| |
| |||||||
Log-Analyse und Auswertung: Programme scheinen in Ordner "Program Data" verschoben zu sein - außerdem: Shared key to keep this from being removed with install/uninstallWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.04.2014, 03:28
| #1 |
| |  Programme scheinen in Ordner "Program Data" verschoben zu sein - außerdem: Shared key to keep this from being removed with install/uninstall Auf meinem Rechner finden sich folgende Probleme: - Installierte Programme tauchen nicht in der Liste "Programme" in der Systemsteuerung auf. - Ich finde die entsprechenden Ordner in einem neuen Ordner "ProgramData", der parallel zu den Ordnern "Programme" und "Programme (x86)" zu existieren scheint. - In der Registryfinden sich seltsame Einträge, die wohl mit der Verlagerung der Programm-Dateien verknüpft sind hxa, hxb etc. mit dem Eintrag im Feld "Daten": Shared key to keep this from being removed with install/uninstall of side-by-side components. - Ich bekomme die Meldung "Avira" ist deaktiviert, obwohl das AVIRA-Symbol mit offenen´m Schirm erscheint. Ich habe vor einiger Zeit Softonic angeklickt, wollte eigentlich abbrechen, bin aber aus Versehen auf "Weiter" gekommen und habe das erst später bemerkt. Herzlichen Dank schon mal im Voraus. Meine Log-Files (+ OTL-Files im Anhang): Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ***** (administrator) on PAPABOOK on 07-04-2014 03:02:46
Running from C:\Users\*****\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\ExpressGateUtil\VAWinService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Users\*****\AppData\Local\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2168424 2010-10-13] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1931024 2010-07-20] (Intel(R) Corporation)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-05-03] (Alcor Micro Corp.)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11485800 2010-10-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [477600 2013-01-24] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [OpwareSE2] - C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [49152 2003-05-08] (ScanSoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3379123602-2794455321-361650133-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-3379123602-2794455321-361650133-1000\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [EPSON BX305 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe [12008296 2011-03-02] (Adobe Systems, Inc.)
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\S-1-5-21-3379123602-2794455321-361650133-1002\...\Run: [Epson Stylus Office BX305(Netzwerk)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-03-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-03-10] (NVIDIA Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyServer: 172.16.0.222:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKCU - {1DAF3F97-C75E-4784-A109-F652F93AFA20} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=1e26066f-c34e-4c3d-be98-307e5b8da84e&apn_sauid=198F4E44-0F79-4622-B213-63E70AFCDCB8
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\44tqbt53.GYP
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\44tqbt53.GYP\user.js
FF SearchEngineOrder.1: Google
FF NetworkProxy: "backup.ftp", "176.16.0.222"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "176.16.0.222"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "176.16.0.222"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "176.16.0.222"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "176.16.0.222"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "176.16.0.222"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "176.16.0.222"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ad-Aware Security Add-on - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\44tqbt53.GYP\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-04-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{AD9E4CD8-A6C9-4C51-8F82-2451E24F90B9}] - C:\Windows\Installer\{487065BF-230A-4F46-A96B-2CD88ACCE87E}\{AD9E4CD8-A6C9-4C51-8F82-2451E24F90B9}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{487065BF-230A-4F46-A96B-2CD88ACCE87E}\{AD9E4CD8-A6C9-4C51-8F82-2451E24F90B9}.xpi [2014-04-05]
FF StartMenuInternet: FIREFOX.EXE - C:\Users\*****\AppData\Local\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-23]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 avmident; C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe [76288 2011-09-27] (AVM Berlin)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-20] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-01-17] ()
==================== Drivers (Whitelisted) ====================
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-05-25] (ASUS)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2013-10-21] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2013-10-21] (BitDefender LLC)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [50176 2011-01-21] (Fresco Logic)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [138232 2013-07-17] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-21] ( )
S3 OV550I; C:\Windows\System32\Drivers\ov550ivx.sys [196992 2008-02-21] (Omnivision Technologies, Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-07 03:02 - 2014-04-07 03:02 - 02157056 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-04-07 03:02 - 2014-04-07 03:02 - 00022592 _____ () C:\Users\*****\Downloads\FRST.txt
2014-04-07 03:02 - 2014-04-07 03:02 - 00000000 ____D () C:\FRST
2014-04-07 03:01 - 2014-04-07 03:01 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-04-07 03:01 - 2014-04-07 03:01 - 00000498 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-04-07 03:01 - 2014-04-07 03:01 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-07 01:05 - 2014-04-07 01:05 - 00000000 ____D () C:\Users\*****\AppData\Roaming\LavasoftStatistics
2014-04-07 00:46 - 2014-04-07 01:07 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-04-07 00:46 - 2013-08-21 14:32 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2014-04-07 00:44 - 2014-04-07 00:44 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354(1).exe
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Users\*****\AppData\Local\adawarebp
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-04-07 00:42 - 2014-04-07 00:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-04-07 00:40 - 2014-04-07 00:41 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-02 07:52 - 2014-04-02 11:01 - 00000000 ____D () C:\Users\Public\Documents\Delta_plus
2014-04-02 07:44 - 2014-04-02 07:44 - 00000000 ____D () C:\Users\*****\Documents\Fragmente
2014-03-31 17:07 - 2014-04-05 12:54 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-30 16:42 - 2014-03-30 16:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra 4.4
2014-03-29 14:48 - 2014-03-29 14:48 - 00000000 ____D () C:\Users\*****\Documents\Adobe
2014-03-29 10:09 - 2014-03-29 10:10 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla Firefox
2014-03-28 19:14 - 2014-03-28 19:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra
2014-03-27 19:27 - 2014-03-27 19:27 - 00001853 _____ () C:\Users\Public\Desktop\GeoGebra.lnk
2014-03-27 19:27 - 2014-03-27 19:27 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 5.0
2014-03-27 19:24 - 2014-03-27 19:25 - 54719080 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-9-256-0.exe
2014-03-27 19:19 - 2014-03-27 19:19 - 00006283 _____ () C:\Users\*****\Downloads\3D_ebene_parameter.ggb
2014-03-27 19:02 - 2014-03-27 19:02 - 00003178 _____ () C:\Windows\System32\Tasks\{C3890ABE-31C0-4FA5-934D-ACA795E5032F}
2014-03-27 18:59 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\*****\.Vektoris3D25
2014-03-27 18:55 - 2014-03-27 18:55 - 00000000 ____D () C:\Program Files (x86)\Vektoris3D25Plus
2014-03-27 18:54 - 2014-03-27 19:03 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Security System 2
2014-03-27 18:54 - 2014-03-27 18:54 - 00118784 _____ () C:\Windows\system32\api-mt-win-core-libraryloader-l1-1-0.exe
2014-03-27 18:52 - 2014-03-27 18:52 - 00000161 _____ () C:\Users\*****\Desktop\Goodgame Empire.url
2014-03-27 18:50 - 2014-03-27 18:50 - 00657808 _____ () C:\Users\*****\Downloads\V3D25Plus_windows_Setup_20111110-Downloader.exe
2014-03-27 18:40 - 2014-03-27 18:41 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 4.4
2014-03-27 18:39 - 2014-03-27 18:40 - 41882152 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-4-23-0.exe
2014-03-27 09:47 - 2014-03-27 09:47 - 00126393 _____ () C:\Users\*****\Downloads\lt_kernmodell
2014-03-25 20:17 - 2014-03-25 20:17 - 564624957 _____ () C:\Windows\MEMORY.DMP
2014-03-25 20:17 - 2014-03-25 20:17 - 00302720 _____ () C:\Windows\Minidump\032514-34257-01.dmp
2014-03-18 23:45 - 2014-03-19 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-17 02:53 - 2014-03-17 03:37 - 00013051 _____ () C:\Users\*****\Documents\Mappe1.xlsx
2014-03-12 16:32 - 2014-03-12 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-12 15:53 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 15:53 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 15:53 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 15:53 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 15:53 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 15:53 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 15:53 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 15:53 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 15:53 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 15:53 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 15:53 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 15:53 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 15:53 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 15:53 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 15:53 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 15:53 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 15:53 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 15:53 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 15:53 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 15:53 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 15:53 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 15:53 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 15:53 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 15:53 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 15:53 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 15:53 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 15:53 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 15:53 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 15:53 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 15:53 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 15:53 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 15:53 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 15:53 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 15:53 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 15:53 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 15:53 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 15:53 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 15:53 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 15:53 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 15:53 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 15:53 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 15:53 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 15:53 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 15:53 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 15:52 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 15:52 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 15:52 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 15:52 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 00:24 - 2014-03-12 01:24 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-11 20:18 - 2014-03-11 20:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Epson
==================== One Month Modified Files and Folders =======
2014-04-07 03:02 - 2014-04-07 03:02 - 02157056 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-04-07 03:02 - 2014-04-07 03:02 - 00022592 _____ () C:\Users\*****\Downloads\FRST.txt
2014-04-07 03:02 - 2014-04-07 03:02 - 00000000 ____D () C:\FRST
2014-04-07 03:01 - 2014-04-07 03:01 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-04-07 03:01 - 2014-04-07 03:01 - 00000498 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-04-07 03:01 - 2014-04-07 03:01 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-04-07 03:01 - 2012-08-04 18:13 - 00000000 ____D () C:\Users\*****
2014-04-07 02:24 - 2013-02-12 12:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 02:00 - 2012-08-11 11:19 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-04-07 01:46 - 2012-08-11 22:08 - 00000000 ____D () C:\Users\*****\Documents\CCleaner-Sicherung
2014-04-07 01:15 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 01:15 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 01:13 - 2009-08-04 11:51 - 00711094 _____ () C:\Windows\system32\perfh007.dat
2014-04-07 01:13 - 2009-08-04 11:51 - 00153542 _____ () C:\Windows\system32\perfc007.dat
2014-04-07 01:13 - 2009-07-14 07:13 - 01651444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-07 01:07 - 2014-04-07 00:46 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-04-07 01:07 - 2012-08-04 18:14 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-04-07 01:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 01:06 - 2014-02-26 16:18 - 00002029 _____ () C:\Windows\setupact.log
2014-04-07 01:05 - 2014-04-07 01:05 - 00000000 ____D () C:\Users\*****\AppData\Roaming\LavasoftStatistics
2014-04-07 01:05 - 2012-08-03 06:33 - 01524257 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 00:44 - 2014-04-07 00:44 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354(1).exe
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Users\*****\AppData\Local\adawarebp
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-04-07 00:44 - 2014-04-07 00:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-04-07 00:43 - 2014-04-07 00:43 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-04-07 00:42 - 2014-04-07 00:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-04-07 00:41 - 2014-04-07 00:40 - 01727624 _____ () C:\Users\*****\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-07 00:17 - 2013-11-14 11:32 - 00000000 ____D () C:\AdwCleaner
2014-04-06 23:55 - 2014-01-01 15:15 - 00113920 _____ () C:\Users\*****\Desktop\OTL.Txt
2014-04-05 12:54 - 2014-03-31 17:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-02 23:04 - 2012-08-04 20:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2014-04-02 11:01 - 2014-04-02 07:52 - 00000000 ____D () C:\Users\Public\Documents\Delta_plus
2014-04-02 07:44 - 2014-04-02 07:44 - 00000000 ____D () C:\Users\*****\Documents\Fragmente
2014-03-31 17:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-30 16:42 - 2014-03-30 16:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra 4.4
2014-03-29 14:48 - 2014-03-29 14:48 - 00000000 ____D () C:\Users\*****\Documents\Adobe
2014-03-29 10:10 - 2014-03-29 10:09 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla Firefox
2014-03-29 01:41 - 2014-02-26 16:17 - 00115060 _____ () C:\Windows\PFRO.log
2014-03-28 19:14 - 2014-03-28 19:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\GeoGebra
2014-03-27 19:27 - 2014-03-27 19:27 - 00001853 _____ () C:\Users\Public\Desktop\GeoGebra.lnk
2014-03-27 19:27 - 2014-03-27 19:27 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 5.0
2014-03-27 19:25 - 2014-03-27 19:24 - 54719080 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-9-256-0.exe
2014-03-27 19:19 - 2014-03-27 19:19 - 00006283 _____ () C:\Users\*****\Downloads\3D_ebene_parameter.ggb
2014-03-27 19:06 - 2013-10-27 11:49 - 00000000 ____D () C:\Users\*****\Desktop\FreeStudio
2014-03-27 19:03 - 2014-03-27 18:54 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Security System 2
2014-03-27 19:02 - 2014-03-27 19:02 - 00003178 _____ () C:\Windows\System32\Tasks\{C3890ABE-31C0-4FA5-934D-ACA795E5032F}
2014-03-27 18:59 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\*****\.Vektoris3D25
2014-03-27 18:55 - 2014-03-27 18:55 - 00000000 ____D () C:\Program Files (x86)\Vektoris3D25Plus
2014-03-27 18:54 - 2014-03-27 18:54 - 00118784 _____ () C:\Windows\system32\api-mt-win-core-libraryloader-l1-1-0.exe
2014-03-27 18:52 - 2014-03-27 18:52 - 00000161 _____ () C:\Users\*****\Desktop\Goodgame Empire.url
2014-03-27 18:50 - 2014-03-27 18:50 - 00657808 _____ () C:\Users\*****\Downloads\V3D25Plus_windows_Setup_20111110-Downloader.exe
2014-03-27 18:41 - 2014-03-27 18:40 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 4.4
2014-03-27 18:40 - 2014-03-27 18:39 - 41882152 _____ (International GeoGebra Institute) C:\Users\*****\Downloads\GeoGebra-Windows-Installer-4-4-23-0.exe
2014-03-27 09:47 - 2014-03-27 09:47 - 00126393 _____ () C:\Users\*****\Downloads\lt_kernmodell
2014-03-25 20:17 - 2014-03-25 20:17 - 564624957 _____ () C:\Windows\MEMORY.DMP
2014-03-25 20:17 - 2014-03-25 20:17 - 00302720 _____ () C:\Windows\Minidump\032514-34257-01.dmp
2014-03-25 20:17 - 2012-12-15 16:11 - 00000000 ____D () C:\Windows\Minidump
2014-03-25 00:02 - 2012-11-11 19:53 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-03-23 16:50 - 2014-02-16 18:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-03-20 09:31 - 2012-09-26 21:56 - 00000000 ___SD () C:\Users\*****\Documents\Meine Datenquellen
2014-03-19 23:39 - 2012-08-09 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 17:52 - 2014-03-18 23:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 02:06 - 2013-08-16 09:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 02:04 - 2012-08-09 10:52 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 22:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-17 20:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-17 03:37 - 2014-03-17 02:53 - 00013051 _____ () C:\Users\*****\Documents\Mappe1.xlsx
2014-03-12 22:47 - 2009-07-14 06:45 - 04982584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 22:44 - 2012-08-09 09:28 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 22:44 - 2012-08-09 09:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 19:47 - 2012-08-09 08:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 16:32 - 2014-03-12 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-12 01:24 - 2014-03-12 00:24 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-12 01:24 - 2013-02-12 12:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 01:24 - 2012-08-11 13:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 01:24 - 2012-08-11 13:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 20:31 - 2014-02-16 18:48 - 00000000 ____D () C:\ProgramData\Skype
2014-03-11 20:24 - 2013-06-01 19:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\CyberLink
2014-03-11 20:18 - 2014-03-11 20:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Epson
2014-03-09 18:35 - 2013-05-19 12:20 - 00002028 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\da527484-ba88-49c3-89f6-09520d63695b.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\COMAP.EXE
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 03:35
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ***** at 2014-04-07 03:03:25
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.8.0.10 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.3.29.0 - Lavasoft) Hidden
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
EPSON BX305 Series Printer Uninstall (HKLM\...\EPSON BX305 Series) (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-x64 7.0.5.15_WHQL (HKLM\...\Elantech) (Version: 7.0.5.15 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Fresco Logic USB3.0 Host Controller (HKLM\...\{26211D4B-CD06-44C8-BA6E-F937E1692629}) (Version: 3.0.114.13 - Fresco Logic Inc.)
GeoGebra 5.0 (HKLM-x32\...\GeoGebra 5.0) (Version: 4.9.256.0 - International GeoGebra Institute)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{4327107B-E95E-415C-9194-458FCED6BF12}) (Version: 13.03.0000 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Intel(R) Wireless Display (HKLM\...\{C298FF86-AB23-4B58-AC53-A23383C07B3A}) (Version: 1.2.20.0 - Intel Corporation)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{89C4C60E-490D-43D1-A4EE-92877306DEC3}) (Version: 1.17.769 - LEGO)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKCU\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
NVIDIA Control Panel 265.96 (Version: 265.96 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 265.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 265.96 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.29.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.9 (Version: 1.0.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.9 - NVIDIA Corporation) Hidden
OnlineThreatsEngine (Version: 2.2.2.0 - Lavasoft) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebFilteringEngine (Version: 2.2.1.0 - Lavasoft) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
==================== Restore Points =========================
19-03-2014 00:04:14 Windows Update
25-03-2014 15:19:50 Windows Update
28-03-2014 15:22:04 Windows Update
01-04-2014 14:16:07 Windows Update
04-04-2014 14:46:07 Windows Update
06-04-2014 22:41:10 AA11
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0A242A82-75B0-4D63-B6EE-7C0FCD78131A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {0ED35F2C-D486-474C-9F87-1A0574DFA74F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-11-24] (CyberLink)
Task: {0F65361B-58B4-41DC-8722-3DC815659BDB} - System32\Tasks\AdobeAAMUpdater-1.0-PapaBook-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-01-24] (Adobe Systems Incorporated)
Task: {11703F1B-0D80-4E0A-8B58-F3BAA83234CF} - System32\Tasks\{B4E47510-B53F-4B43-AAEF-58B8F1755EB7} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {13DF5B68-BACC-4C87-A45D-973CE7B2253E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {39414D12-AD02-4EBF-A0B8-A70F1751A175} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {3B493D61-B417-4179-B474-1A0F81377887} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5ADC85BE-F11D-43CB-96B1-B385D1BC2070} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {6453C52B-D4FB-450C-B45C-D569C2703944} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {7B5B762C-FD33-41A5-B53F-ABADC81D4516} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {7DA7736B-1628-4E14-A32F-B2762F506425} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {87B88478-3489-4D88-B998-89E803BBED66} - System32\Tasks\{65C5A358-D155-4BF0-9CF2-FF93A86FF7FD} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {8A8FD7EA-A8F4-48B0-9295-5635C4123A7B} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {8D649376-92A8-4284-88DC-CC66FC6B80F8} - \EPUpdater No Task File
Task: {B000B6D9-B8D1-4C8F-B72C-F9424D0F9C8F} - System32\Tasks\{716AB061-20A2-49C8-97B5-6BBD646B71AC} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {C8395007-7200-4D94-94C1-4BEA0F1C6E51} - System32\Tasks\{FF74903E-B06E-4111-9E97-B7183D03AEDB} => Firefox.exe hxxp://ui.skype.com/ui/0/6.13.0.104/de/eula?source=lightinstaller
Task: {E5566B77-FCEF-4D81-9F18-14F7A90507DD} - System32\Tasks\{94C83D8E-DD71-4A95-92D6-E9FDBE14A668} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {E56BF523-D99C-4CF8-81A7-254CCABF393D} - System32\Tasks\{8143570B-A881-45A9-AC25-C2C1355087BA} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {E816935A-9F3F-4E43-9544-6137A2B4848F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {EB3F6D42-72A9-49E9-A4E2-C42EB6EF02A1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {F786FA0E-0FB0-4379-8DEB-F0AD6E8EF663} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2010-07-20 01:48 - 2010-07-20 01:48 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2014-04-07 00:46 - 2013-07-17 17:09 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2013-08-21 14:32 - 2013-08-21 14:32 - 00824864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttpbr.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 00558136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttpdsp.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 02656752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttpph.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 01234816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.2.0\ashttprbl.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 00824864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttpbr.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 00558136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttpdsp.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 03112000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttpf.mdl
2013-08-21 14:32 - 2013-08-21 14:32 - 01234816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\WebFiltering Engine\2.2.1.0\ashttprbl.mdl
2012-08-03 07:13 - 2009-04-17 12:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2011-01-12 18:01 - 2011-01-12 18:01 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2011-01-12 18:01 - 2011-01-12 18:01 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2012-08-03 07:02 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-01-17 23:16 - 2011-01-17 23:16 - 00091464 _____ () C:\ExpressGateUtil\VAWinService.exe
2010-07-20 01:48 - 2010-07-20 01:48 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-02-12 04:19 - 2011-01-27 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02141040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareShellExtension.dll
2012-11-05 23:52 - 2013-04-14 20:58 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-26 11:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-10-26 11:10 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-26 11:10 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-10-26 11:10 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-10-26 11:10 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-12-25 04:12 - 2010-12-25 04:12 - 00157000 _____ () C:\ExpressGateUtil\libexpat.dll
2011-01-04 02:27 - 2011-01-04 02:27 - 00061768 _____ () C:\ExpressGateUtil\netProfileDatabase.DLL
2011-03-02 21:34 - 2011-03-02 22:34 - 00073728 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Symlib.dll
2011-03-02 21:34 - 2011-03-02 22:34 - 02748416 _____ () C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\LIBMYSQLD.dll
2012-08-03 06:51 - 2011-03-10 06:22 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-18 20:43 - 2013-12-18 20:43 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-03-29 10:09 - 2014-03-29 10:10 - 03642480 _____ () C:\Users\*****\AppData\Local\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\*****\Cookies:9QNjlq7WiKlCt8LHRSBRyI0PBex
AlternateDataStreams: C:\Users\*****\Cookies:Dl7v99tjHQ3lT2kZ3RfhGM
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:XScmXCwMacfiixoZBCPapKpl
AlternateDataStreams: C:\Users\*****\AppData\Local:XScmXCwMacfiixoZBCPapKpl
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:XScmXCwMacfiixoZBCPapKpl
AlternateDataStreams: C:\Users\*****\AppData\Local\Temporary Internet Files:347D0y5R4XBJsFosZBxWAGF
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: Syncables => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/07/2014 01:37:40 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18222, Zeitstempel: 0x51f1ddfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005055a
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (04/07/2014 00:31:36 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18222, Zeitstempel: 0x51f1ddfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005055a
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (04/06/2014 08:22:39 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (04/05/2014 09:29:14 PM) (Source: Application Hang) (User: )
Description: Programm plugin-container.exe, Version 28.0.0.5186 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1040
Startzeit: 01cf51052c36eaa4
Endzeit: 20
Anwendungspfad: C:\Users\*****\AppData\Local\Mozilla Firefox\plugin-container.exe
Berichts-ID: 841a86df-bcf8-11e3-950c-f46d04c20c2c
Error: (04/01/2014 05:07:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: api-mt-win-core-libraryloader-l1-1-0.exe, Version: 0.0.0.0, Zeitstempel: 0x529d12e8
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000002415cd
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xapi-mt-win-core-libraryloader-l1-1-0.exe0
Pfad der fehlerhaften Anwendung: api-mt-win-core-libraryloader-l1-1-0.exe1
Pfad des fehlerhaften Moduls: api-mt-win-core-libraryloader-l1-1-0.exe2
Berichtskennung: api-mt-win-core-libraryloader-l1-1-0.exe3
Error: (04/01/2014 01:39:58 PM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.16521 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1bc0
Startzeit: 01cf4d9f01e2aa92
Endzeit: 16
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (03/31/2014 10:16:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FBAgent.exe, Version: 1.0.9.0, Zeitstempel: 0x4d3e6927
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x514
Startzeit der fehlerhaften Anwendung: 0xFBAgent.exe0
Pfad der fehlerhaften Anwendung: FBAgent.exe1
Pfad des fehlerhaften Moduls: FBAgent.exe2
Berichtskennung: FBAgent.exe3
Error: (03/30/2014 08:44:03 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (03/29/2014 06:25:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SDTray.exe, Version: 2.1.21.129, Zeitstempel: 0x51f0ed9e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x13b4
Startzeit der fehlerhaften Anwendung: 0xSDTray.exe0
Pfad der fehlerhaften Anwendung: SDTray.exe1
Pfad des fehlerhaften Moduls: SDTray.exe2
Berichtskennung: SDTray.exe3
Error: (03/29/2014 04:34:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FBAgent.exe, Version: 1.0.9.0, Zeitstempel: 0x4d3e6927
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x570
Startzeit der fehlerhaften Anwendung: 0xFBAgent.exe0
Pfad der fehlerhaften Anwendung: FBAgent.exe1
Pfad des fehlerhaften Moduls: FBAgent.exe2
Berichtskennung: FBAgent.exe3
System errors:
=============
Error: (04/05/2014 00:51:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/05/2014 00:51:37 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (04/03/2014 07:37:50 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (04/01/2014 05:07:02 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ATKGFNEX msahci Turbo" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/01/2014 03:25:19 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)
Error: (04/01/2014 03:25:13 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)
Error: (04/01/2014 01:39:11 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)
Error: (04/01/2014 01:39:08 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)
Error: (03/31/2014 10:16:17 PM) (Source: Service Control Manager) (User: )
Description: Dienst "AFBAgent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/31/2014 10:01:04 PM) (Source: DCOM) (User: PapaBook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PapaBookGastS-1-5-21-3379123602-2794455321-361650133-501LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (04/07/2014 01:37:40 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1822251f1ddfac0000005000000000005055a
Error: (04/07/2014 00:31:36 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1822251f1ddfac0000005000000000005055a
Error: (04/06/2014 08:22:39 PM) (Source: Windows Backup)(User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (04/05/2014 09:29:14 PM) (Source: Application Hang)(User: )
Description: plugin-container.exe28.0.0.5186104001cf51052c36eaa420C:\Users\*****\AppData\Local\Mozilla Firefox\plugin-container.exe841a86df-bcf8-11e3-950c-f46d04c20c2c
Error: (04/01/2014 05:07:01 PM) (Source: Application Error)(User: )
Description: api-mt-win-core-libraryloader-l1-1-0.exe0.0.0.0529d12e8unknown0.0.0.000000000c000000500000000002415cdb2c01cf4b9a0bcd6ca5C:\Windows\system32\api-mt-win-core-libraryloader-l1-1-0.exeunknown46a633c9-b9af-11e3-a532-f46d04c20c2c
Error: (04/01/2014 01:39:58 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.165211bc001cf4d9f01e2aa9216C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (03/31/2014 10:16:17 PM) (Source: Application Error)(User: )
Description: FBAgent.exe1.0.9.04d3e6927ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410251401cf4b9a04056aabC:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dll5045e510-b911-11e3-a532-f46d04c20c2c
Error: (03/30/2014 08:44:03 PM) (Source: Windows Backup)(User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (03/29/2014 06:25:06 PM) (Source: Application Error)(User: )
Description: SDTray.exe2.1.21.12951f0ed9eunknown0.0.0.000000000c00000050000000013b401cf4adf58f3ce64C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeunknownafa560e4-b75e-11e3-8c67-f46d04c20c2c
Error: (03/29/2014 04:34:59 PM) (Source: Application Error)(User: )
Description: FBAgent.exe1.0.9.04d3e6927ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410257001cf4adf3df852daC:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dll4d9295c7-b74f-11e3-8c67-f46d04c20c2c
CodeIntegrity Errors:
===================================
Date: 2012-08-16 17:32:09.086
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-16 17:32:09.008
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-16 17:32:08.867
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-16 17:32:08.727
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-16 17:31:12.333
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-16 17:31:12.224
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-16 17:31:12.083
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-16 17:31:11.959
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*****\Documents\boot\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 8102.78 MB
Available physical RAM: 4541.3 MB
Total Pagefile: 16203.74 MB
Available Pagefile: 12834.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:195.35 GB) (Free:91.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:245.41 GB) (Free:245.27 GB) NTFS
Drive e: (Schule) (Fixed) (Total:232.88 GB) (Free:224.25 GB) NTFS
Drive f: (Privat) (Fixed) (Total:232.87 GB) (Free:208.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A420BA92)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: B12C75F9)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-07 03:33:32
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0003 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\CHRIST~1\AppData\Local\Temp\fxtdapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075a61465 2 bytes [A6, 75]
.text C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075a614bb 2 bytes [A6, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[2476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075a61465 2 bytes [A6, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[2476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075a614bb 2 bytes [A6, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2564] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075a61465 2 bytes [A6, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2564] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075a614bb 2 bytes [A6, 75]
.text ... * 2
.text C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[5016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075a61465 2 bytes [A6, 75]
.text C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[5016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075a614bb 2 bytes [A6, 75]
.text ... * 2
.text C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075a61465 2 bytes [A6, 75]
.text C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075a614bb 2 bytes [A6, 75]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0015007a2bc2
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0015007a2bc2 (not active ControlSet)
---- EOF - GMER 2.1 ----
|
|
07.04.2014, 07:02
| #2 |
| /// the machine /// TB-Ausbilder    | Programme scheinen in Ordner "Program Data" verschoben zu sein - außerdem: Shared key to keep this from being removed with install/uninstall hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
07.04.2014, 20:16
| #3 |
| | Programme scheinen in Ordner "Program Data" verschoben zu sein - außerdem: Shared key to keep this from being removed with install/uninstall Hallo schrauber,
__________________danke für den ersten Schritt. TDSSKIller hat nichts gefunden; hier as Logfile: Code:
ATTFilter 21:11:22.0708 0x18e0 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12
21:11:29.0239 0x18e0 ============================================================
21:11:29.0239 0x18e0 Current date / time: 2014/04/07 21:11:29.0239
21:11:29.0239 0x18e0 SystemInfo:
21:11:29.0239 0x18e0
21:11:29.0239 0x18e0 OS Version: 6.1.7601 ServicePack: 1.0
21:11:29.0239 0x18e0 Product type: Workstation
21:11:29.0239 0x18e0 ComputerName: PAPABOOK
21:11:29.0240 0x18e0 UserName: *****
21:11:29.0240 0x18e0 Windows directory: C:\Windows
21:11:29.0240 0x18e0 System windows directory: C:\Windows
21:11:29.0240 0x18e0 Running under WOW64
21:11:29.0240 0x18e0 Processor architecture: Intel x64
21:11:29.0240 0x18e0 Number of processors: 8
21:11:29.0240 0x18e0 Page size: 0x1000
21:11:29.0240 0x18e0 Boot type: Normal boot
21:11:29.0240 0x18e0 ============================================================
21:11:29.0820 0x18e0 KLMD registered as C:\Windows\system32\drivers\04818319.sys
21:11:30.0050 0x18e0 System UUID: {9E31A95C-07C9-BC4B-83B9-8817EF26C3A9}
21:11:30.0545 0x18e0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:30.0828 0x18e0 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:30.0906 0x18e0 ============================================================
21:11:30.0906 0x18e0 \Device\Harddisk0\DR0:
21:11:30.0919 0x18e0 MBR partitions:
21:11:30.0919 0x18e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x186B5000
21:11:30.0935 0x18e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8B6000, BlocksNum 0x1EACF800
21:11:30.0935 0x18e0 \Device\Harddisk1\DR1:
21:11:30.0936 0x18e0 MBR partitions:
21:11:30.0951 0x18e0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x1D1C4542
21:11:30.0975 0x18e0 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1D1C8481, BlocksNum 0x1D1BC7C0
21:11:30.0975 0x18e0 ============================================================
21:11:31.0042 0x18e0 C: <-> \Device\Harddisk0\DR0\Partition1
21:11:31.0149 0x18e0 D: <-> \Device\Harddisk0\DR0\Partition2
21:11:31.0175 0x18e0 E: <-> \Device\Harddisk1\DR1\Partition1
21:11:31.0218 0x18e0 F: <-> \Device\Harddisk1\DR1\Partition2
21:11:31.0218 0x18e0 ============================================================
21:11:31.0218 0x18e0 Initialize success
21:11:31.0218 0x18e0 ============================================================
21:11:39.0392 0x1eb0 ============================================================
21:11:39.0392 0x1eb0 Scan started
21:11:39.0392 0x1eb0 Mode: Manual; SigCheck; TDLFS;
21:11:39.0392 0x1eb0 ============================================================
21:11:39.0392 0x1eb0 KSN ping started
21:11:41.0831 0x1eb0 KSN ping finished: true
21:11:42.0262 0x1eb0 ================ Scan system memory ========================
21:11:42.0262 0x1eb0 System memory - ok
21:11:42.0264 0x1eb0 ================ Scan services =============================
21:11:42.0444 0x1eb0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:11:42.0571 0x1eb0 1394ohci - ok
21:11:42.0638 0x1eb0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:11:42.0667 0x1eb0 ACPI - ok
21:11:42.0706 0x1eb0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:11:42.0806 0x1eb0 AcpiPmi - ok
21:11:42.0983 0x1eb0 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:11:43.0023 0x1eb0 AdobeARMservice - ok
21:11:43.0151 0x1eb0 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:11:43.0202 0x1eb0 AdobeFlashPlayerUpdateSvc - ok
21:11:43.0282 0x1eb0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:11:43.0319 0x1eb0 adp94xx - ok
21:11:43.0354 0x1eb0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:11:43.0377 0x1eb0 adpahci - ok
21:11:43.0395 0x1eb0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:11:43.0410 0x1eb0 adpu320 - ok
21:11:43.0442 0x1eb0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:11:43.0620 0x1eb0 AeLookupSvc - ok
21:11:43.0700 0x1eb0 [ 6E79A119B0CE418FE44E0C824BF3F039, 7C7E8ED41EFCDB20C1A0C038BB6C53CDBE6709E3573C8A93B4059C0CD08759EB ] AFBAgent C:\Windows\system32\FBAgent.exe
21:11:43.0735 0x1eb0 AFBAgent - ok
21:11:43.0788 0x1eb0 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
21:11:43.0813 0x1eb0 Afc - ok
21:11:43.0879 0x1eb0 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
21:11:43.0971 0x1eb0 AFD - ok
21:11:44.0023 0x1eb0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:11:44.0048 0x1eb0 agp440 - ok
21:11:44.0081 0x1eb0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:11:44.0116 0x1eb0 ALG - ok
21:11:44.0154 0x1eb0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:11:44.0164 0x1eb0 aliide - ok
21:11:44.0181 0x1eb0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:11:44.0192 0x1eb0 amdide - ok
21:11:44.0228 0x1eb0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:11:44.0286 0x1eb0 AmdK8 - ok
21:11:44.0320 0x1eb0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:11:44.0382 0x1eb0 AmdPPM - ok
21:11:44.0436 0x1eb0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:11:44.0472 0x1eb0 amdsata - ok
21:11:44.0528 0x1eb0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:11:44.0567 0x1eb0 amdsbs - ok
21:11:44.0610 0x1eb0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:11:44.0642 0x1eb0 amdxata - ok
21:11:44.0690 0x1eb0 [ 9C7F164B49CADC658D1B3C575782F346, 7C5FD203735041B6AEB2E551A63CE5F46DB41044BC72E7E77A72F316197C80DA ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
21:11:44.0767 0x1eb0 AmUStor - ok
21:11:44.0868 0x1eb0 [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:11:44.0904 0x1eb0 AntiVirSchedulerService - ok
21:11:44.0982 0x1eb0 [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:11:45.0014 0x1eb0 AntiVirService - ok
21:11:45.0068 0x1eb0 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
21:11:45.0264 0x1eb0 AppID - ok
21:11:45.0298 0x1eb0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:11:45.0372 0x1eb0 AppIDSvc - ok
21:11:45.0420 0x1eb0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:11:45.0498 0x1eb0 Appinfo - ok
21:11:45.0535 0x1eb0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:11:45.0559 0x1eb0 arc - ok
21:11:45.0574 0x1eb0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:11:45.0592 0x1eb0 arcsas - ok
21:11:45.0686 0x1eb0 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:11:45.0719 0x1eb0 ASLDRService - ok
21:11:45.0735 0x1eb0 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:11:45.0744 0x1eb0 ASMMAP64 - ok
21:11:45.0855 0x1eb0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:11:45.0896 0x1eb0 aspnet_state - ok
21:11:45.0930 0x1eb0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:11:46.0023 0x1eb0 AsyncMac - ok
21:11:46.0052 0x1eb0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:11:46.0066 0x1eb0 atapi - ok
21:11:46.0149 0x1eb0 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:11:46.0295 0x1eb0 athr - ok
21:11:46.0333 0x1eb0 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:11:46.0383 0x1eb0 ATKGFNEXSrv - ok
21:11:46.0428 0x1eb0 [ AC31727F9946E9009480708E4D1B9986, D1D5DC2A377D37483E10BF5F96D670712718BC27C753E86ABBB6C0708992E7C9 ] ATKWMIACPIIO_ C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:11:46.0443 0x1eb0 ATKWMIACPIIO_ - ok
21:11:46.0501 0x1eb0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:11:46.0579 0x1eb0 AudioEndpointBuilder - ok
21:11:46.0612 0x1eb0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:11:46.0659 0x1eb0 AudioSrv - ok
21:11:46.0711 0x1eb0 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:11:46.0732 0x1eb0 avgntflt - ok
21:11:46.0776 0x1eb0 [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:11:46.0789 0x1eb0 avipbb - ok
21:11:46.0801 0x1eb0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:11:46.0811 0x1eb0 avkmgr - ok
21:11:46.0865 0x1eb0 [ CE7793573FA4E70033D907DD919FF648, 3785CB15F95DAEA28ADE80A911C58D092499A116761AF9C8356ED0F2D19130E8 ] avmident C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
21:11:46.0925 0x1eb0 avmident - detected UnsignedFile.Multi.Generic ( 1 )
21:11:49.0498 0x1eb0 Detect skipped due to KSN trusted
21:11:49.0498 0x1eb0 avmident - ok
21:11:49.0592 0x1eb0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:11:49.0748 0x1eb0 AxInstSV - ok
21:11:49.0826 0x1eb0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:11:49.0904 0x1eb0 b06bdrv - ok
21:11:49.0951 0x1eb0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:11:49.0997 0x1eb0 b57nd60a - ok
21:11:50.0044 0x1eb0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:11:50.0122 0x1eb0 BDESVC - ok
21:11:50.0231 0x1eb0 [ 9920B815BC3B3F2D69071842DD18D422, 80D91191A49C7BA68C968C4FFED4F7A24E7C8F4169C7B45B4F55BBE6F6F22ED2 ] BdfNdisf c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys
21:11:50.0278 0x1eb0 BdfNdisf - ok
21:11:50.0325 0x1eb0 [ A626DCB25F09E117421E1021CA3D22A0, D2BA10E7EFBE03589DC7AD088E1A1672539C83C427D9C88838DA5C1B92F65AC3 ] bdfwfpf C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys
21:11:50.0356 0x1eb0 bdfwfpf - ok
21:11:50.0403 0x1eb0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:11:50.0481 0x1eb0 Beep - ok
21:11:50.0575 0x1eb0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:11:50.0668 0x1eb0 BFE - ok
21:11:50.0746 0x1eb0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:11:50.0824 0x1eb0 BITS - ok
21:11:50.0855 0x1eb0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:11:50.0918 0x1eb0 blbdrive - ok
21:11:50.0949 0x1eb0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:11:51.0027 0x1eb0 bowser - ok
21:11:51.0058 0x1eb0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:11:51.0105 0x1eb0 BrFiltLo - ok
21:11:51.0121 0x1eb0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:11:51.0136 0x1eb0 BrFiltUp - ok
21:11:51.0183 0x1eb0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:11:51.0230 0x1eb0 Browser - ok
21:11:51.0277 0x1eb0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:11:51.0339 0x1eb0 Brserid - ok
21:11:51.0370 0x1eb0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:11:51.0401 0x1eb0 BrSerWdm - ok
21:11:51.0417 0x1eb0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:11:51.0448 0x1eb0 BrUsbMdm - ok
21:11:51.0448 0x1eb0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:11:51.0479 0x1eb0 BrUsbSer - ok
21:11:51.0511 0x1eb0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:11:51.0635 0x1eb0 BthEnum - ok
21:11:51.0682 0x1eb0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:11:51.0713 0x1eb0 BTHMODEM - ok
21:11:51.0745 0x1eb0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:11:51.0807 0x1eb0 BthPan - ok
21:11:51.0869 0x1eb0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:11:51.0963 0x1eb0 BTHPORT - ok
21:11:52.0010 0x1eb0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:11:52.0119 0x1eb0 bthserv - ok
21:11:52.0150 0x1eb0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:11:52.0181 0x1eb0 BTHUSB - ok
21:11:52.0213 0x1eb0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:11:52.0259 0x1eb0 cdfs - ok
21:11:52.0322 0x1eb0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:11:52.0369 0x1eb0 cdrom - ok
21:11:52.0415 0x1eb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:11:52.0525 0x1eb0 CertPropSvc - ok
21:11:52.0556 0x1eb0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:11:52.0618 0x1eb0 circlass - ok
21:11:52.0665 0x1eb0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:11:52.0696 0x1eb0 CLFS - ok
21:11:52.0774 0x1eb0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:11:52.0805 0x1eb0 clr_optimization_v2.0.50727_32 - ok
21:11:52.0852 0x1eb0 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:11:52.0868 0x1eb0 clr_optimization_v2.0.50727_64 - ok
21:11:52.0961 0x1eb0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:11:53.0008 0x1eb0 clr_optimization_v4.0.30319_32 - ok
21:11:53.0055 0x1eb0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:11:53.0086 0x1eb0 clr_optimization_v4.0.30319_64 - ok
21:11:53.0117 0x1eb0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:11:53.0180 0x1eb0 CmBatt - ok
21:11:53.0211 0x1eb0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:11:53.0227 0x1eb0 cmdide - ok
21:11:53.0305 0x1eb0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
21:11:53.0351 0x1eb0 CNG - ok
21:11:53.0383 0x1eb0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:11:53.0414 0x1eb0 Compbatt - ok
21:11:53.0476 0x1eb0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:11:53.0539 0x1eb0 CompositeBus - ok
21:11:53.0570 0x1eb0 COMSysApp - ok
21:11:53.0663 0x1eb0 [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:11:53.0741 0x1eb0 cphs - ok
21:11:53.0788 0x1eb0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:11:53.0819 0x1eb0 crcdisk - ok
21:11:53.0851 0x1eb0 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:11:53.0913 0x1eb0 CryptSvc - ok
21:11:53.0991 0x1eb0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:11:54.0053 0x1eb0 DcomLaunch - ok
21:11:54.0100 0x1eb0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:11:54.0163 0x1eb0 defragsvc - ok
21:11:54.0241 0x1eb0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:11:54.0350 0x1eb0 DfsC - ok
21:11:54.0397 0x1eb0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:11:54.0490 0x1eb0 Dhcp - ok
21:11:54.0521 0x1eb0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:11:54.0615 0x1eb0 discache - ok
21:11:54.0631 0x1eb0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:11:54.0646 0x1eb0 Disk - ok
21:11:54.0693 0x1eb0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:11:54.0771 0x1eb0 Dnscache - ok
21:11:54.0833 0x1eb0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:11:54.0943 0x1eb0 dot3svc - ok
21:11:54.0989 0x1eb0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:11:55.0052 0x1eb0 DPS - ok
21:11:55.0083 0x1eb0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:11:55.0114 0x1eb0 drmkaud - ok
21:11:55.0192 0x1eb0 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:11:55.0223 0x1eb0 DXGKrnl - ok
21:11:55.0255 0x1eb0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:11:55.0301 0x1eb0 EapHost - ok
21:11:55.0457 0x1eb0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:11:55.0567 0x1eb0 ebdrv - ok
21:11:55.0613 0x1eb0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
21:11:55.0691 0x1eb0 EFS - ok
21:11:55.0785 0x1eb0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:11:55.0879 0x1eb0 ehRecvr - ok
21:11:55.0910 0x1eb0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:11:55.0972 0x1eb0 ehSched - ok
21:11:56.0050 0x1eb0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:11:56.0113 0x1eb0 elxstor - ok
21:11:56.0206 0x1eb0 [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
21:11:56.0269 0x1eb0 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
21:12:02.0264 0x1eb0 Detect skipped due to KSN trusted
21:12:02.0264 0x1eb0 EpsonBidirectionalService - ok
21:12:02.0374 0x1eb0 [ 7DB097F4F6786307168C0DDDEC43A565, 963C0D3D88FB4BF9C2FBCB296B03603E2F8AA8B4E8976162842863B7538C1A9F ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
21:12:02.0436 0x1eb0 EPSON_EB_RPCV4_04 - ok
21:12:02.0452 0x1eb0 [ 258AA65A0862E19B7DE6981FDA3758AD, C090F19BEDC2CFB0B5265BCE48BD52102E06CBC15EEFE4CDB747D44F2E42D545 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
21:12:02.0498 0x1eb0 EPSON_PM_RPCV4_04 - ok
21:12:02.0530 0x1eb0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:12:02.0608 0x1eb0 ErrDev - ok
21:12:02.0670 0x1eb0 [ 05B0DCDA418E297A1B4CD8D7B8ADE403, 100F8093B3772563AD42F4C167E2A7C6ED65603FBB610804DBA0CAFAA7658520 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
21:12:02.0748 0x1eb0 ETD - ok
21:12:02.0810 0x1eb0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:12:02.0904 0x1eb0 EventSystem - ok
21:12:03.0060 0x1eb0 [ BDFCB7E8C108D042B213957D2B044E7E, 2840637123E40ACEB6F78A618C7C230B62388C36C49D5AD9BE795A1063FA5845 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:12:03.0122 0x1eb0 EvtEng - ok
21:12:03.0154 0x1eb0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:12:03.0232 0x1eb0 exfat - ok
21:12:03.0247 0x1eb0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:12:03.0310 0x1eb0 fastfat - ok
21:12:03.0403 0x1eb0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:12:03.0512 0x1eb0 Fax - ok
21:12:03.0544 0x1eb0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:12:03.0590 0x1eb0 fdc - ok
21:12:03.0637 0x1eb0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:12:03.0715 0x1eb0 fdPHost - ok
21:12:03.0731 0x1eb0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:12:03.0778 0x1eb0 FDResPub - ok
21:12:03.0793 0x1eb0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:12:03.0824 0x1eb0 FileInfo - ok
21:12:03.0824 0x1eb0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:12:03.0887 0x1eb0 Filetrace - ok
21:12:03.0934 0x1eb0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:12:03.0965 0x1eb0 flpydisk - ok
21:12:03.0996 0x1eb0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:12:04.0027 0x1eb0 FltMgr - ok
21:12:04.0074 0x1eb0 [ 72893DC6F72EABAEF5AA1013FD189050, F766819AC554064C10C91EE9D20E95FD1A896B86274425FE1A4F73F868476248 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
21:12:04.0152 0x1eb0 FLxHCIc - ok
21:12:04.0168 0x1eb0 [ A2156628A86450D490A387B9B06FB17D, B8FA1ED21016711B48F2DAEBF5DB1695D5D0C61B63ED92646DF45BE250CBE417 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
21:12:04.0246 0x1eb0 FLxHCIh - ok
21:12:04.0339 0x1eb0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
21:12:04.0448 0x1eb0 FontCache - ok
21:12:04.0511 0x1eb0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:12:04.0558 0x1eb0 FontCache3.0.0.0 - ok
21:12:04.0589 0x1eb0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:12:04.0604 0x1eb0 FsDepends - ok
21:12:04.0651 0x1eb0 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:12:04.0667 0x1eb0 fssfltr - ok
21:12:04.0807 0x1eb0 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:12:04.0963 0x1eb0 fsssvc - ok
21:12:05.0010 0x1eb0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:12:05.0057 0x1eb0 Fs_Rec - ok
21:12:05.0104 0x1eb0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:12:05.0182 0x1eb0 fvevol - ok
21:12:05.0197 0x1eb0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:12:05.0244 0x1eb0 gagp30kx - ok
21:12:05.0306 0x1eb0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:12:05.0400 0x1eb0 gpsvc - ok
21:12:05.0540 0x1eb0 [ 07177B5A8C277074C30AC515FEBD4F37, A18B7A4491732D97884D0F95428563DE6EBCBB988C5595DA2C710DFDE733B096 ] gzflt C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys
21:12:05.0603 0x1eb0 gzflt - ok
21:12:05.0634 0x1eb0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:12:05.0696 0x1eb0 hcw85cir - ok
21:12:05.0759 0x1eb0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:12:05.0837 0x1eb0 HdAudAddService - ok
21:12:05.0868 0x1eb0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:12:05.0899 0x1eb0 HDAudBus - ok
21:12:05.0946 0x1eb0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:12:05.0993 0x1eb0 HidBatt - ok
21:12:06.0024 0x1eb0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:12:06.0086 0x1eb0 HidBth - ok
21:12:06.0133 0x1eb0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:12:06.0180 0x1eb0 HidIr - ok
21:12:06.0211 0x1eb0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:12:06.0289 0x1eb0 hidserv - ok
21:12:06.0352 0x1eb0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:12:06.0414 0x1eb0 HidUsb - ok
21:12:06.0445 0x1eb0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:12:06.0539 0x1eb0 hkmsvc - ok
21:12:06.0570 0x1eb0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:12:06.0648 0x1eb0 HomeGroupListener - ok
21:12:06.0695 0x1eb0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:12:06.0742 0x1eb0 HomeGroupProvider - ok
21:12:06.0788 0x1eb0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:12:06.0820 0x1eb0 HpSAMD - ok
21:12:06.0913 0x1eb0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:12:06.0991 0x1eb0 HTTP - ok
21:12:07.0007 0x1eb0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:12:07.0022 0x1eb0 hwpolicy - ok
21:12:07.0085 0x1eb0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:12:07.0116 0x1eb0 i8042prt - ok
21:12:07.0194 0x1eb0 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:12:07.0210 0x1eb0 iaStor - ok
21:12:07.0272 0x1eb0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:12:07.0334 0x1eb0 iaStorV - ok
21:12:07.0428 0x1eb0 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:12:07.0522 0x1eb0 idsvc - ok
21:12:07.0553 0x1eb0 IEEtwCollectorService - ok
21:12:07.0771 0x1eb0 [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:12:08.0114 0x1eb0 igfx - ok
21:12:08.0146 0x1eb0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:12:08.0161 0x1eb0 iirsp - ok
21:12:08.0208 0x1eb0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:12:08.0333 0x1eb0 IKEEXT - ok
21:12:08.0489 0x1eb0 [ E22397FB13975FF21BE8E6897D7DC584, 8C3E85BB54208928F1F058D914D1D52EC59B1939C3E123D8800E134B1A09AF9D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:12:08.0660 0x1eb0 IntcAzAudAddService - ok
21:12:08.0707 0x1eb0 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:12:08.0770 0x1eb0 IntcDAud - ok
21:12:08.0785 0x1eb0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:12:08.0848 0x1eb0 intelide - ok
21:12:08.0879 0x1eb0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:12:08.0926 0x1eb0 intelppm - ok
21:12:08.0957 0x1eb0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:12:09.0019 0x1eb0 IPBusEnum - ok
21:12:09.0066 0x1eb0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:12:09.0113 0x1eb0 IpFilterDriver - ok
21:12:09.0160 0x1eb0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:12:09.0238 0x1eb0 iphlpsvc - ok
21:12:09.0269 0x1eb0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:12:09.0331 0x1eb0 IPMIDRV - ok
21:12:09.0378 0x1eb0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:12:09.0472 0x1eb0 IPNAT - ok
21:12:09.0487 0x1eb0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:12:09.0596 0x1eb0 IRENUM - ok
21:12:09.0628 0x1eb0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:12:09.0674 0x1eb0 isapnp - ok
21:12:09.0721 0x1eb0 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:12:09.0752 0x1eb0 iScsiPrt - ok
21:12:09.0784 0x1eb0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:12:09.0799 0x1eb0 kbdclass - ok
21:12:09.0815 0x1eb0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:12:09.0862 0x1eb0 kbdhid - ok
21:12:09.0908 0x1eb0 [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
21:12:09.0940 0x1eb0 kbfiltr - ok
21:12:09.0955 0x1eb0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
21:12:09.0971 0x1eb0 KeyIso - ok
21:12:10.0018 0x1eb0 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:12:10.0064 0x1eb0 KSecDD - ok
21:12:10.0080 0x1eb0 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:12:10.0111 0x1eb0 KSecPkg - ok
21:12:10.0142 0x1eb0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:12:10.0174 0x1eb0 ksthunk - ok
21:12:10.0236 0x1eb0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:12:10.0376 0x1eb0 KtmRm - ok
21:12:10.0423 0x1eb0 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:12:10.0423 0x1eb0 L1C - ok
21:12:10.0486 0x1eb0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:12:10.0610 0x1eb0 LanmanServer - ok
21:12:10.0642 0x1eb0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:12:10.0688 0x1eb0 LanmanWorkstation - ok
21:12:10.0844 0x1eb0 [ 907A28AE111208455C51467EE60D20EF, 7ABD4B5A234EA2B8F7C7CDD163D3109A290631B361E279F3D682C1A8D48A4E01 ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
21:12:10.0891 0x1eb0 LavasoftAdAwareService11 - ok
21:12:10.0938 0x1eb0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:12:10.0985 0x1eb0 lltdio - ok
21:12:11.0016 0x1eb0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:12:11.0063 0x1eb0 lltdsvc - ok
21:12:11.0094 0x1eb0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:12:11.0125 0x1eb0 lmhosts - ok
21:12:11.0172 0x1eb0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:12:11.0219 0x1eb0 LSI_FC - ok
21:12:11.0250 0x1eb0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:12:11.0266 0x1eb0 LSI_SAS - ok
21:12:11.0281 0x1eb0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:12:11.0297 0x1eb0 LSI_SAS2 - ok
21:12:11.0312 0x1eb0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:12:11.0328 0x1eb0 LSI_SCSI - ok
21:12:11.0359 0x1eb0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:12:11.0406 0x1eb0 luafv - ok
21:12:11.0453 0x1eb0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:12:11.0500 0x1eb0 Mcx2Svc - ok
21:12:11.0531 0x1eb0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:12:11.0562 0x1eb0 megasas - ok
21:12:11.0609 0x1eb0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:12:11.0656 0x1eb0 MegaSR - ok
21:12:11.0718 0x1eb0 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:12:11.0749 0x1eb0 MEIx64 - ok
21:12:11.0765 0x1eb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:12:11.0858 0x1eb0 MMCSS - ok
21:12:11.0874 0x1eb0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:12:11.0921 0x1eb0 Modem - ok
21:12:11.0952 0x1eb0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:12:11.0983 0x1eb0 monitor - ok
21:12:12.0014 0x1eb0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:12:12.0046 0x1eb0 mouclass - ok
21:12:12.0061 0x1eb0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:12:12.0108 0x1eb0 mouhid - ok
21:12:12.0139 0x1eb0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:12:12.0155 0x1eb0 mountmgr - ok
21:12:12.0233 0x1eb0 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:12:12.0295 0x1eb0 MozillaMaintenance - ok
21:12:12.0326 0x1eb0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:12:12.0358 0x1eb0 mpio - ok
21:12:12.0404 0x1eb0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:12:12.0467 0x1eb0 mpsdrv - ok
21:12:12.0560 0x1eb0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:12:12.0670 0x1eb0 MpsSvc - ok
21:12:12.0685 0x1eb0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:12:12.0732 0x1eb0 MRxDAV - ok
21:12:12.0779 0x1eb0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:12:12.0826 0x1eb0 mrxsmb - ok
21:12:12.0857 0x1eb0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:12:12.0888 0x1eb0 mrxsmb10 - ok
21:12:12.0904 0x1eb0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:12:12.0950 0x1eb0 mrxsmb20 - ok
21:12:12.0982 0x1eb0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:12:13.0060 0x1eb0 msahci - ok
21:12:13.0091 0x1eb0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:12:13.0153 0x1eb0 msdsm - ok
21:12:13.0184 0x1eb0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:12:13.0231 0x1eb0 MSDTC - ok
21:12:13.0278 0x1eb0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:12:13.0340 0x1eb0 Msfs - ok
21:12:13.0356 0x1eb0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:12:13.0403 0x1eb0 mshidkmdf - ok
21:12:13.0434 0x1eb0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:12:13.0450 0x1eb0 msisadrv - ok
21:12:13.0496 0x1eb0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:12:13.0621 0x1eb0 MSiSCSI - ok
21:12:13.0621 0x1eb0 msiserver - ok
21:12:13.0652 0x1eb0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:12:13.0730 0x1eb0 MSKSSRV - ok
21:12:13.0762 0x1eb0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:12:13.0808 0x1eb0 MSPCLOCK - ok
21:12:13.0808 0x1eb0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:12:13.0855 0x1eb0 MSPQM - ok
21:12:13.0902 0x1eb0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:12:13.0949 0x1eb0 MsRPC - ok
21:12:13.0996 0x1eb0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:12:14.0011 0x1eb0 mssmbios - ok
21:12:14.0042 0x1eb0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:12:14.0136 0x1eb0 MSTEE - ok
21:12:14.0167 0x1eb0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:12:14.0198 0x1eb0 MTConfig - ok
21:12:14.0230 0x1eb0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:12:14.0276 0x1eb0 Mup - ok
21:12:14.0354 0x1eb0 [ 93CD1C4ECB8658A35E5E6EBA02D43E4F, 3439DBEEC3E6C9E7DCBF11B7065F7D596B5C11CFE2629821C9D46894053AD42A ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:12:14.0417 0x1eb0 MyWiFiDHCPDNS - ok
21:12:14.0479 0x1eb0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:12:14.0588 0x1eb0 napagent - ok
21:12:14.0713 0x1eb0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:12:14.0869 0x1eb0 NativeWifiP - ok
21:12:14.0994 0x1eb0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:12:15.0056 0x1eb0 NDIS - ok
21:12:15.0088 0x1eb0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:12:15.0166 0x1eb0 NdisCap - ok
21:12:15.0212 0x1eb0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:12:15.0259 0x1eb0 NdisTapi - ok
21:12:15.0306 0x1eb0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:12:15.0368 0x1eb0 Ndisuio - ok
21:12:15.0400 0x1eb0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:12:15.0478 0x1eb0 NdisWan - ok
21:12:15.0524 0x1eb0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:12:15.0618 0x1eb0 NDProxy - ok
21:12:15.0649 0x1eb0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:12:15.0727 0x1eb0 NetBIOS - ok
21:12:15.0758 0x1eb0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:12:15.0805 0x1eb0 NetBT - ok
21:12:15.0836 0x1eb0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
21:12:15.0852 0x1eb0 Netlogon - ok
21:12:15.0914 0x1eb0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:12:15.0977 0x1eb0 Netman - ok
21:12:16.0055 0x1eb0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:16.0133 0x1eb0 NetMsmqActivator - ok
21:12:16.0148 0x1eb0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:16.0164 0x1eb0 NetPipeActivator - ok
21:12:16.0211 0x1eb0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:12:16.0289 0x1eb0 netprofm - ok
21:12:16.0320 0x1eb0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:16.0336 0x1eb0 NetTcpActivator - ok
21:12:16.0351 0x1eb0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:16.0367 0x1eb0 NetTcpPortSharing - ok
21:12:16.0741 0x1eb0 [ EB43840BABF5589E33186D094DE7381D, 028750D33516773258FEA120FE4108A2EEA3FC6FEC49C6B2C1926F57858173AC ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
21:12:17.0141 0x1eb0 NETwNs64 - ok
21:12:17.0179 0x1eb0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:12:17.0197 0x1eb0 nfrd960 - ok
21:12:17.0221 0x1eb0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:12:17.0260 0x1eb0 NlaSvc - ok
21:12:17.0283 0x1eb0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:12:17.0316 0x1eb0 Npfs - ok
21:12:17.0338 0x1eb0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:12:17.0388 0x1eb0 nsi - ok
21:12:17.0410 0x1eb0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:12:17.0457 0x1eb0 nsiproxy - ok
21:12:17.0528 0x1eb0 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:12:17.0665 0x1eb0 Ntfs - ok
21:12:17.0726 0x1eb0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:12:17.0815 0x1eb0 Null - ok
21:12:18.0287 0x1eb0 [ DB4F01ABA1FF1379E64E997D9FC5C08B, 05D2550529A23771063A613DADE3F218EE58DC47055B6E8C6C707A45C3C3A04A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:12:18.0818 0x1eb0 nvlddmkm - ok
21:12:18.0849 0x1eb0 [ 6FCF6D9B3C149C7CEE6FEF8B622765C5, 5889F7D33B13E4EF2E3BE54CFD2C2090E54C1AF19B9B40A720CAE9F9EF80D4CA ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
21:12:18.0864 0x1eb0 nvpciflt - ok
21:12:18.0927 0x1eb0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:12:19.0005 0x1eb0 nvraid - ok
21:12:19.0036 0x1eb0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:12:19.0067 0x1eb0 nvstor - ok
21:12:19.0130 0x1eb0 [ 529153D4C83E6631B303AE183A34FBDB, 1787245F8175EECB82F50EBBA0060B2DEC0BBF3BCB881F1E518B422F01E9DBC7 ] NVSvc C:\Windows\system32\nvvsvc.exe
21:12:19.0176 0x1eb0 NVSvc - ok
21:12:19.0286 0x1eb0 [ E06DBB528EBB66C10BDDA799AF2CAB37, E2A778A38EF1FB40BDD6C727315423E8C9365729A3D3F5804AD6B09EA382678B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:12:19.0395 0x1eb0 nvUpdatusService - ok
21:12:19.0426 0x1eb0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:12:19.0457 0x1eb0 nv_agp - ok
21:12:19.0488 0x1eb0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:12:19.0551 0x1eb0 ohci1394 - ok
21:12:19.0629 0x1eb0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:12:19.0738 0x1eb0 ose - ok
21:12:19.0988 0x1eb0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:12:20.0206 0x1eb0 osppsvc - ok
21:12:20.0253 0x1eb0 [ 5F79934084DF6DC0635578864376CE54, DC386C40CDDA006CFACD9B8DDDF54D9C192C0221EE3528FD456EB1F13B002956 ] OV550I C:\Windows\system32\Drivers\ov550ivx.sys
21:12:20.0315 0x1eb0 OV550I - ok
21:12:20.0346 0x1eb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:12:20.0440 0x1eb0 p2pimsvc - ok
21:12:20.0471 0x1eb0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:12:20.0549 0x1eb0 p2psvc - ok
21:12:20.0580 0x1eb0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:12:20.0643 0x1eb0 Parport - ok
21:12:20.0690 0x1eb0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:12:20.0752 0x1eb0 partmgr - ok
21:12:20.0768 0x1eb0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
21:12:20.0814 0x1eb0 PcaSvc - ok
21:12:20.0846 0x1eb0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:12:20.0877 0x1eb0 pci - ok
21:12:20.0908 0x1eb0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:12:20.0939 0x1eb0 pciide - ok
21:12:20.0986 0x1eb0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:12:21.0080 0x1eb0 pcmcia - ok
21:12:21.0095 0x1eb0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:12:21.0126 0x1eb0 pcw - ok
21:12:21.0158 0x1eb0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:12:21.0236 0x1eb0 PEAUTH - ok
21:12:21.0329 0x1eb0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:12:21.0376 0x1eb0 PerfHost - ok
21:12:21.0501 0x1eb0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:12:21.0626 0x1eb0 pla - ok
21:12:21.0719 0x1eb0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:12:21.0797 0x1eb0 PlugPlay - ok
21:12:21.0828 0x1eb0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:12:21.0906 0x1eb0 PNRPAutoReg - ok
21:12:21.0938 0x1eb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:12:21.0969 0x1eb0 PNRPsvc - ok
21:12:22.0047 0x1eb0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:12:22.0140 0x1eb0 PolicyAgent - ok
21:12:22.0172 0x1eb0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:12:22.0250 0x1eb0 Power - ok
21:12:22.0296 0x1eb0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:12:22.0343 0x1eb0 PptpMiniport - ok
21:12:22.0374 0x1eb0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:12:22.0406 0x1eb0 Processor - ok
21:12:22.0437 0x1eb0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
21:12:22.0484 0x1eb0 ProfSvc - ok
21:12:22.0499 0x1eb0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:12:22.0499 0x1eb0 ProtectedStorage - ok
21:12:22.0562 0x1eb0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:12:22.0640 0x1eb0 Psched - ok
21:12:22.0749 0x1eb0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:12:22.0889 0x1eb0 ql2300 - ok
21:12:22.0920 0x1eb0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:12:22.0936 0x1eb0 ql40xx - ok
21:12:22.0967 0x1eb0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:12:23.0045 0x1eb0 QWAVE - ok
21:12:23.0061 0x1eb0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:12:23.0123 0x1eb0 QWAVEdrv - ok
21:12:23.0139 0x1eb0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:12:23.0186 0x1eb0 RasAcd - ok
21:12:23.0232 0x1eb0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:12:23.0279 0x1eb0 RasAgileVpn - ok
21:12:23.0310 0x1eb0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:12:23.0388 0x1eb0 RasAuto - ok
21:12:23.0420 0x1eb0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:12:23.0482 0x1eb0 Rasl2tp - ok
21:12:23.0513 0x1eb0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:12:23.0560 0x1eb0 RasMan - ok
21:12:23.0607 0x1eb0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:12:23.0669 0x1eb0 RasPppoe - ok
21:12:23.0700 0x1eb0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:12:23.0794 0x1eb0 RasSstp - ok
21:12:23.0856 0x1eb0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:12:23.0934 0x1eb0 rdbss - ok
21:12:23.0966 0x1eb0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:12:24.0028 0x1eb0 rdpbus - ok
21:12:24.0059 0x1eb0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:12:24.0137 0x1eb0 RDPCDD - ok
21:12:24.0153 0x1eb0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:12:24.0200 0x1eb0 RDPENCDD - ok
21:12:24.0215 0x1eb0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:12:24.0262 0x1eb0 RDPREFMP - ok
21:12:24.0309 0x1eb0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:12:24.0371 0x1eb0 RdpVideoMiniport - ok
21:12:24.0418 0x1eb0 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:12:24.0496 0x1eb0 RDPWD - ok
21:12:24.0543 0x1eb0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:12:24.0605 0x1eb0 rdyboost - ok
21:12:24.0761 0x1eb0 [ A6BAEA839CC888D4961AB5FE16BB8C4A, A3DD50446BEDAE38A3DA8AC9809F3BCE95EA418C2DEF5DB433DB614591C6B51B ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:12:24.0792 0x1eb0 RegSrvc - ok
21:12:24.0855 0x1eb0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:12:24.0948 0x1eb0 RemoteAccess - ok
21:12:24.0980 0x1eb0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:12:25.0104 0x1eb0 RemoteRegistry - ok
21:12:25.0136 0x1eb0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:12:25.0182 0x1eb0 RFCOMM - ok
21:12:25.0292 0x1eb0 [ 616F6E52CAE254727A886BA8EDA1BEEA, 537EE7A8959E4CBCD243C66A54AF64E5D48F9780893D8450A07645FC3DA61C0B ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:12:25.0323 0x1eb0 RichVideo - ok
21:12:25.0338 0x1eb0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:12:25.0401 0x1eb0 RpcEptMapper - ok
21:12:25.0432 0x1eb0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:12:25.0479 0x1eb0 RpcLocator - ok
21:12:25.0557 0x1eb0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:12:25.0604 0x1eb0 RpcSs - ok
21:12:25.0635 0x1eb0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:12:25.0728 0x1eb0 rspndr - ok
21:12:25.0744 0x1eb0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
21:12:25.0760 0x1eb0 SamSs - ok
21:12:25.0791 0x1eb0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:12:25.0853 0x1eb0 sbp2port - ok
21:12:25.0900 0x1eb0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:12:26.0009 0x1eb0 SCardSvr - ok
21:12:26.0040 0x1eb0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:12:26.0087 0x1eb0 scfilter - ok
21:12:26.0150 0x1eb0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:12:26.0243 0x1eb0 Schedule - ok
21:12:26.0274 0x1eb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:12:26.0306 0x1eb0 SCPolicySvc - ok
21:12:26.0337 0x1eb0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:12:26.0384 0x1eb0 SDRSVC - ok
21:12:26.0633 0x1eb0 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:12:26.0758 0x1eb0 SDScannerService - ok
21:12:26.0836 0x1eb0 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:12:26.0898 0x1eb0 SDUpdateService - ok
21:12:26.0945 0x1eb0 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:12:26.0961 0x1eb0 SDWSCService - ok
21:12:26.0992 0x1eb0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:12:27.0054 0x1eb0 secdrv - ok
21:12:27.0086 0x1eb0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:12:27.0132 0x1eb0 seclogon - ok
21:12:27.0164 0x1eb0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:12:27.0210 0x1eb0 SENS - ok
21:12:27.0226 0x1eb0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:12:27.0288 0x1eb0 SensrSvc - ok
21:12:27.0320 0x1eb0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:12:27.0351 0x1eb0 Serenum - ok
21:12:27.0382 0x1eb0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:12:27.0429 0x1eb0 Serial - ok
21:12:27.0476 0x1eb0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:12:27.0538 0x1eb0 sermouse - ok
21:12:27.0585 0x1eb0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:12:27.0663 0x1eb0 SessionEnv - ok
21:12:27.0678 0x1eb0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:12:27.0741 0x1eb0 sffdisk - ok
21:12:27.0756 0x1eb0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:12:27.0788 0x1eb0 sffp_mmc - ok
21:12:27.0788 0x1eb0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:12:27.0819 0x1eb0 sffp_sd - ok
21:12:27.0866 0x1eb0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:12:27.0928 0x1eb0 sfloppy - ok
21:12:28.0006 0x1eb0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:12:28.0084 0x1eb0 SharedAccess - ok
21:12:28.0146 0x1eb0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:12:28.0193 0x1eb0 ShellHWDetection - ok
21:12:28.0224 0x1eb0 [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
21:12:28.0256 0x1eb0 SiSGbeLH - ok
21:12:28.0271 0x1eb0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:12:28.0396 0x1eb0 SiSRaid2 - ok
21:12:28.0412 0x1eb0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:12:28.0521 0x1eb0 SiSRaid4 - ok
21:12:28.0599 0x1eb0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:12:28.0708 0x1eb0 SkypeUpdate - ok
21:12:28.0755 0x1eb0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:12:28.0848 0x1eb0 Smb - ok
21:12:28.0880 0x1eb0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:12:28.0895 0x1eb0 SNMPTRAP - ok
21:12:28.0926 0x1eb0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:12:28.0942 0x1eb0 spldr - ok
21:12:28.0989 0x1eb0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:12:29.0051 0x1eb0 Spooler - ok
21:12:29.0223 0x1eb0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:12:29.0441 0x1eb0 sppsvc - ok
21:12:29.0457 0x1eb0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:12:29.0504 0x1eb0 sppuinotify - ok
21:12:29.0566 0x1eb0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:12:29.0644 0x1eb0 srv - ok
21:12:29.0660 0x1eb0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:12:29.0722 0x1eb0 srv2 - ok
21:12:29.0769 0x1eb0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:12:29.0847 0x1eb0 srvnet - ok
21:12:29.0909 0x1eb0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:12:30.0003 0x1eb0 SSDPSRV - ok
21:12:30.0034 0x1eb0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:12:30.0096 0x1eb0 SstpSvc - ok
21:12:30.0112 0x1eb0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:12:30.0128 0x1eb0 stexstor - ok
21:12:30.0206 0x1eb0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:12:30.0315 0x1eb0 stisvc - ok
21:12:30.0362 0x1eb0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
21:12:30.0393 0x1eb0 swenum - ok
21:12:30.0518 0x1eb0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:12:30.0596 0x1eb0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:12:33.0185 0x1eb0 Detect skipped due to KSN trusted
21:12:33.0185 0x1eb0 SwitchBoard - ok
21:12:33.0310 0x1eb0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:12:33.0419 0x1eb0 swprv - ok
21:12:33.0544 0x1eb0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:12:33.0638 0x1eb0 SysMain - ok
21:12:33.0669 0x1eb0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:12:33.0747 0x1eb0 TabletInputService - ok
21:12:33.0794 0x1eb0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:12:33.0887 0x1eb0 TapiSrv - ok
21:12:33.0918 0x1eb0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:12:33.0981 0x1eb0 TBS - ok
21:12:34.0106 0x1eb0 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:12:34.0293 0x1eb0 Tcpip - ok
21:12:34.0402 0x1eb0 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:12:34.0480 0x1eb0 TCPIP6 - ok
21:12:34.0496 0x1eb0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:12:34.0527 0x1eb0 tcpipreg - ok
21:12:34.0558 0x1eb0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:12:34.0605 0x1eb0 TDPIPE - ok
21:12:34.0636 0x1eb0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:12:34.0683 0x1eb0 TDTCP - ok
21:12:34.0745 0x1eb0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:12:34.0870 0x1eb0 tdx - ok
21:12:34.0932 0x1eb0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
21:12:34.0964 0x1eb0 TermDD - ok
21:12:35.0010 0x1eb0 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
21:12:35.0120 0x1eb0 TermService - ok
21:12:35.0151 0x1eb0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:12:35.0198 0x1eb0 Themes - ok
21:12:35.0229 0x1eb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:12:35.0260 0x1eb0 THREADORDER - ok
21:12:35.0276 0x1eb0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:12:35.0322 0x1eb0 TrkWks - ok
21:12:35.0400 0x1eb0 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
21:12:35.0463 0x1eb0 truecrypt - ok
21:12:35.0541 0x1eb0 [ D5747C16225B4C7B0D04511DB0407544, 413AC0BF02EE3E4B93784DAA6F29BA41E569948D4B3A41AA1AB7E06720EBEBD5 ] Trufos C:\Windows\system32\DRIVERS\Trufos.sys
21:12:35.0603 0x1eb0 Trufos - ok
21:12:35.0650 0x1eb0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:12:35.0712 0x1eb0 TrustedInstaller - ok
21:12:35.0728 0x1eb0 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:12:35.0806 0x1eb0 tssecsrv - ok
21:12:35.0837 0x1eb0 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:12:35.0884 0x1eb0 TsUsbFlt - ok
21:12:35.0946 0x1eb0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:12:36.0009 0x1eb0 tunnel - ok
21:12:36.0056 0x1eb0 [ B355581A9DA34C92E2DBAFA410D2F829, 2EB97A055CB41898CA9FB7A58C6EEE5653CF18FD54123B346F8A664A3BE62874 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
21:12:36.0087 0x1eb0 TurboB - ok
21:12:36.0134 0x1eb0 [ 6564E84B1522C12EA1C3A181ED03276F, BADCCD3F28149427FEFCB0CF5011A87B0ED32752B81D211A9551983A4BD3699E ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:12:36.0165 0x1eb0 TurboBoost - ok
21:12:36.0180 0x1eb0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:12:36.0212 0x1eb0 uagp35 - ok
21:12:36.0243 0x1eb0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:12:36.0305 0x1eb0 udfs - ok
21:12:36.0336 0x1eb0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:12:36.0414 0x1eb0 UI0Detect - ok
21:12:36.0430 0x1eb0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:12:36.0446 0x1eb0 uliagpkx - ok
21:12:36.0492 0x1eb0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:12:36.0539 0x1eb0 umbus - ok
21:12:36.0586 0x1eb0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:12:36.0648 0x1eb0 UmPass - ok
21:12:36.0680 0x1eb0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:12:36.0777 0x1eb0 upnphost - ok
21:12:36.0808 0x1eb0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:12:36.0839 0x1eb0 usbccgp - ok
21:12:36.0901 0x1eb0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:12:36.0995 0x1eb0 usbcir - ok
21:12:37.0035 0x1eb0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:12:37.0063 0x1eb0 usbehci - ok
21:12:37.0115 0x1eb0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:12:37.0177 0x1eb0 usbhub - ok
21:12:37.0196 0x1eb0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:12:37.0245 0x1eb0 usbohci - ok
21:12:37.0265 0x1eb0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:12:37.0312 0x1eb0 usbprint - ok
21:12:37.0342 0x1eb0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:12:37.0390 0x1eb0 usbscan - ok
21:12:37.0416 0x1eb0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:12:37.0466 0x1eb0 USBSTOR - ok
21:12:37.0510 0x1eb0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:12:37.0567 0x1eb0 usbuhci - ok
21:12:37.0601 0x1eb0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:12:37.0654 0x1eb0 usbvideo - ok
21:12:37.0685 0x1eb0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:12:37.0759 0x1eb0 UxSms - ok
21:12:37.0778 0x1eb0 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
21:12:37.0791 0x1eb0 VaultSvc - ok
21:12:37.0804 0x1eb0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:12:37.0823 0x1eb0 vdrvroot - ok
21:12:37.0912 0x1eb0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:12:37.0959 0x1eb0 vds - ok
21:12:38.0006 0x1eb0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:12:38.0053 0x1eb0 vga - ok
21:12:38.0068 0x1eb0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:12:38.0131 0x1eb0 VgaSave - ok
21:12:38.0193 0x1eb0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:12:38.0271 0x1eb0 vhdmp - ok
21:12:38.0302 0x1eb0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:12:38.0349 0x1eb0 viaide - ok
21:12:38.0427 0x1eb0 [ C37CE43FB54066FFB540729C6E6E194E, EF96BFF5696C1BE3078B748CD08352773430C7042BE89E439EE67046E46D293B ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
21:12:38.0458 0x1eb0 VideAceWindowsService - ok
21:12:38.0474 0x1eb0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:12:38.0490 0x1eb0 volmgr - ok
21:12:38.0552 0x1eb0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:12:38.0599 0x1eb0 volmgrx - ok
21:12:38.0630 0x1eb0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:12:38.0692 0x1eb0 volsnap - ok
21:12:38.0708 0x1eb0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:12:38.0739 0x1eb0 vsmraid - ok
21:12:38.0864 0x1eb0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:12:39.0004 0x1eb0 VSS - ok
21:12:39.0036 0x1eb0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:12:39.0051 0x1eb0 vwifibus - ok
21:12:39.0082 0x1eb0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:12:39.0114 0x1eb0 vwififlt - ok
21:12:39.0129 0x1eb0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:12:39.0160 0x1eb0 vwifimp - ok
21:12:39.0223 0x1eb0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:12:39.0301 0x1eb0 W32Time - ok
21:12:39.0316 0x1eb0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:12:39.0363 0x1eb0 WacomPen - ok
21:12:39.0410 0x1eb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:12:39.0472 0x1eb0 WANARP - ok
21:12:39.0488 0x1eb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:12:39.0519 0x1eb0 Wanarpv6 - ok
21:12:39.0628 0x1eb0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:12:39.0847 0x1eb0 wbengine - ok
21:12:39.0878 0x1eb0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:12:39.0940 0x1eb0 WbioSrvc - ok
21:12:39.0972 0x1eb0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:12:40.0065 0x1eb0 wcncsvc - ok
21:12:40.0081 0x1eb0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:12:40.0143 0x1eb0 WcsPlugInService - ok
21:12:40.0159 0x1eb0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:12:40.0190 0x1eb0 Wd - ok
21:12:40.0252 0x1eb0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:12:40.0393 0x1eb0 Wdf01000 - ok
21:12:40.0408 0x1eb0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:12:40.0549 0x1eb0 WdiServiceHost - ok
21:12:40.0564 0x1eb0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:12:40.0596 0x1eb0 WdiSystemHost - ok
21:12:40.0642 0x1eb0 [ FE31110E39A0B11ABAE1BA43A2DC94F9, 5C520E0FB737A2113FB89F23FB1D36916980BBBD020638EEB04144C10A9D9522 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
21:12:40.0674 0x1eb0 wdkmd - ok
21:12:40.0720 0x1eb0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
21:12:40.0783 0x1eb0 WebClient - ok
21:12:40.0830 0x1eb0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:12:40.0939 0x1eb0 Wecsvc - ok
21:12:40.0954 0x1eb0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:12:41.0001 0x1eb0 wercplsupport - ok
21:12:41.0017 0x1eb0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:12:41.0064 0x1eb0 WerSvc - ok
21:12:41.0095 0x1eb0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:12:41.0142 0x1eb0 WfpLwf - ok
21:12:41.0204 0x1eb0 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
21:12:41.0251 0x1eb0 WimFltr - ok
21:12:41.0266 0x1eb0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:12:41.0298 0x1eb0 WIMMount - ok
21:12:41.0313 0x1eb0 WinDefend - ok
21:12:41.0344 0x1eb0 WinHttpAutoProxySvc - ok
21:12:41.0391 0x1eb0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:12:41.0485 0x1eb0 Winmgmt - ok
21:12:41.0594 0x1eb0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:12:41.0812 0x1eb0 WinRM - ok
21:12:41.0859 0x1eb0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:12:41.0937 0x1eb0 WinUsb - ok
21:12:42.0015 0x1eb0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:12:42.0078 0x1eb0 Wlansvc - ok
21:12:42.0140 0x1eb0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:12:42.0187 0x1eb0 wlcrasvc - ok
21:12:42.0358 0x1eb0 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:12:42.0452 0x1eb0 wlidsvc - ok
21:12:42.0483 0x1eb0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:12:42.0546 0x1eb0 WmiAcpi - ok
21:12:42.0592 0x1eb0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:12:42.0639 0x1eb0 wmiApSrv - ok
21:12:42.0670 0x1eb0 WMPNetworkSvc - ok
21:12:42.0702 0x1eb0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:12:42.0733 0x1eb0 WPCSvc - ok
21:12:42.0780 0x1eb0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:12:42.0811 0x1eb0 WPDBusEnum - ok
21:12:42.0842 0x1eb0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:12:42.0920 0x1eb0 ws2ifsl - ok
21:12:42.0936 0x1eb0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:12:42.0967 0x1eb0 wscsvc - ok
21:12:42.0998 0x1eb0 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
21:12:43.0045 0x1eb0 WSDPrintDevice - ok
21:12:43.0045 0x1eb0 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
21:12:43.0107 0x1eb0 WSDScan - ok
21:12:43.0107 0x1eb0 WSearch - ok
21:12:43.0248 0x1eb0 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
21:12:43.0357 0x1eb0 wuauserv - ok
21:12:43.0372 0x1eb0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:12:43.0419 0x1eb0 WudfPf - ok
21:12:43.0450 0x1eb0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:12:43.0497 0x1eb0 WUDFRd - ok
21:12:43.0528 0x1eb0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:12:43.0560 0x1eb0 wudfsvc - ok
21:12:43.0606 0x1eb0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:12:43.0700 0x1eb0 WwanSvc - ok
21:12:43.0731 0x1eb0 ================ Scan global ===============================
21:12:43.0762 0x1eb0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:12:43.0809 0x1eb0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:12:43.0840 0x1eb0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:12:43.0872 0x1eb0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:12:43.0903 0x1eb0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:12:43.0918 0x1eb0 [ Global ] - ok
21:12:43.0918 0x1eb0 ================ Scan MBR ==================================
21:12:43.0934 0x1eb0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:12:44.0355 0x1eb0 \Device\Harddisk0\DR0 - ok
21:12:44.0652 0x1eb0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:12:44.0964 0x1eb0 \Device\Harddisk1\DR1 - ok
21:12:44.0964 0x1eb0 ================ Scan VBR ==================================
21:12:44.0979 0x1eb0 [ 6306ACEC3A8A67633AD83C7B02F4ABF1 ] \Device\Harddisk0\DR0\Partition1
21:12:44.0979 0x1eb0 \Device\Harddisk0\DR0\Partition1 - ok
21:12:44.0995 0x1eb0 [ 1964274A02B80234D014AE140C84541B ] \Device\Harddisk0\DR0\Partition2
21:12:45.0010 0x1eb0 \Device\Harddisk0\DR0\Partition2 - ok
21:12:45.0010 0x1eb0 [ 6620C6BCA230987B4095337E6F58E069 ] \Device\Harddisk1\DR1\Partition1
21:12:45.0010 0x1eb0 \Device\Harddisk1\DR1\Partition1 - ok
21:12:45.0042 0x1eb0 [ C8E3C93D74C439FDEAC6E6993E7EAAF5 ] \Device\Harddisk1\DR1\Partition2
21:12:45.0057 0x1eb0 \Device\Harddisk1\DR1\Partition2 - ok
21:12:45.0057 0x1eb0 Waiting for KSN requests completion. In queue: 95
21:12:46.0071 0x1eb0 Waiting for KSN requests completion. In queue: 95
21:12:47.0085 0x1eb0 Waiting for KSN requests completion. In queue: 95
21:12:48.0130 0x1eb0 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x40000 ( disabled : updated )
21:12:48.0130 0x1eb0 AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareSecurityCenter.exe ( 11.1.5354.0 ), 0x41000 ( enabled : updated )
21:12:48.0130 0x1eb0 FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareSecurityCenter.exe ( 11.1.5354.0 ), 0x40010 ( disabled )
21:12:48.0130 0x1eb0 Win FW state via NFP2: enabled
21:12:50.0611 0x1eb0 ============================================================
21:12:50.0611 0x1eb0 Scan finished
21:12:50.0611 0x1eb0 ============================================================
21:12:50.0626 0x1f4c Detected object count: 0
21:12:50.0626 0x1f4c Actual detected object count: 0
|
|
08.04.2014, 12:13
| #4 |
| /// the machine /// TB-Ausbilder | Programme scheinen in Ordner "Program Data" verschoben zu sein - außerdem: Shared key to keep this from being removed with install/uninstall hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
WARNUNG an die MITLESER: 
Linear-Darstellung
