02d8 HPSLPSVC - ok
12:38:12.0219 0x02d8 [ CF44B25AE808765D7308F412AD492DDB, 97A16ACCD6D624B2A57DDA913C8005320FF91542C0EF7F39456741D99D7B2725 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
12:38:12.0283 0x02d8 HTCAND64 - ok
12:38:12.0324 0x02d8 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
12:38:12.0346 0x02d8 htcnprot - ok
12:38:12.0440 0x02d8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:38:12.0553 0x02d8 HTTP - ok
12:38:12.0614 0x02d8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:38:12.0631 0x02d8 hwpolicy - ok
12:38:12.0684 0x02d8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:38:12.0724 0x02d8 i8042prt - ok
12:38:12.0788 0x02d8 [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:38:12.0817 0x02d8 iaStor - ok
12:38:12.0878 0x02d8 [ 48362E5DB5CB2C000C514EE1F3890ACD, 561FB7BE085A624770832B0138DA1B9859981BCC66540A8F98D9F7D5B8EE6707 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:38:12.0900 0x02d8 IAStorDataMgrSvc - ok
12:38:12.0958 0x02d8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:38:13.0022 0x02d8 iaStorV - ok
12:38:13.0120 0x02d8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:38:13.0233 0x02d8 idsvc - ok
12:38:13.0292 0x02d8 IEEtwCollectorService - ok
12:38:13.0341 0x02d8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:38:13.0367 0x02d8 iirsp - ok
12:38:13.0458 0x02d8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:38:13.0547 0x02d8 IKEEXT - ok
12:38:13.0614 0x02d8 [ C48567D80AD357613CD0EEADE18780AE, AFFAB3C915C5B48A39F7F8F9438A3085DBEBA1E431DD35861A5A08EA1CBE4D37 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:38:13.0685 0x02d8 Impcd - ok
12:38:13.0819 0x02d8 [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:38:13.0978 0x02d8 IntcAzAudAddService - ok
12:38:14.0037 0x02d8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:38:14.0065 0x02d8 intelide - ok
12:38:14.0105 0x02d8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:38:14.0143 0x02d8 intelppm - ok
12:38:14.0209 0x02d8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:38:14.0277 0x02d8 IPBusEnum - ok
12:38:14.0326 0x02d8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:14.0408 0x02d8 IpFilterDriver - ok
12:38:14.0453 0x02d8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:38:14.0541 0x02d8 iphlpsvc - ok
12:38:14.0588 0x02d8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:38:14.0638 0x02d8 IPMIDRV - ok
12:38:14.0679 0x02d8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:38:14.0765 0x02d8 IPNAT - ok
12:38:14.0796 0x02d8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:38:14.0897 0x02d8 IRENUM - ok
12:38:14.0959 0x02d8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:38:14.0987 0x02d8 isapnp - ok
12:38:15.0053 0x02d8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:38:15.0110 0x02d8 iScsiPrt - ok
12:38:15.0149 0x02d8 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
12:38:15.0165 0x02d8 IviRegMgr - ok
12:38:15.0228 0x02d8 [ C9B4ECC187581E5BF3F76648884B7829, D4DDFDD92FEFDFAF293633C2B3860C37D7DC59965170E55AD181EFAFCFD1DB13 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:38:15.0275 0x02d8 k57nd60a - ok
12:38:15.0299 0x02d8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:38:15.0317 0x02d8 kbdclass - ok
12:38:15.0365 0x02d8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:38:15.0419 0x02d8 kbdhid - ok
12:38:15.0453 0x02d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
12:38:15.0474 0x02d8 KeyIso - ok
12:38:15.0518 0x02d8 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:38:15.0549 0x02d8 KSecDD - ok
12:38:15.0564 0x02d8 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:38:15.0587 0x02d8 KSecPkg - ok
12:38:15.0617 0x02d8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:38:15.0696 0x02d8 ksthunk - ok
12:38:15.0741 0x02d8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:38:15.0871 0x02d8 KtmRm - ok
12:38:15.0939 0x02d8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:38:16.0037 0x02d8 LanmanServer - ok
12:38:16.0089 0x02d8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:38:16.0167 0x02d8 LanmanWorkstation - ok
12:38:16.0207 0x02d8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:38:16.0249 0x02d8 lltdio - ok
12:38:16.0289 0x02d8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:38:16.0345 0x02d8 lltdsvc - ok
12:38:16.0365 0x02d8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:38:16.0400 0x02d8 lmhosts - ok
12:38:16.0491 0x02d8 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:38:16.0538 0x02d8 LMS - ok
12:38:16.0575 0x02d8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:38:16.0605 0x02d8 LSI_FC - ok
12:38:16.0625 0x02d8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:38:16.0643 0x02d8 LSI_SAS - ok
12:38:16.0655 0x02d8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:38:16.0672 0x02d8 LSI_SAS2 - ok
12:38:16.0694 0x02d8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:38:16.0713 0x02d8 LSI_SCSI - ok
12:38:16.0731 0x02d8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:38:16.0796 0x02d8 luafv - ok
12:38:16.0861 0x02d8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:38:16.0925 0x02d8 Mcx2Svc - ok
12:38:16.0945 0x02d8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:38:16.0965 0x02d8 megasas - ok
12:38:17.0010 0x02d8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:38:17.0059 0x02d8 MegaSR - ok
12:38:17.0163 0x02d8 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:38:17.0193 0x02d8 Microsoft Office Groove Audit Service - ok
12:38:17.0219 0x02d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:38:17.0303 0x02d8 MMCSS - ok
12:38:17.0336 0x02d8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:38:17.0398 0x02d8 Modem - ok
12:38:17.0427 0x02d8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:38:17.0467 0x02d8 monitor - ok
12:38:17.0534 0x02d8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:38:17.0567 0x02d8 mouclass - ok
12:38:17.0602 0x02d8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:38:17.0634 0x02d8 mouhid - ok
12:38:17.0706 0x02d8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:38:17.0731 0x02d8 mountmgr - ok
12:38:17.0827 0x02d8 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:38:17.0865 0x02d8 MozillaMaintenance - ok
12:38:17.0914 0x02d8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:38:17.0951 0x02d8 mpio - ok
12:38:17.0984 0x02d8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:38:18.0041 0x02d8 mpsdrv - ok
12:38:18.0118 0x02d8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:38:18.0205 0x02d8 MpsSvc - ok
12:38:18.0253 0x02d8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:38:18.0324 0x02d8 MRxDAV - ok
12:38:18.0375 0x02d8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:18.0454 0x02d8 mrxsmb - ok
12:38:18.0487 0x02d8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:18.0554 0x02d8 mrxsmb10 - ok
12:38:18.0579 0x02d8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:18.0649 0x02d8 mrxsmb20 - ok
12:38:18.0683 0x02d8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:38:18.0703 0x02d8 msahci - ok
12:38:18.0724 0x02d8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:38:18.0744 0x02d8 msdsm - ok
12:38:18.0764 0x02d8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:38:18.0812 0x02d8 MSDTC - ok
12:38:18.0849 0x02d8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:38:18.0891 0x02d8 Msfs - ok
12:38:18.0897 0x02d8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:38:18.0957 0x02d8 mshidkmdf - ok
12:38:18.0994 0x02d8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:38:19.0010 0x02d8 msisadrv - ok
12:38:19.0034 0x02d8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:38:19.0106 0x02d8 MSiSCSI - ok
12:38:19.0109 0x02d8 msiserver - ok
12:38:19.0145 0x02d8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:38:19.0182 0x02d8 MSKSSRV - ok
12:38:19.0192 0x02d8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:19.0273 0x02d8 MSPCLOCK - ok
12:38:19.0293 0x02d8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:38:19.0379 0x02d8 MSPQM - ok
12:38:19.0428 0x02d8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:38:19.0485 0x02d8 MsRPC - ok
12:38:19.0548 0x02d8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:38:19.0578 0x02d8 mssmbios - ok
12:38:19.0653 0x02d8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:38:19.0737 0x02d8 MSTEE - ok
12:38:19.0764 0x02d8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:38:19.0806 0x02d8 MTConfig - ok
12:38:19.0835 0x02d8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:38:19.0855 0x02d8 Mup - ok
12:38:19.0912 0x02d8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:38:19.0985 0x02d8 napagent - ok
12:38:20.0051 0x02d8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:38:20.0139 0x02d8 NativeWifiP - ok
12:38:20.0229 0x02d8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:38:20.0265 0x02d8 NDIS - ok
12:38:20.0283 0x02d8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:38:20.0325 0x02d8 NdisCap - ok
12:38:20.0351 0x02d8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:20.0410 0x02d8 NdisTapi - ok
12:38:20.0476 0x02d8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:20.0585 0x02d8 Ndisuio - ok
12:38:20.0621 0x02d8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:20.0683 0x02d8 NdisWan - ok
12:38:20.0726 0x02d8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:38:20.0817 0x02d8 NDProxy - ok
12:38:20.0880 0x02d8 [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:38:20.0905 0x02d8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:38:23.0632 0x02d8 Detect skipped due to KSN trusted
12:38:23.0633 0x02d8 Net Driver HPZ12 - ok
12:38:23.0687 0x02d8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:38:23.0776 0x02d8 NetBIOS - ok
12:38:23.0827 0x02d8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:38:23.0899 0x02d8 NetBT - ok
12:38:23.0926 0x02d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
12:38:23.0939 0x02d8 Netlogon - ok
12:38:23.0983 0x02d8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:38:24.0052 0x02d8 Netman - ok
12:38:24.0126 0x02d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0149 0x02d8 NetMsmqActivator - ok
12:38:24.0157 0x02d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0167 0x02d8 NetPipeActivator - ok
12:38:24.0183 0x02d8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:38:24.0273 0x02d8 netprofm - ok
12:38:24.0279 0x02d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0289 0x02d8 NetTcpActivator - ok
12:38:24.0295 0x02d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0306 0x02d8 NetTcpPortSharing - ok
12:38:24.0577 0x02d8 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
12:38:24.0963 0x02d8 NETw5s64 - ok
12:38:25.0011 0x02d8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:38:25.0040 0x02d8 nfrd960 - ok
12:38:25.0091 0x02d8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:38:25.0138 0x02d8 NlaSvc - ok
12:38:25.0158 0x02d8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:38:25.0199 0x02d8 Npfs - ok
12:38:25.0225 0x02d8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:38:25.0294 0x02d8 nsi - ok
12:38:25.0320 0x02d8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:38:25.0389 0x02d8 nsiproxy - ok
12:38:25.0490 0x02d8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:38:25.0605 0x02d8 Ntfs - ok
12:38:25.0691 0x02d8 [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:38:25.0726 0x02d8 NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
12:38:28.0428 0x02d8 Detect skipped due to KSN trusted
12:38:28.0428 0x02d8 NTI IScheduleSvc - ok
12:38:28.0530 0x02d8 [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:38:28.0557 0x02d8 NTIBackupSvc - ok
12:38:28.0580 0x02d8 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:38:28.0600 0x02d8 NTIDrvr - ok
12:38:28.0618 0x02d8 [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:38:28.0671 0x02d8 NTISchedulerSvc - ok
12:38:28.0712 0x02d8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:38:28.0798 0x02d8 Null - ok
12:38:28.0827 0x02d8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:38:28.0852 0x02d8 nvraid - ok
12:38:28.0900 0x02d8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:38:28.0927 0x02d8 nvstor - ok
12:38:28.0988 0x02d8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:38:29.0025 0x02d8 nv_agp - ok
12:38:29.0123 0x02d8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:38:29.0187 0x02d8 odserv - ok
12:38:29.0228 0x02d8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:38:29.0273 0x02d8 ohci1394 - ok
12:38:29.0352 0x02d8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:29.0387 0x02d8 ose - ok
12:38:29.0427 0x02d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:38:29.0529 0x02d8 p2pimsvc - ok
12:38:29.0569 0x02d8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:38:29.0626 0x02d8 p2psvc - ok
12:38:29.0658 0x02d8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:38:29.0678 0x02d8 Parport - ok
12:38:29.0716 0x02d8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:38:29.0749 0x02d8 partmgr - ok
12:38:29.0810 0x02d8 [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:38:29.0853 0x02d8 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
12:38:32.0893 0x02d8 Detect skipped due to KSN trusted
12:38:32.0893 0x02d8 PassThru Service - ok
12:38:32.0973 0x02d8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:38:33.0033 0x02d8 PcaSvc - ok
12:38:33.0083 0x02d8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:38:33.0113 0x02d8 pci - ok
12:38:33.0163 0x02d8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:38:33.0183 0x02d8 pciide - ok
12:38:33.0233 0x02d8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:38:33.0283 0x02d8 pcmcia - ok
12:38:33.0303 0x02d8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:38:33.0323 0x02d8 pcw - ok
12:38:33.0353 0x02d8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:38:33.0453 0x02d8 PEAUTH - ok
12:38:33.0563 0x02d8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:38:33.0613 0x02d8 PerfHost - ok
12:38:33.0693 0x02d8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:38:33.0853 0x02d8 pla - ok
12:38:33.0943 0x02d8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:38:34.0023 0x02d8 PlugPlay - ok
12:38:34.0053 0x02d8 [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:38:34.0073 0x02d8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:38:36.0783 0x02d8 Detect skipped due to KSN trusted
12:38:36.0783 0x02d8 Pml Driver HPZ12 - ok
12:38:36.0863 0x02d8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:38:36.0923 0x02d8 PNRPAutoReg - ok
12:38:36.0963 0x02d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:38:36.0983 0x02d8 PNRPsvc - ok
12:38:37.0063 0x02d8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:38:37.0133 0x02d8 PolicyAgent - ok
12:38:37.0183 0x02d8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:38:37.0233 0x02d8 Power - ok
12:38:37.0303 0x02d8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:38:37.0403 0x02d8 PptpMiniport - ok
12:38:37.0443 0x02d8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:38:37.0483 0x02d8 Processor - ok
12:38:37.0513 0x02d8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:38:37.0563 0x02d8 ProfSvc - ok
12:38:37.0573 0x02d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:37.0583 0x02d8 ProtectedStorage - ok
12:38:37.0653 0x02d8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:38:37.0723 0x02d8 Psched - ok
12:38:37.0763 0x02d8 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:38:37.0783 0x02d8 PSI_SVC_2 - ok
12:38:37.0863 0x02d8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:38:37.0943 0x02d8 ql2300 - ok
12:38:37.0973 0x02d8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:38:37.0993 0x02d8 ql40xx - ok
12:38:38.0043 0x02d8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:38:38.0123 0x02d8 QWAVE - ok
12:38:38.0143 0x02d8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:38:38.0203 0x02d8 QWAVEdrv - ok
12:38:38.0223 0x02d8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:38:38.0283 0x02d8 RasAcd - ok
12:38:38.0343 0x02d8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:38:38.0403 0x02d8 RasAgileVpn - ok
12:38:38.0423 0x02d8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:38:38.0493 0x02d8 RasAuto - ok
12:38:38.0533 0x02d8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:38.0623 0x02d8 Rasl2tp - ok
12:38:38.0703 0x02d8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:38:38.0813 0x02d8 RasMan - ok
12:38:38.0853 0x02d8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:38.0913 0x02d8 RasPppoe - ok
12:38:38.0953 0x02d8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:38:39.0013 0x02d8 RasSstp - ok
12:38:39.0053 0x02d8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:38:39.0123 0x02d8 rdbss - ok
12:38:39.0153 0x02d8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:38:39.0203 0x02d8 rdpbus - ok
12:38:39.0243 0x02d8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:39.0323 0x02d8 RDPCDD - ok
12:38:39.0353 0x02d8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:38:39.0403 0x02d8 RDPENCDD - ok
12:38:39.0433 0x02d8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:38:39.0463 0x02d8 RDPREFMP - ok
12:38:39.0523 0x02d8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:38:39.0593 0x02d8 RDPWD - ok
12:38:39.0653 0x02d8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:38:39.0683 0x02d8 rdyboost - ok
12:38:39.0723 0x02d8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:38:39.0793 0x02d8 RemoteAccess - ok
12:38:39.0843 0x02d8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:38:39.0933 0x02d8 RemoteRegistry - ok
12:38:39.0993 0x02d8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:38:40.0053 0x02d8 RFCOMM - ok
12:38:40.0083 0x02d8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:38:40.0143 0x02d8 RpcEptMapper - ok
12:38:40.0163 0x02d8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:38:40.0213 0x02d8 RpcLocator - ok
12:38:40.0273 0x02d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:38:40.0323 0x02d8 RpcSs - ok
12:38:40.0373 0x02d8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:38:40.0443 0x02d8 rspndr - ok
12:38:40.0533 0x02d8 [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:38:40.0573 0x02d8 RSUSBSTOR - ok
12:38:40.0633 0x02d8 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
12:38:40.0683 0x02d8 RS_Service - ok
12:38:40.0733 0x02d8 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:38:40.0773 0x02d8 RTHDMIAzAudService - ok
12:38:40.0793 0x02d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
12:38:40.0803 0x02d8 SamSs - ok
12:38:40.0853 0x02d8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:38:40.0893 0x02d8 sbp2port - ok
12:38:40.0933 0x02d8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:38:41.0043 0x02d8 SCardSvr - ok
12:38:41.0083 0x02d8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:38:41.0163 0x02d8 scfilter - ok
12:38:41.0243 0x02d8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:38:41.0343 0x02d8 Schedule - ok
12:38:41.0373 0x02d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:38:41.0413 0x02d8 SCPolicySvc - ok
12:38:41.0463 0x02d8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:38:41.0563 0x02d8 SDRSVC - ok
12:38:41.0593 0x02d8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:38:41.0663 0x02d8 secdrv - ok
12:38:41.0693 0x02d8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:38:41.0763 0x02d8 seclogon - ok
12:38:41.0793 0x02d8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
12:38:41.0833 0x02d8 SENS - ok
12:38:41.0843 0x02d8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:38:41.0873 0x02d8 SensrSvc - ok
12:38:41.0923 0x02d8 [ 2437720D4480523562360B2B6B5864A7, 314725F4786B3E660D6C58AF611ABD41D9938CEF5A7F19762632DF51CB3A52D5 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
12:38:41.0993 0x02d8 Ser2pl - ok
12:38:42.0023 0x02d8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:38:42.0063 0x02d8 Serenum - ok
12:38:42.0083 0x02d8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:38:42.0133 0x02d8 Serial - ok
12:38:42.0163 0x02d8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:38:42.0223 0x02d8 sermouse - ok
12:38:42.0263 0x02d8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:38:42.0343 0x02d8 SessionEnv - ok
12:38:42.0383 0x02d8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:38:42.0423 0x02d8 sffdisk - ok
12:38:42.0453 0x02d8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:38:42.0503 0x02d8 sffp_mmc - ok
12:38:42.0523 0x02d8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:38:42.0583 0x02d8 sffp_sd - ok
12:38:42.0613 0x02d8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:38:42.0653 0x02d8 sfloppy - ok
12:38:42.0703 0x02d8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:38:42.0793 0x02d8 SharedAccess - ok
12:38:42.0853 0x02d8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:42.0913 0x02d8 ShellHWDetection - ok
12:38:42.0943 0x02d8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:38:42.0953 0x02d8 SiSRaid2 - ok
12:38:42.0983 0x02d8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:38:43.0003 0x02d8 SiSRaid4 - ok
12:38:43.0263 0x02d8 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:38:43.0413 0x02d8 Skype C2C Service - ok
12:38:43.0513 0x02d8 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:38:43.0593 0x02d8 SkypeUpdate - ok
12:38:43.0613 0x02d8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:38:43.0653 0x02d8 Smb - ok
12:38:43.0683 0x02d8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:38:43.0723 0x02d8 SNMPTRAP - ok
12:38:43.0753 0x02d8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:38:43.0783 0x02d8 spldr - ok
12:38:43.0843 0x02d8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:38:43.0913 0x02d8 Spooler - ok
12:38:44.0103 0x02d8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:38:44.0333 0x02d8 sppsvc - ok
12:38:44.0373 0x02d8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:38:44.0433 0x02d8 sppuinotify - ok
12:38:44.0473 0x02d8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:38:44.0553 0x02d8 srv - ok
12:38:44.0583 0x02d8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:38:44.0643 0x02d8 srv2 - ok
12:38:44.0673 0x02d8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:38:44.0723 0x02d8 srvnet - ok
12:38:44.0793 0x02d8 [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
12:38:44.0823 0x02d8 ssadbus - ok
12:38:44.0853 0x02d8 [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:38:44.0873 0x02d8 ssadmdfl - ok
12:38:44.0903 0x02d8 [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
12:38:44.0933 0x02d8 ssadmdm - ok
12:38:44.0973 0x02d8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:38:45.0053 0x02d8 SSDPSRV - ok
12:38:45.0073 0x02d8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:38:45.0113 0x02d8 SstpSvc - ok
12:38:45.0143 0x02d8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:38:45.0173 0x02d8 stexstor - ok
12:38:45.0223 0x02d8 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
12:38:45.0283 0x02d8 StillCam - ok
12:38:45.0363 0x02d8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:38:45.0463 0x02d8 stisvc - ok
12:38:45.0503 0x02d8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:38:45.0523 0x02d8 swenum - ok
12:38:45.0563 0x02d8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:38:45.0673 0x02d8 swprv - ok
12:38:45.0733 0x02d8 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:38:45.0783 0x02d8 SynTP - ok
12:38:45.0903 0x02d8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:38:46.0033 0x02d8 SysMain - ok
12:38:46.0083 0x02d8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:46.0123 0x02d8 TabletInputService - ok
12:38:46.0173 0x02d8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:38:46.0283 0x02d8 TapiSrv - ok
12:38:46.0303 0x02d8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:38:46.0353 0x02d8 TBS - ok
12:38:46.0473 0x02d8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:38:46.0643 0x02d8 Tcpip - ok
12:38:46.0773 0x02d8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:38:46.0823 0x02d8 TCPIP6 - ok
12:38:46.0863 0x02d8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:38:46.0893 0x02d8 tcpipreg - ok
12:38:46.0933 0x02d8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:38:47.0023 0x02d8 TDPIPE - ok
12:38:47.0063 0x02d8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:38:47.0113 0x02d8 TDTCP - ok
12:38:47.0153 0x02d8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:38:47.0223 0x02d8 tdx - ok
12:38:47.0493 0x02d8 [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
12:38:47.0713 0x02d8 TeamViewer8 - ok
12:38:47.0773 0x02d8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:38:47.0783 0x02d8 TermDD - ok
12:38:47.0853 0x02d8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:38:47.0923 0x02d8 TermService - ok
12:38:47.0953 0x02d8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:38:47.0983 0x02d8 Themes - ok
12:38:48.0023 0x02d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:38:48.0073 0x02d8 THREADORDER - ok
12:38:48.0183 0x02d8 [ F620772888B6E3EDEF5C3E71E3D447F0, 67CFC8E94ACCA0B31E7D2062D587C1BD37911F95A02C8CCB1B4A3E0EBDADC8B0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
12:38:48.0213 0x02d8 TomTomHOMEService - ok
12:38:48.0243 0x02d8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:38:48.0323 0x02d8 TrkWks - ok
12:38:48.0403 0x02d8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:48.0483 0x02d8 TrustedInstaller - ok
12:38:48.0523 0x02d8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:48.0583 0x02d8 tssecsrv - ok
12:38:48.0653 0x02d8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:38:48.0723 0x02d8 TsUsbFlt - ok
12:38:48.0783 0x02d8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:38:48.0873 0x02d8 tunnel - ok
12:38:48.0913 0x02d8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:38:48.0933 0x02d8 uagp35 - ok
12:38:48.0943 0x02d8 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:38:48.0953 0x02d8 UBHelper - ok
12:38:49.0003 0x02d8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:38:49.0073 0x02d8 udfs - ok
12:38:49.0103 0x02d8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:38:49.0123 0x02d8 UI0Detect - ok
12:38:49.0153 0x02d8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:38:49.0173 0x02d8 uliagpkx - ok
12:38:49.0233 0x02d8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:38:49.0273 0x02d8 umbus - ok
12:38:49.0313 0x02d8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:38:49.0363 0x02d8 UmPass - ok
12:38:49.0503 0x02d8 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:49.0623 0x02d8 UNS - ok
12:38:49.0683 0x02d8 [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:38:49.0733 0x02d8 Updater Service - ok
12:38:49.0763 0x02d8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:38:49.0853 0x02d8 upnphost - ok
12:38:49.0883 0x02d8 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:49.0923 0x02d8 usbccgp - ok
12:38:49.0973 0x02d8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:38:50.0053 0x02d8 usbcir - ok
12:38:50.0093 0x02d8 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:38:50.0143 0x02d8 usbehci - ok
12:38:50.0203 0x02d8 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:38:50.0263 0x02d8 usbhub - ok
12:38:50.0303 0x02d8 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:38:50.0343 0x02d8 usbohci - ok
12:38:50.0383 0x02d8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:38:50.0433 0x02d8 usbprint - ok
12:38:50.0493 0x02d8 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:38:50.0533 0x02d8 usbscan - ok
12:38:50.0603 0x02d8 [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser C:\Windows\system32\DRIVERS\usbser.sys
12:38:50.0643 0x02d8 usbser - ok
12:38:50.0663 0x02d8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:50.0733 0x02d8 USBSTOR - ok
12:38:50.0773 0x02d8 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:38:50.0843 0x02d8 usbuhci - ok
12:38:50.0913 0x02d8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:38:50.0983 0x02d8 usbvideo - ok
12:38:51.0033 0x02d8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
12:38:51.0093 0x02d8 usb_rndisx - ok
12:38:51.0123 0x02d8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:38:51.0173 0x02d8 UxSms - ok
12:38:51.0183 0x02d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
12:38:51.0193 0x02d8 VaultSvc - ok
12:38:51.0223 0x02d8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:38:51.0233 0x02d8 vdrvroot - ok
12:38:51.0293 0x02d8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:38:51.0363 0x02d8 vds - ok
12:38:51.0383 0x02d8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:51.0403 0x02d8 vga - ok
12:38:51.0413 0x02d8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:38:51.0493 0x02d8 VgaSave - ok
12:38:51.0553 0x02d8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:38:51.0593 0x02d8 vhdmp - ok
12:38:51.0633 0x02d8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:38:51.0643 0x02d8 viaide - ok
12:38:51.0663 0x02d8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:38:51.0683 0x02d8 volmgr - ok
12:38:51.0743 0x02d8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:38:51.0793 0x02d8 volmgrx - ok
12:38:51.0813 0x02d8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:38:51.0843 0x02d8 volsnap - ok
12:38:51.0883 0x02d8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:38:51.0903 0x02d8 vsmraid - ok
12:38:52.0023 0x02d8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:38:52.0183 0x02d8 VSS - ok
12:38:52.0213 0x02d8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:38:52.0253 0x02d8 vwifibus - ok
12:38:52.0273 0x02d8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:38:52.0293 0x02d8 vwififlt - ok
12:38:52.0323 0x02d8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:38:52.0363 0x02d8 vwifimp - ok
12:38:52.0423 0x02d8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:38:52.0503 0x02d8 W32Time - ok
12:38:52.0533 0x02d8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:38:52.0573 0x02d8 WacomPen - ok
12:38:52.0643 0x02d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:38:52.0713 0x02d8 WANARP - ok
12:38:52.0723 0x02d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:38:52.0753 0x02d8 Wanarpv6 - ok
12:38:52.0853 0x02d8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:38:52.0963 0x02d8 WatAdminSvc - ok
12:38:53.0073 0x02d8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:38:53.0183 0x02d8 wbengine - ok
12:38:53.0223 0x02d8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:38:53.0253 0x02d8 WbioSrvc - ok
12:38:53.0323 0x02d8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:38:53.0423 0x02d8 wcncsvc - ok
12:38:53.0443 0x02d8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:53.0523 0x02d8 WcsPlugInService - ok
12:38:53.0543 0x02d8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:38:53.0573 0x02d8 Wd - ok
12:38:53.0653 0x02d8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:38:53.0773 0x02d8 Wdf01000 - ok
12:38:53.0783 0x02d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:38:53.0923 0x02d8 WdiServiceHost - ok
12:38:53.0943 0x02d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:38:53.0963 0x02d8 WdiSystemHost - ok
12:38:54.0003 0x02d8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:38:54.0033 0x02d8 WebClient - ok
12:38:54.0073 0x02d8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:38:54.0143 0x02d8 Wecsvc - ok
12:38:54.0163 0x02d8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:38:54.0223 0x02d8 wercplsupport - ok
12:38:54.0243 0x02d8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:38:54.0293 0x02d8 WerSvc - ok
12:38:54.0333 0x02d8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:54.0393 0x02d8 WfpLwf - ok
12:38:54.0423 0x02d8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:38:54.0433 0x02d8 WIMMount - ok
12:38:54.0463 0x02d8 WinDefend - ok
12:38:54.0463 0x02d8 WinHttpAutoProxySvc - ok
12:38:54.0533 0x02d8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:38:54.0603 0x02d8 Winmgmt - ok
12:38:54.0723 0x02d8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:38:54.0943 0x02d8 WinRM - ok
12:38:55.0013 0x02d8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:55.0073 0x02d8 WinUsb - ok
12:38:55.0143 0x02d8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:38:55.0223 0x02d8 Wlansvc - ok
12:38:55.0413 0x02d8 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:38:55.0543 0x02d8 wlidsvc - ok
12:38:55.0603 0x02d8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:38:55.0643 0x02d8 WmiAcpi - ok
12:38:55.0693 0x02d8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:38:55.0753 0x02d8 wmiApSrv - ok
12:38:55.0793 0x02d8 WMPNetworkSvc - ok
12:38:55.0813 0x02d8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:38:55.0863 0x02d8 WPCSvc - ok
12:38:55.0903 0x02d8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:38:55.0953 0x02d8 WPDBusEnum - ok
12:38:55.0983 0x02d8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:38:56.0053 0x02d8 ws2ifsl - ok
12:38:56.0093 0x02d8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
12:38:56.0123 0x02d8 wscsvc - ok
12:38:56.0193 0x02d8 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:38:56.0243 0x02d8 WSDPrintDevice - ok
12:38:56.0273 0x02d8 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
12:38:56.0303 0x02d8 WSDScan - ok
12:38:56.0303 0x02d8 WSearch - ok
12:38:56.0413 0x02d8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:38:56.0523 0x02d8 wuauserv - ok
12:38:56.0573 0x02d8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:38:56.0653 0x02d8 WudfPf - ok
12:38:56.0703 0x02d8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:56.0753 0x02d8 WUDFRd - ok
12:38:56.0793 0x02d8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:38:56.0853 0x02d8 wudfsvc - ok
12:38:56.0903 0x02d8 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:38:56.0973 0x02d8 WwanSvc - ok
12:38:57.0003 0x02d8 ================ Scan global ===============================
12:38:57.0033 0x02d8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:57.0083 0x02d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:57.0113 0x02d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:57.0153 0x02d8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:57.0173 0x02d8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:57.0183 0x02d8 [ Global ] - ok
12:38:57.0183 0x02d8 ================ Scan MBR ==================================
12:38:57.0203 0x02d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:38:57.0623 0x02d8 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
12:38:57.0623 0x02d8 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:39:11.0333 0x02d8 ================ Scan VBR ==================================
12:39:11.0333 0x02d8 [ A494A22B5EFEED048E8B225C0B4F343E ] \Device\Harddisk0\DR0\Partition1
12:39:11.0333 0x02d8 \Device\Harddisk0\DR0\Partition1 - ok
12:39:11.0403 0x02d8 [ 25F5849B729BA047868E7BFDFFD3EFF8 ] \Device\Harddisk0\DR0\Partition2
12:39:11.0403 0x02d8 \Device\Harddisk0\DR0\Partition2 - ok
12:39:11.0403 0x02d8 Waiting for KSN requests completion. In queue: 173
12:39:12.0553 0x02d8 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
12:39:12.0573 0x02d8 Win FW state via NFP2: enabled
12:39:15.0253 0x02d8 ============================================================
12:39:15.0253 0x02d8 Scan finished
12:39:15.0253 0x02d8 ============================================================
12:39:15.0263 0x13fc Detected object count: 1
12:39:15.0263 0x13fc Actual detected object count: 1
13:00:38.0714 0x13fc \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:00:38.0714 0x13fc \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:00:49.0764 0x08a0 Deinitialize success
|
|
06.12.2013, 09:50
| #13 |
| /// the machine /// TB-Ausbilder | BOO/TDss.O Virus gefunden Was für ne Auswahl hast Du bei den Funden?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.12.2013, 12:37
| #14 |
| | BOO/TDss.O Virus gefunden skip, move to quarantine und delete |
|
07.12.2013, 11:37
| #15 |
| /// the machine /// TB-Ausbilder | BOO/TDss.O Virus gefunden Delete, dann weiter, Logfile posten. Dann frischen Scan mit TDSSKiller machen, Logfile posten
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
