| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verdacht auf Virus, der das Internet mitnutztWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.01.2015, 17:16
| #1 |
 |  Verdacht auf Virus, der das Internet mitnutzt Hallo ihr Lieben. Seit gut 1 Monat wird in unserem Netzwerk (Familien-Netzwerk) das Internet permanent durch meinen PC (Windows 7 Betriebssystem) vollständig ausgelastet. Sobald ich mich mit einem Internetstick mit dem Fritz!Box-Rooter verbinde, geht die Datennutzung bei der Überprüfungsseite von Fritz!Box hoch. Über den normalen Programm-Deinstallieren Service lässt sich kein Unbekanntes Programm feststellen. Prozesse und Dienste beim Task-Manager zu überprüfen würde extrem lange brauchen, da ich jeden Windows service nachschauen müsste. Ich hoffe, ihr könnt mir helfen. Ich benutzte Das Anti-Viren-Programm Kaspersky. Log-Dateien, die in der Anleitung stehen, werde ich gerne auf Wunsch erstellen. (Ab morgen) Lg, Paul |
|
24.01.2015, 17:20
| #2 |
| /// the machine /// TB-Ausbilder    | Verdacht auf Virus, der das Internet mitnutzt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
24.01.2015, 18:10
| #3 |
| | Verdacht auf Virus, der das Internet mitnutzt Gesagt, Getan
__________________ FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Paul (administrator) on PAUL-PC on 24-01-2015 17:43:19
Running from C:\Users\Paul\Desktop
Loaded Profiles: Paul (Available profiles: Paul)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Vimicro Corporation) C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10tray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.82.106.0\OverwolfHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.82.106.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.82.106.0\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\Purplizer.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2010-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
HKLM-x32\...\Run: [VMonitorVMUVC] => C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [143360 2008-08-29] (Vimicro Corporation)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411976 2011-05-20] (H+H Software GmbH)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2010624 2013-07-20] (Dominik Reichl)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-06] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Google Update] => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Facebook Update] => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-27] (Facebook Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [ISUSPM Startup] => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-01-15] (Overwolf LTD)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2014-12-29] (SlySoft, Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Spotify] => C:\Users\Paul\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-16] (Spotify Ltd)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Spotify Web Helper] => C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-16] (Spotify Ltd)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\MountPoints2: O - O:\pushinst.exe
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\MountPoints2: {368d7ba8-43de-11e4-8ac6-82035530fe1d} - G:\pushinst.exe
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\MountPoints2: {8b1b3759-8166-11e2-bf60-bc05430144ab} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\MountPoints2: {bd118e0f-44ae-11e4-919a-dd5a564ade05} - O:\pushinst.exe
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000 -> {90C48AB7-731B-4A00-8D33-FF1BCF841C90} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=6FF0FD15-06D5-4611-AFED-C84960E51F20&apn_sauid=AE2103A7-0EEF-4E27-9B48-728A911912E4
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///D:/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///D:/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///D:/components/wmvhdrating.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Paul\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\user.js
FF Extension: Softonic Toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\Extensions\ffxtlbra@softonic.com [2012-02-25]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-21]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [Not Found]
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.youtube.com/", "https://soundcloud.com/"
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-08]
CHR Extension: (Adblock Plus) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-31]
CHR Extension: (Google-Suche) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-08]
CHR Extension: (Kaspersky Protection) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-21]
CHR Extension: (HTTP Switchboard) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghdpehejfekicfjcdbfofhcmnjhgaag [2015-01-09]
CHR Extension: (Google Wallet) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Blue Space Sunset Chrome Theme) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog [2013-09-19]
CHR Extension: (Google Mail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-08]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
StartMenuInternet: Google Chrome.77NF3QMOJ2JKXZ5OQSOMNEPPWE - C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Locked "vdrv1000" service was unlocked successfully. <===== ATTENTION
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] () [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-15] (Overwolf LTD)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2011-05-20] (H+H Software GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-02-29] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [227616 2013-12-13] (Dexetek )
S3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [File not signed]
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-02-29] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198784 2009-05-25] (Vimicro Corporation)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 17:43 - 2015-01-24 17:45 - 00030044 _____ () C:\Users\Paul\Desktop\FRST.txt
2015-01-24 17:43 - 2015-01-24 17:43 - 00000000 ____D () C:\FRST
2015-01-24 17:41 - 2015-01-24 17:41 - 02129920 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2015-01-24 14:11 - 2015-01-24 14:12 - 00001172 _____ () C:\Users\Paul\Desktop\OSCAR (D) 0 Bytes.lnk
2015-01-23 18:49 - 2015-01-23 18:49 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\xm1
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2015-01-23 14:55 - 2015-01-23 15:11 - 59582507 _____ () C:\Users\Paul\Desktop\texmakerwin32_441install.exe
2015-01-16 18:45 - 2015-01-16 18:45 - 00001606 _____ () C:\Users\Paul\Desktop\cheatengine-x86_64.exe - Verknüpfung.lnk
2015-01-16 18:05 - 2015-01-16 18:05 - 00001352 _____ () C:\Users\Paul\Desktop\isaac-ng.exe - Verknüpfung.lnk
2015-01-16 14:07 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 14:07 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 14:07 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 14:07 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 14:07 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 14:07 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 14:07 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 19:41 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 19:41 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:30 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:30 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 14:30 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 14:22 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:50 - 2015-01-13 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-13 20:42 - 2015-01-13 20:42 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-13 20:42 - 2015-01-13 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\Program Files\iTunes
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-13 20:41 - 2015-01-13 20:41 - 00000000 ____D () C:\Program Files\iPod
2015-01-11 13:48 - 2015-01-11 13:48 - 00000000 ____D () C:\Users\Paul\Desktop\Plugin programmieren
2015-01-10 19:11 - 2015-01-15 14:22 - 00000000 ____D () C:\Users\Paul\Desktop\Musik
2015-01-09 15:57 - 2015-01-09 15:59 - 09052432 _____ (Cheat Engine ) C:\Users\Paul\Desktop\CheatEngine64.exe
2015-01-09 15:07 - 2015-01-09 15:07 - 00000000 ____D () C:\Users\Paul\Desktop\rebirth-r26_b24
2015-01-09 15:06 - 2015-01-09 15:06 - 00163932 _____ () C:\Users\Paul\Desktop\rebirth-r26_b24.zip
2015-01-09 15:04 - 2015-01-09 15:04 - 00000000 ____D () C:\Users\Paul\Desktop\The Binding Of Isaac Rebirth
2014-12-28 16:58 - 2014-12-28 21:15 - 00000000 ____D () C:\Users\Paul\Documents\Die Kunst des Mordens – Der Marionettenspieler DE
2014-12-28 16:58 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-28 16:58 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-28 16:58 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-28 16:58 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-28 16:58 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-28 16:58 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-28 16:58 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-28 16:58 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-28 16:58 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-28 16:58 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-28 16:56 - 2014-12-28 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
2014-12-28 16:51 - 2014-12-28 16:51 - 00000000 ____D () C:\Program Files (x86)\City Interactive
2014-12-26 21:26 - 2014-12-26 21:26 - 00000012 _____ () C:\Users\Paul\Desktop\Zimmermann.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 17:45 - 2013-12-29 20:42 - 00000000 ____D () C:\Users\Paul\AppData\Local\Purplizer
2015-01-24 17:44 - 2012-02-23 14:52 - 01334096 _____ () C:\Windows\WindowsUpdate.log
2015-01-24 17:43 - 2012-02-24 14:29 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Skype
2015-01-24 17:30 - 2013-10-01 08:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-24 17:13 - 2012-03-08 16:39 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
2015-01-24 17:06 - 2012-06-22 12:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-24 16:20 - 2012-08-27 12:15 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
2015-01-24 15:42 - 2014-09-04 17:59 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\.minecraft
2015-01-24 14:21 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 14:21 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 14:19 - 2013-12-29 19:59 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-24 14:17 - 2013-03-19 20:42 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\TS3Client
2015-01-24 14:15 - 2014-11-04 17:44 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Spotify
2015-01-24 14:14 - 2013-12-29 19:36 - 00000000 ____D () C:\Users\Paul\AppData\Local\Overwolf
2015-01-24 14:14 - 2013-10-31 12:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-24 14:13 - 2012-09-25 12:45 - 00000000 ___RD () C:\Users\Paul\Dropbox
2015-01-24 14:13 - 2012-09-25 12:42 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Dropbox
2015-01-24 14:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-24 14:10 - 2009-07-14 05:51 - 00157882 _____ () C:\Windows\setupact.log
2015-01-23 22:36 - 2013-12-07 11:41 - 00000000 ___RD () C:\Users\Paul\Desktop\Programmieren
2015-01-23 14:08 - 2012-06-22 12:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 14:08 - 2012-04-06 10:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 14:08 - 2012-02-24 19:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 14:05 - 2014-11-04 17:48 - 00000000 ____D () C:\Users\Paul\AppData\Local\Spotify
2015-01-18 19:34 - 2013-09-20 21:26 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\vlc
2015-01-18 13:20 - 2012-08-27 12:15 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job
2015-01-18 11:26 - 2012-12-11 20:32 - 00000000 ____D () C:\Users\Paul\Documents\Weihnachten
2015-01-18 11:25 - 2014-12-13 10:16 - 00000000 ____D () C:\Users\Paul\Desktop\Weihnachtsvideo
2015-01-16 15:09 - 2013-08-14 14:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 15:02 - 2012-02-24 08:34 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 13:20 - 2013-05-27 07:33 - 00000000 ____D () C:\Users\Paul\AppData\Local\D04A5107-4C73-43E6-9E6B-93AC6F41156D.aplzod
2015-01-13 20:41 - 2014-09-30 18:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-13 20:41 - 2012-02-23 21:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-12 12:29 - 2014-09-18 17:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-12 12:29 - 2012-02-24 14:29 - 00000000 ____D () C:\ProgramData\Skype
2015-01-09 17:09 - 2014-11-30 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-01-09 17:09 - 2014-11-30 15:45 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 13:58 - 2012-03-28 19:57 - 00000000 ____D () C:\Users\Paul\AppData\Local\CrashDumps
2014-12-29 12:00 - 2013-06-30 08:59 - 00000000 ___RD () C:\Users\Paul\Desktop\Spiele
2014-12-28 16:58 - 2012-02-25 13:44 - 00552957 _____ () C:\Windows\DirectX.log
==================== Files in the root of some directories =======
2014-09-25 08:03 - 2014-09-25 08:03 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2014-09-25 08:03 - 2014-09-25 08:03 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2013-12-03 20:43 - 2013-12-03 21:13 - 0000132 _____ () C:\Users\Paul\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2013-09-16 20:42 - 2014-04-03 13:46 - 0000132 _____ () C:\Users\Paul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-09-29 09:12 - 2012-12-02 10:42 - 0002279 _____ () C:\Users\Paul\AppData\Roaming\SAS7_000.DAT
2013-01-29 13:27 - 2013-01-29 13:27 - 0000600 _____ () C:\Users\Paul\AppData\Roaming\winscp.rnd
2014-08-03 14:49 - 2014-08-03 14:58 - 0001456 _____ () C:\Users\Paul\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2012-02-24 14:16 - 2012-09-25 18:37 - 0007168 _____ () C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-07 11:14 - 2014-04-07 11:14 - 0000040 ___SH () C:\ProgramData\.zreglib
Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\bassmod.dll
C:\Users\Paul\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Paul\AppData\Local\Temp\drm_dyndata_7270006.dll
C:\Users\Paul\AppData\Local\Temp\drm_dyndata_7330014.dll
C:\Users\Paul\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\Paul\AppData\Local\Temp\drm_dyndata_7360011.dll
C:\Users\Paul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp4pcjb.dll
C:\Users\Paul\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Paul\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Paul\AppData\Local\Temp\EBU4398.EXE
C:\Users\Paul\AppData\Local\Temp\EBU6934.exe
C:\Users\Paul\AppData\Local\Temp\EBU6E7C.DLL
C:\Users\Paul\AppData\Local\Temp\hcwclear.exe
C:\Users\Paul\AppData\Local\Temp\i4jdel0.exe
C:\Users\Paul\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Paul\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Paul\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll
C:\Users\Paul\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-b3020jnks.dll
C:\Users\Paul\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Paul\AppData\Local\Temp\mixcraft6-b217-setup.exe
C:\Users\Paul\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\Paul\AppData\Local\Temp\npp.6.5.Installer.exe
C:\Users\Paul\AppData\Local\Temp\ose00000.exe
C:\Users\Paul\AppData\Local\Temp\readSTILog.dll
C:\Users\Paul\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Paul\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Paul\AppData\Local\Temp\SIntf16.dll
C:\Users\Paul\AppData\Local\Temp\SIntf32.dll
C:\Users\Paul\AppData\Local\Temp\SIntfNT.dll
C:\Users\Paul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Paul\AppData\Local\Temp\somoto-master.exe
C:\Users\Paul\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Paul\AppData\Local\Temp\tmp7879.exe
C:\Users\Paul\AppData\Local\Temp\tmp_minecraft.exe
C:\Users\Paul\AppData\Local\Temp\ubi6A2D.tmp.exe
C:\Users\Paul\AppData\Local\Temp\uninstall.exe
C:\Users\Paul\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Paul\AppData\Local\Temp\_is8B4E.exe
C:\Users\Paul\AppData\Local\Temp\_is8C76.exe
C:\Users\Paul\AppData\Local\Temp\_isCF11.exe
C:\Users\Paul\AppData\Local\Temp\_isE7CE.exe
C:\Users\Paul\AppData\Local\Temp\_isE98B.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-16 18:41
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Paul at 2015-01-24 17:45:52
Running from C:\Users\Paul\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acoustica Mixcraft 6 (HKLM-x32\...\Acoustica Mixcraft 6) (Version: b217 - Acoustica)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - )
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anvil Studio (HKLM-x32\...\{5B6833E3-BC2C-4C9C-ABEB-CC0A097D7008}) (Version: 14.09.08 - Willow Software)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.6.0 - SlySoft)
Apowersoft Gratis - Audiorekorder V2.1.7 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.1.7 - Apowersoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARIA Engine v1.0.9.8 (HKLM\...\ARIA Engine_is1) (Version: v1.0.9.8 - Plogue Art et Technologie, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8789EB72-635E-4A91-95DB-3FC11CBE7725}) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data) (Version: - )
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data) (Version: - )
Canon Easy-PhotoPrint Pro (HKLM-x32\...\Easy-PhotoPrint Pro) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MG6200 series Benutzerregistrierung (HKLM-x32\...\Canon MG6200 series Benutzerregistrierung) (Version: - )
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version: - )
Canon MG6200 series On-screen Manual (HKLM-x32\...\Canon MG6200 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
CodeBlocks (HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
Colin McRae Rally 04 (HKLM-x32\...\{F8718F95-21A1-44B9-97EC-679C93020BAE}) (Version: 1.00.000 - )
Craften Terminal 3.5.5 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
CrazyTalk v5.0 PRO (HKLM-x32\...\{2EB3B0AB-4FEB-4548-B7E7-7A0E73F69125}) (Version: 5.0.1506.2 - Reallusion)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Kunst des Mordens – Der Marionettenspieler (0.2.15.9637) (HKLM-x32\...\Die Kunst des Mordens – Der Marionettenspieler_is1) (Version: - City Interactive)
DIE SIEDLER - Das Erbe der Könige (Alle Produkte) (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Die Siedler II - Die nächste Generation (HKLM-x32\...\S2TNG) (Version: - )
Disney-Pixar Ratatouille (HKLM-x32\...\{B94C6815-7BCC-4124-AC39-9208A06FFFA7}) (Version: 1.00.0000 - THQ)
Dropbox (HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.01.14 - )
Fable - The Lost Chapters (HKLM-x32\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios)
Fable - The Lost Chapters (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Finale 2011 (HKLM-x32\...\Finale 2011) (Version: 2011.b.r2.0 - MakeMusic)
Findus2 (HKLM-x32\...\Findus2) (Version: - )
Findus4 (HKLM-x32\...\Findus4) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Funkyplot 1.1.0-pre1 (HKLM-x32\...\Funkyplot_is1) (Version: - LOGICIEL)
Garritan ARIA Player v1.03 (HKLM\...\__ARIA_1012___is1) (Version: v1.0.3.2 - Garritan)
Garritan-Instrumente für Finale (HKLM\...\__ARIA_1013___is1) (Version: v1.0.2.2 - Garritan)
GlassFish Server Open Source Edition 3.1.2.2 (HKLM\...\nbi-glassfish-mod-3.1.2.23.2) (Version: - )
Google Chrome (HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
HandBrake 0.9.8 (HKLM-x32\...\HandBrake) (Version: 0.9.8 - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iExplorer 2.2.1.3 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant, LLC)
Imperium Romanum 1.01 (HKLM-x32\...\Imperium Romanum) (Version: 1.01 - Kalypso Media)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java-Editor 12.6, 2013.12.07 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
KeePass Password Safe 2.23 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: - Dominik Reichl)
Kung Fu Panda(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Kung Fu Panda(TM)-Spiel (HKLM-x32\...\InstallShield_{48ADB3C0-18FB-4922-B172-7C8C4B99409C}) (Version: 1.00.0000 - Activision)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LIPA 3.2.1 (HKLM-x32\...\MAGLIPA_is1) (Version: - )
Lucky Luke (HKLM-x32\...\Lucky Luke) (Version: - )
MAGIX Screenshare (HKLM-x32\...\{B1FEBE01-42BB-4D05-8180-6C5ABD91E97E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{6FC5FA2A-1D40-41B9-920B-0F2A758E24A6}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 17 Premium (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_premium) (Version: 10.0.0.32 - MAGIX AG)
MAGIX Video deluxe 17 Premium (x32 Version: 10.0.0.32 - MAGIX AG) Hidden
MC-RP Setup (HKLM-x32\...\{0115E035-5A7B-4972-BC55-E639EE7E0749}) (Version: 2.1.0 - mc-rp)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version: - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Texturepack Editor (HKLM-x32\...\Minecraft Texturepack Editor) (Version: - )
Mozilla Firefox 24.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 de)) (Version: 17.0.8 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org)
NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.106.0 - Overwolf Ltd.)
Paranormal BETA_5 (HKLM-x32\...\Paranormal) (Version: BETA_5 - Matt Cohen)
PCR-Treiber (HKLM\...\RolandRDID0027) (Version: - Roland Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version: - )
PreSonus Studio One 2 (HKLM-x32\...\PreSonus Studio One 2) (Version: 2.6.0.24200 - PreSonus Audio Electronics)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.10 - ProtectDisc Software GmbH)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Rise of Nations Thrones and Patriots (HKLM-x32\...\RiseofNationsExpansion 1.0) (Version: - )
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Sam and Max - Season One 1.0 (HKLM-x32\...\Sam and Max - Season One) (Version: 1.0 - JoWooD Productions)
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolveigMM AVI Trimmer (HKLM-x32\...\SolveigMM AVI Trimmer) (Version: 2.0.1106.20 - Solveig Multimedia)
Spotify (HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
TERRATEC GRABBY PRO (HKLM-x32\...\{627040D4-C5C6-41F4-88B3-9BAE17F16D83}) (Version: 7.0.121.7 - TERRATEC)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Binding Of Isaac Version 1.0 (HKLM-x32\...\{66D8D1B9-0B6F-423F-950A-1E6B0B7482C4}_is1) (Version: 1.0 - Headup Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Uncraft ME ! (HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\bf5baca0b75c6ed4) (Version: 1.0.0.5 - Microsoft)
Unity (HKLM-x32\...\Unity) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Vimicro USB2.0 UVC PC Camera (HKLM-x32\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corp.)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.10.13 - H+H Software GmbH)
Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}) (Version: 10.00.800.228 - Nuance Communications Inc.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinSCP 5.1.2 (HKLM-x32\...\winscp3_is1) (Version: 5.1.2 - Martin Prikryl)
YTD Video Downloader 3.9.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL) <==== ATTENTION
Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Ultimate Collection (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1518553307-3788296194-4095220867-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
13-01-2015 14:23:04 Windows Update
14-01-2015 14:35:36 Windows Update
14-01-2015 22:25:25 Windows Update
16-01-2015 15:02:13 Windows Update
17-01-2015 20:55:16 Removed Bonjour
17-01-2015 20:56:49 TERRATEC GRABBY PRO (64Bit) wurde entfernt.
17-01-2015 20:58:08 Removed QuickTime 7
23-01-2015 16:04:13 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0060950A-BF55-4677-81E8-2FC95FCF4A36} - System32\Tasks\{4CB1C309-0CFB-4439-A8AF-FE8354B1D49D} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {02790CE7-FDFF-49E4-8C5B-FA5A1CFFE563} - System32\Tasks\{6E5449AA-0B0C-4E80-B9D2-E1BE5DC5FB90} => E:\Installiere Findus2.exe
Task: {02D776D8-628A-400A-AEAC-9B39AABBAE62} - System32\Tasks\{889CEE2F-F809-4C4C-87F8-553FCC79395F} => pcalua.exe -a C:\Users\Paul\Desktop\vcsetup.exe -d C:\Users\Paul\Desktop
Task: {05265209-B1BA-46B1-A32D-05CE20358CD2} - System32\Tasks\{F46489A8-093C-4C27-B0B8-4FC335FD680E} => C:\Users\Paul\Desktop\BIOS320.EXE
Task: {07202F20-4DF1-494D-AF3C-4B036672A67B} - System32\Tasks\{8C063DB4-8E54-401E-A127-923AD2E5CED5} => E:\autorun.exe
Task: {08A89295-8E62-415B-8D55-0F5621566ABF} - System32\Tasks\{2DB2124A-63EA-439A-A0E1-3F3A8E020972} => E:\autorun.exe
Task: {08CB0535-8E25-45F5-83E9-172EE46A13C6} - System32\Tasks\{B8C5C815-77F8-4788-A07A-AC3C00AB587E} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {0E1B43A9-4701-4201-9830-6D0B7A1579EE} - System32\Tasks\{DEAC81DF-F171-4316-8020-53F297057485} => E:\autorun.exe
Task: {0E1C9F80-EF3D-4306-9AB9-AE955B3B08B0} - System32\Tasks\{65F5B3A2-5A8B-4433-B93B-3A22D6895501} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {11FEA548-8807-4655-8DE1-6D2647CC8F43} - System32\Tasks\{88E399FA-6C17-4ED0-B46C-5EDB51ED58BC} => C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires2.exe [2006-10-11] (Microsoft Corporation)
Task: {15982553-552B-463A-8CD0-A1F72DFAF427} - System32\Tasks\{B7AC441C-86DC-4A37-9518-C34E8205E208} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {172759D9-F9FE-48FF-868D-1ADD187AB29B} - System32\Tasks\{F4EF9162-95D4-4E87-A5EE-B6A174076A12} => C:\Users\Paul\Desktop\BIOS320.EXE
Task: {18BF5F75-0D9A-48E0-B0D5-CE3CA26C657C} - System32\Tasks\{38F8AE2F-96AD-4F57-97DA-45CB2DC4D34E} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {1A56970C-3BAF-4627-9341-61C1CA6B9EEF} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {1C014C40-F8E9-4F73-AED0-7B22567FB1D2} - System32\Tasks\{D1D52521-2C91-4293-8026-22931FFBA210} => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe
Task: {1D6F98CE-6920-4F5A-A1D3-34F93AE47A4E} - System32\Tasks\{ED99AB3C-5F98-40ED-BAF8-7992A26B3F4A} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {1D91954C-E42E-4771-B795-2B762AB5D630} - System32\Tasks\{9038FF3C-B0E9-4B2D-A580-B23A21204D22} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {2343627C-7275-4492-91AB-DBCCBDE3B02C} - System32\Tasks\{032DEF5A-3512-49AF-B69D-A734366B1E14} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {2CAF2400-0790-4C18-A2E8-500D940C75A0} - System32\Tasks\{0EDCB66D-DBFE-4DFD-BC58-3B56890AFFB0} => C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe [2007-08-07] (Ensemble Studios)
Task: {2ED351E3-0C2A-4B0D-A687-225602684494} - System32\Tasks\{25294504-E710-4BF2-B807-7167DD34FD57} => E:\autorun.exe
Task: {30C8A5BA-ABE4-4496-8748-61CC1A626A5F} - System32\Tasks\{9B1714ED-0D75-42AF-9A9A-D0776C258CC0} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {319B4CDE-9D60-4A4D-A17D-860C42FB6A9D} - System32\Tasks\{35B6BBAE-5711-4DD9-89A4-783E9D36B2F5} => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe
Task: {32729D54-58DE-4457-9291-CF608E1AF14A} - System32\Tasks\{AFF0EC12-24D5-4C94-B53E-9EABADB2DB6C} => E:\setup.exe
Task: {339130FA-50D5-4BE8-A32A-32EE0F8E3EE5} - System32\Tasks\updater => C:\Program Files (x86)\MC-RP Setup\updater.exe [2014-01-03] (Caphyon LTD)
Task: {3435724D-567E-4F37-8458-F8F98058B271} - System32\Tasks\{F2104C6F-6843-47EE-96F7-9129614A78A4} => D:\setup.exe
Task: {35AD64D9-4C96-43C1-9992-C7091F71C163} - System32\Tasks\{FA741FB9-83BD-4C32-87C7-27384B632815} => E:\autorun.exe
Task: {39287CE0-A52A-4B25-B1AE-CB02C8D9D3F4} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\SlySoft\AnyDVD\ExecuteWithUAC.exe [2013-03-21] ()
Task: {3A9546CB-1130-4517-B1A8-C838D5E478B7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-27] (Facebook Inc.)
Task: {3AF15ADA-D105-43FD-BC08-F184622450DA} - System32\Tasks\{9C82EB71-9E4D-437D-8553-3992630DBAEA} => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe
Task: {3B1E338E-6A4C-47A3-9BB2-58490C69FC87} - System32\Tasks\{2C446E10-1709-48F3-AB3A-8F518177CFB5} => E:\autorun.exe
Task: {3C5FEFF9-05B7-4424-A61E-54E1CB6996CD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {49FA3C14-9263-409B-AF0B-D05E4D8EB2E6} - System32\Tasks\{30242983-7CD5-4B28-8A7B-4856FEE69299} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {4A016B56-B168-4B2B-9219-EEF05912D67F} - System32\Tasks\{8BD4F278-164B-4DD3-99F2-1B1F1ED54018} => pcalua.exe -a C:\Users\Paul\Desktop\FableDT_SkOssInO.exe -d C:\Users\Paul\Desktop
Task: {4C397F07-257C-4F14-B4ED-69F2D6B9DE4F} - System32\Tasks\{E92D7E65-A018-46A1-98B7-29EF2962A9CE} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {4ED837B6-DF16-4A18-B1AD-EFD7BCF840B7} - System32\Tasks\{07111C7F-CD3D-48D7-803F-0AB4A543D732} => D:\S4\Setup.exe
Task: {4F7CE0CC-0A5C-4FDE-A0A8-C59807A514E5} - System32\Tasks\{B1BD074A-72DA-482A-B09F-BAF1280DEFD7} => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe
Task: {5002F83B-4673-476E-B81D-BA9B324A8864} - System32\Tasks\{E091E35B-C68E-467C-96A7-E93EDF875CE5} => C:\Riot Games\League of Legends\lol.launcher.exe [2013-06-12] ()
Task: {5139C634-01E8-47BF-8234-F96BA75C1574} - System32\Tasks\{C85DBDEB-54A5-4532-98EF-992517523BC8} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/go/help.faq.installer?LastError=1618
Task: {5343C803-356D-40B4-9B9D-337F93FC1012} - System32\Tasks\{56190595-A721-4E68-9D1E-8FBDA0C0273B} => C:\Users\Paul\Desktop\BIOS320.EXE
Task: {54D9FA29-771A-46A6-9AA1-2CA6E2E9AA80} - System32\Tasks\{70C0255A-1DFB-4B3E-9733-B95D99B8002E} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {550A0A89-338A-44BD-8592-779D05CD5D52} - System32\Tasks\{06B2E517-9FCE-4EF7-94E5-60C8889D865A} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsProgressBar
Task: {55B482F1-1489-4D60-96C6-649E58A8A0F1} - System32\Tasks\{DF341FF7-6113-4957-A729-EB7C6EC49302} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {56BC389F-C1C5-485B-9881-539C81B17371} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-27] (Facebook Inc.)
Task: {59CAEEDE-B3AF-454A-84E0-5682289F9DDE} - System32\Tasks\{1D3BF728-9692-4AAA-857C-967D17858266} => pcalua.exe -a E:\Autorun.exe -d E:\
Task: {5C64EB94-819A-4D86-A83D-4ED2802CD2F9} - System32\Tasks\{29540777-63A0-42D0-895A-766FF870EA46} => pcalua.exe -a E:\setup.exe -d E:\
Task: {60E3F97E-69B0-4002-8020-350D9F7F056E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {62223208-A639-4000-8AB9-59F27E646860} - System32\Tasks\{CB31EA9B-753B-4835-8A0B-40E3E3588E49} => E:\autorun.exe
Task: {63B16A02-69B7-44B8-8615-514754207D35} - System32\Tasks\{CE029CEB-09C8-4581-9564-1E33C0E4F6BA} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {65B7EA45-0883-415F-966D-C13AD7C41A06} - System32\Tasks\{D32EFC2D-F3D0-43AE-B4F6-3ABAAA659E57} => E:\autorun.exe
Task: {6CE8B03A-4E5C-4ADA-B885-437978281AE2} - System32\Tasks\{64663F86-0BA1-4E3D-9F34-ECB58619F89C} => pcalua.exe -a C:\AVM\avm_fritz!wlan_usb_stick_x64_build_100906.exe -d C:\AVM
Task: {705E4B34-698A-4282-9149-C14DA576F0A4} - System32\Tasks\{D85EF45C-BD5D-4EC8-B109-5F45E372EFB1} => C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires2.exe [2006-10-11] (Microsoft Corporation)
Task: {7379F1C2-A756-407D-8B39-FF69713C36B7} - System32\Tasks\{0B73D47D-2DF5-40E8-9A3C-F0C4C864C67F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {76BAFC99-3D55-41FD-A08B-546CFE37B261} - System32\Tasks\{61BFD6FA-9571-4D75-B729-FB992EF74BCA} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {7A75EFC2-D4A1-4D9A-8200-9CD2B2163DD4} - System32\Tasks\{44E9C100-C3B9-4120-87F4-0F139D0D04C5} => E:\setup.exe
Task: {7ACAEF9B-DBFC-413D-9AFC-EF007A5836C7} - System32\Tasks\{15FBAC9E-AF54-4A6A-86BA-5921829E577F} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {7B9C6F52-318C-422A-85A1-A45266A19F5C} - System32\Tasks\{2723C2A3-9BD9-46D5-8722-B005062F4D6F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {91186A4A-4EC4-4B9C-A4D2-E10048953CA4} - System32\Tasks\{53CC2D0D-353F-408E-B169-B53DD98EDF2D} => C:\Program Files (x86)\Oetinger\Findus2\Findus2.exe [2004-01-23] (Macromedia, Inc.)
Task: {954FDD41-2E94-437E-88B4-9B459C97A1E7} - System32\Tasks\{A973043B-EBA5-4DCE-9FFC-EEE9163B3009} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {95E59775-192A-4B05-9A70-DBC5FB2CA46A} - System32\Tasks\{DFC84EE0-76C0-4071-9896-2A02C296FC10} => C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires2.exe [2006-10-11] (Microsoft Corporation)
Task: {96658268-4879-4411-AC9A-FFA413E48001} - System32\Tasks\{C3949D6C-D37E-4249-9889-DA0A8E8C1519} => pcalua.exe -a E:\setup.exe -d E:\
Task: {97140E55-F974-4A4F-B23E-0FFF5A77906B} - System32\Tasks\{20D3E172-10F8-4B5B-B3AA-F66A8B48828A} => C:\Users\Paul\Desktop\evasi0n7.exe
Task: {9916494A-6A2E-4A16-938C-8D947C868560} - System32\Tasks\{18B1AEDC-1D0E-4375-BC1B-907DD795614B} => E:\AOESETUP.EXE
Task: {99212A03-CCF2-45DD-A1C4-86A883350E84} - System32\Tasks\{A79EA98C-977D-44A7-AEA5-F0AAAD61F065} => C:\Users\Paul\Desktop\BIOS320.EXE
Task: {997D80CE-7A57-401A-9C9E-6617CB6AFB1A} - System32\Tasks\{41CDE727-CA66-4230-9B07-EBF8B96FA42D} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {9E92CD2D-E458-4362-A59B-4B8C42D88ADE} - System32\Tasks\{EF7F5FCA-5F98-44B7-9F0D-BF6A23E005ED} => C:\Program Files (x86)\Oetinger\Findus2\Findus2.exe [2004-01-23] (Macromedia, Inc.)
Task: {9EB0B551-678C-4AA7-A832-897428017A16} - System32\Tasks\{F2C3D54B-5F22-4121-B2BC-65F26753C001} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {9F823C81-7012-4315-A4A5-F27F250F931B} - System32\Tasks\{83EF1D3C-1B82-4C55-930A-2B2167276B74} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin
Task: {A7E4C449-BEC6-4862-B438-292B6ADC2E8B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A9D63C4E-ACC2-4711-B357-013FD767E2C9} - System32\Tasks\{B8312D2F-E760-4163-98FB-7E46CD656926} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {AA3C0599-6E52-45F2-9E8E-4FA7BABC0933} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {AB7FECAE-51BD-4473-83AD-A9A7CB1B99B5} - System32\Tasks\{92AD0207-6B4C-4D98-8E34-00803E54418A} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B3F5FFC6-E35E-4CB8-8953-7E436DB86F1C} - System32\Tasks\{ACB4A386-F9FF-4AD2-B11B-9318438D1F46} => E:\setup.exe
Task: {C026ED1D-3CEA-4E2B-B9BC-9FDC438AD4FA} - System32\Tasks\{B9112A49-94EE-43B7-AFA4-B4B3D0ED4742} => E:\setup.exe
Task: {C201BE70-3686-48EA-9C4E-CD93BB7E85CB} - System32\Tasks\{626A9405-DC7A-4FF5-BA81-58227701989A} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {C2497184-C0E4-4A55-BCDE-A870843A8B29} - System32\Tasks\{1D12C557-FB31-4DBA-8F8C-82F594891390} => C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe [2005-10-18] (Firaxis Games)
Task: {C670C955-E51E-437B-8F8E-DAA506169C47} - System32\Tasks\{2C351A74-9AC6-41D1-A1B3-515402B17143} => pcalua.exe -a "C:\Program Files (x86)\The Elder Scrolls V Skyrim\VCRedist\vcredist_x86.exe" -d "C:\Program Files (x86)\The Elder Scrolls V Skyrim\VCRedist"
Task: {C69FD088-C03F-4E59-B049-A2E2050D3413} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.00.91\AsLoader.exe [2012-02-24] ()
Task: {C98E2089-B371-40D2-AD43-2F9DEC9FD9AD} - System32\Tasks\{56303B8B-455B-4C03-B9DA-01359D8EA50C} => E:\setup.exe
Task: {CC8896BB-F64B-42EC-BEFD-DAF7FEB7140D} - System32\Tasks\{5ED3CB70-8C50-43CF-85BD-214A83BBE010} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {CEC6E1CF-5F15-4459-9E81-78FD896ADCFA} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2009-05-25] ()
Task: {D08EDD47-6551-4CBE-B106-40B2CF3844A5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D6F8F8AD-E94F-4470-AA76-F8E2865FEB79} - System32\Tasks\{4142DE6C-A351-41AA-A2F9-545521C0BA05} => E:\autorun.exe
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E358F7CD-FDC3-4024-A606-4AADC89B3725} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {EBF199D7-462D-43B5-B96F-9F33B1A97E61} - System32\Tasks\{10FB636F-4D29-4B67-8DAD-C891429879CC} => C:\Users\Paul\Desktop\evasi0n7.exe
Task: {EDC8B667-08EE-4D95-9652-A357845E3B33} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-15] (Overwolf LTD)
Task: {F0DB1279-1839-499C-830D-E729BA59698C} - System32\Tasks\{59474E73-0B76-401F-84A4-C2803AAE7796} => E:\autorun.exe
Task: {F4299EF0-D13E-446B-A31B-80D9EDDB2042} - System32\Tasks\{CD81D1BB-4284-437F-AB16-6900551845A6} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {F75E0D55-D351-490C-A60C-7307902D487C} - System32\Tasks\{EAFA050C-DA13-48EC-A5E5-E05C752787D3} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-06-08] (Bethesda Softworks)
Task: {F8AEF80A-F584-496D-9445-95B0BD977B55} - System32\Tasks\{C9E499AE-9EF6-4811-8A38-2E1E2A5851FB} => C:\Users\Paul\Desktop\BIOS320.EXE
Task: {FA548AE1-45E6-42DA-BFA9-2F880EA01BC8} - System32\Tasks\{15541FC0-A9CB-4279-9313-BB7C0ED2E51F} => E:\Installiere Findus2.exe
Task: {FA861767-5802-4FC1-A15E-6CBC3168C29D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {FEAEB24D-1314-4E59-8483-9D143F6FCA6F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job => C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job => C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\updater.job => C:\Program Files (x86)\MC-RP Setup\updater.exe
==================== Loaded Modules (whitelisted) =============
2012-02-24 09:05 - 2009-04-02 12:27 - 00090112 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
2012-02-24 09:05 - 2009-05-25 10:33 - 06017024 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
2012-02-24 21:26 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 14:00 - 2014-03-06 14:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2012-02-24 09:05 - 2009-04-22 20:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\ASUSSERVICE.DLL
2012-02-24 09:05 - 2009-04-20 13:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\pngio.dll
2012-02-24 09:05 - 2009-04-20 13:55 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-6 Engine\AsSpindownTimeout.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\CoreAudioApi.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 38713856 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\libcef.DLL
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Paul\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-24 14:12 - 2015-01-24 14:12 - 00043008 _____ () c:\users\paul\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp4pcjb.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Paul\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Paul\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Paul\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-02-23 18:52 - 2006-06-09 15:20 - 00003072 _____ () C:\Windows\system32\CTXFIGER.DLL
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-05-15 13:40 - 2008-08-18 15:08 - 00050688 _____ () C:\Program Files (x86)\Virtual CD v10\System\ogg.dll
2012-05-15 13:40 - 2008-08-18 15:11 - 01237504 _____ () C:\Program Files (x86)\Virtual CD v10\System\vorbis.dll
2012-02-23 18:52 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-09-05 12:19 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-05 12:19 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-05 12:19 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-05 12:19 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-10-24 09:45 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-24 14:12 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-24 14:12 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-24 14:12 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-24 09:32 - 2015-01-23 23:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-05 12:19 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-10-30 11:25 - 2015-01-23 23:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-10-23 12:07 - 2015-01-16 00:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00514528 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\libglesv2.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00105952 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\libegl.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 01274655 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libxml2-2.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00100352 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\zlib1.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00028160 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libssp-0.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00373657 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\libmsn.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00021337 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\libxmpp.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00415553 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libjabber.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00190464 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libsasl.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00022832 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\libyahoo.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00228908 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libymsg.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00027811 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\ssl-nss.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00012004 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\ssl.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00140288 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\sasl2\saslDIGESTMD5.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00102912 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\sasl2\saslPLAIN.dll
2015-01-15 10:04 - 2015-01-15 10:04 - 00425984 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\sqlite3.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:F35A93AD
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1518553307-3788296194-4095220867-500 - Administrator - Disabled)
Gast (S-1-5-21-1518553307-3788296194-4095220867-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1518553307-3788296194-4095220867-1002 - Limited - Enabled)
Paul (S-1-5-21-1518553307-3788296194-4095220867-1000 - Administrator - Enabled) => C:\Users\Paul
==================== Faulty Device Manager Devices =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/24/2015 04:20:19 PM) (Source: Google Update) (EventID: 20) (User: Paul-PC)
Description: Network Request Error.
Error: 0x8004212e. Http status code: 302.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x
Error: (01/24/2015 02:12:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 02:10:59 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/23/2015 10:20:05 PM) (Source: Google Update) (EventID: 20) (User: Paul-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (01/23/2015 07:20:05 PM) (Source: Google Update) (EventID: 20) (User: Paul-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (01/23/2015 02:10:39 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (01/23/2015 02:02:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/23/2015 02:01:07 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/18/2015 07:20:05 PM) (Source: Google Update) (EventID: 20) (User: Paul-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (01/18/2015 04:20:18 PM) (Source: Google Update) (EventID: 20) (User: Paul-PC)
Description: Network Request Error.
Error: 0x8004212e. Http status code: 302.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x
System errors:
=============
Error: (01/24/2015 02:14:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/24/2015 02:14:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/24/2015 02:12:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/24/2015 02:10:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (01/23/2015 10:39:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/23/2015 02:06:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (01/23/2015 02:06:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (01/23/2015 02:02:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/23/2015 02:01:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (01/18/2015 09:56:53 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (03/20/2014 04:41:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2360 seconds with 1920 seconds of active time. This session ended with a crash.
Error: (09/25/2012 00:20:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q9650 @ 3.00GHz
Percentage of memory in use: 56%
Total physical RAM: 6143.05 MB
Available physical RAM: 2641.64 MB
Total Pagefile: 12284.29 MB
Available Pagefile: 8438.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:736.2 GB) (Free:352.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (OSCAR) (CDROM) (Total:4.27 GB) (Free:0 GB) UDF
Drive f: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive n: (My Book 3.0) (Fixed) (Total:1863.01 GB) (Free:1381.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 639A1147)
Partition 1: (Active) - (Size=736.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0002EC8D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
25.01.2015, 08:22
| #4 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus, der das Internet mitnutzt Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.01.2015, 12:30
| #5 |
| | Verdacht auf Virus, der das Internet mitnutzt Malwarebytes Anti-Rootkit 1. LogDatei (1. Scan) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.01.25.06
rootkit: v2015.01.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Paul :: PAUL-PC [administrator]
25.01.2015 11:02:07
mbar-log-2015-01-25 (11-02-07).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 368870
Time elapsed: 24 minute(s), 24 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Windows\SysWOW64\H@tKeysH@@k.DLL (HackTool.HotKeyHook) -> Delete on reboot. [e4b68279ccbdff377dd850740cf4c33d]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.01.25.06
rootkit: v2015.01.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Paul :: PAUL-PC [administrator]
25.01.2015 11:35:20
mbar-log-2015-01-25 (11-35-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 368876
Time elapsed: 21 minute(s), 51 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
25.01.2015, 12:31
| #6 |
| | Verdacht auf Virus, der das Internet mitnutzt TDSSKiller Code:
ATTFilter 12:22:05.0973 0x1544 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:22:13.0842 0x1544 ============================================================
12:22:13.0842 0x1544 Current date / time: 2015/01/25 12:22:13.0842
12:22:13.0842 0x1544 SystemInfo:
12:22:13.0842 0x1544
12:22:13.0842 0x1544 OS Version: 6.1.7601 ServicePack: 1.0
12:22:13.0842 0x1544 Product type: Workstation
12:22:13.0843 0x1544 ComputerName: PAUL-PC
12:22:13.0843 0x1544 UserName: Paul
12:22:13.0843 0x1544 Windows directory: C:\Windows
12:22:13.0843 0x1544 System windows directory: C:\Windows
12:22:13.0843 0x1544 Running under WOW64
12:22:13.0843 0x1544 Processor architecture: Intel x64
12:22:13.0843 0x1544 Number of processors: 4
12:22:13.0843 0x1544 Page size: 0x1000
12:22:13.0843 0x1544 Boot type: Normal boot
12:22:13.0843 0x1544 ============================================================
12:22:15.0648 0x1544 KLMD registered as C:\Windows\system32\drivers\91634602.sys
12:22:15.0952 0x1544 System UUID: {452A613B-7B89-D48E-BB9D-34B44B34754D}
12:22:16.0484 0x1544 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:22:16.0490 0x1544 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:22:31.0112 0x1544 ============================================================
12:22:31.0112 0x1544 \Device\Harddisk0\DR0:
12:22:31.0139 0x1544 MBR partitions:
12:22:31.0139 0x1544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5C065982
12:22:31.0139 0x1544 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5C066000, BlocksNum 0x186A0000
12:22:31.0139 0x1544 \Device\Harddisk1\DR1:
12:22:31.0151 0x1544 MBR partitions:
12:22:31.0151 0x1544 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
12:22:31.0151 0x1544 ============================================================
12:22:31.0184 0x1544 C: <-> \Device\Harddisk0\DR0\Partition1
12:22:31.0202 0x1544 N: <-> \Device\Harddisk1\DR1\Partition1
12:22:31.0230 0x1544 F: <-> \Device\Harddisk0\DR0\Partition2
12:22:31.0230 0x1544 ============================================================
12:22:31.0230 0x1544 Initialize success
12:22:31.0230 0x1544 ============================================================
12:22:35.0024 0x1b50 ============================================================
12:22:35.0025 0x1b50 Scan started
12:22:35.0025 0x1b50 Mode: Manual;
12:22:35.0025 0x1b50 ============================================================
12:22:35.0025 0x1b50 KSN ping started
12:22:38.0958 0x1b50 KSN ping finished: true
12:22:40.0823 0x1b50 ================ Scan system memory ========================
12:22:40.0823 0x1b50 System memory - ok
12:22:40.0823 0x1b50 ================ Scan services =============================
12:22:40.0929 0x1b50 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:22:40.0937 0x1b50 1394ohci - ok
12:22:41.0013 0x1b50 [ CF43E9BAEBD41844856D14DBE9C07CD7, C8DE2166B91F74B50EB20D7B588CC7CAAC29F0427D3012140BB7D56A3F4B3450 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
12:22:41.0034 0x1b50 acedrv11 - ok
12:22:41.0057 0x1b50 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:22:41.0064 0x1b50 ACPI - ok
12:22:41.0087 0x1b50 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:22:41.0089 0x1b50 AcpiPmi - ok
12:22:41.0191 0x1b50 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:22:41.0193 0x1b50 AdobeARMservice - ok
12:22:41.0436 0x1b50 [ 73F937DCC68E13C752D59FE33BE62FC5, 60F6ED81FCB3655372A87311296E79139F9FA41B7A1473F54422EAD2C592C04C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:22:41.0445 0x1b50 AdobeFlashPlayerUpdateSvc - ok
12:22:41.0481 0x1b50 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:22:41.0508 0x1b50 adp94xx - ok
12:22:41.0529 0x1b50 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:22:41.0546 0x1b50 adpahci - ok
12:22:41.0566 0x1b50 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:22:41.0572 0x1b50 adpu320 - ok
12:22:41.0597 0x1b50 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:22:41.0600 0x1b50 AeLookupSvc - ok
12:22:41.0658 0x1b50 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:22:41.0683 0x1b50 AFD - ok
12:22:41.0698 0x1b50 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:22:41.0702 0x1b50 agp440 - ok
12:22:41.0736 0x1b50 [ A41B855EDC1F141851E27F984827942C, 7BCB8C5962BED2C773CDD05BBA34F00502BB6844B9F5C83A173399CFFA8F8CDE ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
12:22:41.0737 0x1b50 AiCharger - ok
12:22:41.0750 0x1b50 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:22:41.0754 0x1b50 ALG - ok
12:22:41.0781 0x1b50 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:22:41.0783 0x1b50 aliide - ok
12:22:41.0833 0x1b50 [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:22:41.0841 0x1b50 AMD External Events Utility - ok
12:22:41.0863 0x1b50 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:22:41.0865 0x1b50 amdide - ok
12:22:41.0878 0x1b50 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:22:41.0881 0x1b50 AmdK8 - ok
12:22:42.0206 0x1b50 [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:22:42.0512 0x1b50 amdkmdag - ok
12:22:42.0586 0x1b50 [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:22:42.0608 0x1b50 amdkmdap - ok
12:22:42.0621 0x1b50 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:22:42.0623 0x1b50 AmdPPM - ok
12:22:42.0651 0x1b50 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:22:42.0655 0x1b50 amdsata - ok
12:22:42.0672 0x1b50 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:22:42.0679 0x1b50 amdsbs - ok
12:22:42.0688 0x1b50 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:22:42.0690 0x1b50 amdxata - ok
12:22:42.0764 0x1b50 [ 4D8EBB1749651A5BAF59EB89878B2EE4, EE1DE79F078D60978219EEECB29520D6BC035D69A3D5C86C232BA1B92F55577D ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
12:22:42.0771 0x1b50 AnyDVD - ok
12:22:42.0800 0x1b50 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:22:42.0803 0x1b50 AppID - ok
12:22:42.0814 0x1b50 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:22:42.0817 0x1b50 AppIDSvc - ok
12:22:42.0849 0x1b50 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:22:42.0853 0x1b50 Appinfo - ok
12:22:42.0938 0x1b50 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:22:42.0940 0x1b50 Apple Mobile Device - ok
12:22:42.0964 0x1b50 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:22:42.0971 0x1b50 AppMgmt - ok
12:22:42.0982 0x1b50 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:22:42.0986 0x1b50 arc - ok
12:22:42.0999 0x1b50 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:22:43.0003 0x1b50 arcsas - ok
12:22:43.0059 0x1b50 [ 3B52CA3643113058ED95097CBA4AE469, 3116728826AF50FEB1FC17A1BC390982DB2A226990763C73D7854CFCA7D6B5BB ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe
12:22:43.0074 0x1b50 asHmComSvc - ok
12:22:43.0091 0x1b50 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:22:43.0093 0x1b50 AsIO - ok
12:22:43.0188 0x1b50 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:22:43.0192 0x1b50 aspnet_state - ok
12:22:43.0228 0x1b50 [ E781164C7D47950E3D218C84B2901CB2, D9A62D28DFE41E34C3D9F3F53722F7DE419D709E9D1FC4B8CDFC970ADC1A8FC9 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
12:22:43.0232 0x1b50 AsSysCtrlService - ok
12:22:43.0255 0x1b50 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:22:43.0258 0x1b50 AsyncMac - ok
12:22:43.0283 0x1b50 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:22:43.0284 0x1b50 atapi - ok
12:22:43.0310 0x1b50 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:22:43.0314 0x1b50 AtiHDAudioService - ok
12:22:43.0350 0x1b50 [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
12:22:43.0354 0x1b50 atksgt - ok
12:22:43.0405 0x1b50 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:22:43.0429 0x1b50 AudioEndpointBuilder - ok
12:22:43.0455 0x1b50 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:22:43.0465 0x1b50 AudioSrv - ok
12:22:43.0547 0x1b50 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
12:22:43.0564 0x1b50 AVM WLAN Connection Service - ok
12:22:43.0592 0x1b50 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
12:22:43.0594 0x1b50 avmeject - ok
12:22:43.0677 0x1b50 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
12:22:43.0682 0x1b50 AVP15.0.0 - ok
12:22:43.0707 0x1b50 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:22:43.0712 0x1b50 AxInstSV - ok
12:22:43.0740 0x1b50 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:22:43.0763 0x1b50 b06bdrv - ok
12:22:43.0783 0x1b50 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:22:43.0791 0x1b50 b57nd60a - ok
12:22:43.0809 0x1b50 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:22:43.0813 0x1b50 BDESVC - ok
12:22:43.0824 0x1b50 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:22:43.0826 0x1b50 Beep - ok
12:22:43.0864 0x1b50 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:22:43.0890 0x1b50 BFE - ok
12:22:43.0933 0x1b50 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:22:43.0967 0x1b50 BITS - ok
12:22:43.0978 0x1b50 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:22:43.0980 0x1b50 blbdrive - ok
12:22:44.0014 0x1b50 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:22:44.0049 0x1b50 bowser - ok
12:22:44.0070 0x1b50 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:22:44.0072 0x1b50 BrFiltLo - ok
12:22:44.0079 0x1b50 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:22:44.0081 0x1b50 BrFiltUp - ok
12:22:44.0096 0x1b50 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:22:44.0101 0x1b50 Browser - ok
12:22:44.0117 0x1b50 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:22:44.0126 0x1b50 Brserid - ok
12:22:44.0136 0x1b50 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:22:44.0139 0x1b50 BrSerWdm - ok
12:22:44.0147 0x1b50 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:22:44.0149 0x1b50 BrUsbMdm - ok
12:22:44.0157 0x1b50 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:22:44.0159 0x1b50 BrUsbSer - ok
12:22:44.0251 0x1b50 [ 8779C3C1A4BF6526F8655D07B736E60B, 02F6A33355C348A49EA7CE84B644CB7CA7A201FC4D7B371EEE3CDAD5CB3AD5B2 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
12:22:44.0275 0x1b50 BstHdAndroidSvc - ok
12:22:44.0369 0x1b50 [ A2552839132B07E223F6027B9BB277CC, D929F5E8348E5A45CF75562D653EA7D68803FCE948566C58C8384F58E6CACBF6 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
12:22:44.0373 0x1b50 BstHdDrv - ok
12:22:44.0421 0x1b50 [ D4D0C20A704E7F2461972D4B09C99B2F, F80BBCB9604CF1956DBE8F200EB96603E9573D55C4FB31B42DAD877852E93CEF ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
12:22:44.0430 0x1b50 BstHdLogRotatorSvc - ok
12:22:44.0461 0x1b50 [ 253D86E6CEEFB5828C3DFF14D855E6C6, AFB750345809D1E0EBDC7BC24B05B0A08F0F576586CB2AF0E58C7DA7195FA45B ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
12:22:44.0473 0x1b50 BstHdUpdaterSvc - ok
12:22:44.0492 0x1b50 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:22:44.0495 0x1b50 BTHMODEM - ok
12:22:44.0511 0x1b50 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:22:44.0514 0x1b50 bthserv - ok
12:22:44.0524 0x1b50 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:22:44.0527 0x1b50 cdfs - ok
12:22:44.0542 0x1b50 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:22:44.0547 0x1b50 cdrom - ok
12:22:44.0560 0x1b50 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:22:44.0563 0x1b50 CertPropSvc - ok
12:22:44.0576 0x1b50 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:22:44.0579 0x1b50 circlass - ok
12:22:44.0599 0x1b50 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:22:44.0615 0x1b50 CLFS - ok
12:22:44.0664 0x1b50 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:22:44.0668 0x1b50 clr_optimization_v2.0.50727_32 - ok
12:22:44.0709 0x1b50 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:22:44.0713 0x1b50 clr_optimization_v2.0.50727_64 - ok
12:22:44.0788 0x1b50 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:22:44.0792 0x1b50 clr_optimization_v4.0.30319_32 - ok
12:22:44.0809 0x1b50 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:22:44.0814 0x1b50 clr_optimization_v4.0.30319_64 - ok
12:22:44.0823 0x1b50 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:22:44.0825 0x1b50 CmBatt - ok
12:22:44.0854 0x1b50 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:22:44.0856 0x1b50 cmdide - ok
12:22:44.0903 0x1b50 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:22:44.0928 0x1b50 CNG - ok
12:22:44.0941 0x1b50 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:22:44.0944 0x1b50 Compbatt - ok
12:22:44.0956 0x1b50 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:22:44.0959 0x1b50 CompositeBus - ok
12:22:44.0963 0x1b50 COMSysApp - ok
12:22:44.0974 0x1b50 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:22:44.0976 0x1b50 crcdisk - ok
12:22:45.0016 0x1b50 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:22:45.0019 0x1b50 Creative Audio Engine Licensing Service - ok
12:22:45.0054 0x1b50 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:22:45.0061 0x1b50 CryptSvc - ok
12:22:45.0089 0x1b50 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:22:45.0115 0x1b50 CSC - ok
12:22:45.0145 0x1b50 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:22:45.0175 0x1b50 CscService - ok
12:22:45.0204 0x1b50 [ 229E3B8F266ABDAFD54E4A372B9D5DDC, 2FA1518C12D6DB71FD88CE18BA0560D8D26379A3B97240187AA2F7FB7D3FAA87 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
12:22:45.0211 0x1b50 CT20XUT - ok
12:22:45.0223 0x1b50 [ 229E3B8F266ABDAFD54E4A372B9D5DDC, 2FA1518C12D6DB71FD88CE18BA0560D8D26379A3B97240187AA2F7FB7D3FAA87 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
12:22:45.0228 0x1b50 CT20XUT.SYS - ok
12:22:45.0254 0x1b50 [ EB3843A91A10150C9E05607CBCB44090, DCFA097E089A3710AD352373C3CC3484F2461D86AB53561618406815928C0227 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
12:22:45.0276 0x1b50 ctac32k - ok
12:22:45.0306 0x1b50 [ BC06EFB59A2316537765462DFE40F764, EE4D439D659C4D12195202841F5CBD0C4F1529FBCD2DA73BE90D2F24300478C3 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
12:22:45.0333 0x1b50 ctaud2k - ok
12:22:45.0371 0x1b50 [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
12:22:45.0381 0x1b50 CTAudSvcService - ok
12:22:45.0436 0x1b50 [ 63B2B6CE9D3EF182981FB64BD5433DA4, D2ED11E38F3FD852844C2B184B903FBF1AE14EE93339114EAADBBA88A4AEDD9B ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
12:22:45.0479 0x1b50 CTEXFIFX - ok
12:22:45.0527 0x1b50 [ 63B2B6CE9D3EF182981FB64BD5433DA4, D2ED11E38F3FD852844C2B184B903FBF1AE14EE93339114EAADBBA88A4AEDD9B ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
12:22:45.0548 0x1b50 CTEXFIFX.SYS - ok
12:22:45.0563 0x1b50 [ 6D115CC80873B85FD80DDA1C41F75A2C, DF08AB8B2C621473E6B373159D57F365077738BFCE3C75D095FFBE44A271F591 ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
12:22:45.0567 0x1b50 CTHWIUT - ok
12:22:45.0571 0x1b50 [ 6D115CC80873B85FD80DDA1C41F75A2C, DF08AB8B2C621473E6B373159D57F365077738BFCE3C75D095FFBE44A271F591 ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
12:22:45.0573 0x1b50 CTHWIUT.SYS - ok
12:22:45.0587 0x1b50 [ EBC9548EF5838CB5AA8F18B3AC28AF12, BD7B6E203D03D44A1A5BCE79A8857B48E46EBF58320D7056AAB2186A88DE7E2D ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
12:22:45.0588 0x1b50 ctprxy2k - ok
12:22:45.0608 0x1b50 [ 459BEE1682121842285C162E2D98D81A, 6F7A8286B9F5A752487A54F37F5AA21757D0A4BDB7494E319E19C43C2D45A582 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
12:22:45.0614 0x1b50 ctsfm2k - ok
12:22:45.0640 0x1b50 [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
12:22:45.0642 0x1b50 dc3d - ok
12:22:45.0672 0x1b50 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:22:45.0698 0x1b50 DcomLaunch - ok
12:22:45.0728 0x1b50 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:22:45.0736 0x1b50 defragsvc - ok
12:22:45.0748 0x1b50 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:22:45.0752 0x1b50 DfsC - ok
12:22:45.0772 0x1b50 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:22:45.0789 0x1b50 Dhcp - ok
12:22:45.0803 0x1b50 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:22:45.0806 0x1b50 discache - ok
12:22:45.0835 0x1b50 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:22:45.0838 0x1b50 Disk - ok
12:22:45.0862 0x1b50 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:22:45.0865 0x1b50 dmvsc - ok
12:22:45.0900 0x1b50 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:22:45.0907 0x1b50 Dnscache - ok
12:22:45.0928 0x1b50 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:22:45.0937 0x1b50 dot3svc - ok
12:22:45.0960 0x1b50 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:22:45.0967 0x1b50 DPS - ok
12:22:46.0007 0x1b50 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:22:46.0049 0x1b50 drmkaud - ok
12:22:46.0109 0x1b50 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:22:46.0143 0x1b50 DXGKrnl - ok
12:22:46.0186 0x1b50 [ D53A04F8CB50F87D57B19E3B06822CEB, 2EA2D0B3AA4E4062EC21985A1BBFAFAFF79D18A6F6B5ED908561F31156FEF436 ] DxVGrb C:\Windows\system32\drivers\DxVGrb.sys
12:22:46.0194 0x1b50 DxVGrb - ok
12:22:46.0213 0x1b50 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:22:46.0218 0x1b50 EapHost - ok
12:22:46.0323 0x1b50 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:22:46.0419 0x1b50 ebdrv - ok
12:22:46.0493 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:22:46.0495 0x1b50 EFS - ok
12:22:46.0552 0x1b50 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:22:46.0583 0x1b50 ehRecvr - ok
12:22:46.0601 0x1b50 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:22:46.0605 0x1b50 ehSched - ok
12:22:46.0676 0x1b50 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
12:22:46.0679 0x1b50 ElbyCDIO - ok
12:22:46.0702 0x1b50 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:22:46.0727 0x1b50 elxstor - ok
12:22:46.0742 0x1b50 [ C26133B6165928FBD156C6FE570F9ED2, E7DD3A187E493F4BBC604B553578C7BC68F7C9B8FC952BE2FDDB3794E993F43A ] emupia C:\Windows\system32\drivers\emupia2k.sys
12:22:46.0746 0x1b50 emupia - ok
12:22:46.0760 0x1b50 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:22:46.0762 0x1b50 ErrDev - ok
12:22:46.0791 0x1b50 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:22:46.0812 0x1b50 EventSystem - ok
12:22:46.0827 0x1b50 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:22:46.0834 0x1b50 exfat - ok
12:22:46.0877 0x1b50 Fabs - ok
12:22:46.0897 0x1b50 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:22:46.0904 0x1b50 fastfat - ok
12:22:46.0942 0x1b50 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:22:46.0968 0x1b50 Fax - ok
12:22:46.0984 0x1b50 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:22:46.0986 0x1b50 fdc - ok
12:22:47.0001 0x1b50 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:22:47.0004 0x1b50 fdPHost - ok
12:22:47.0016 0x1b50 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:22:47.0019 0x1b50 FDResPub - ok
12:22:47.0032 0x1b50 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:22:47.0035 0x1b50 FileInfo - ok
12:22:47.0049 0x1b50 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:22:47.0051 0x1b50 Filetrace - ok
12:22:47.0162 0x1b50 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
12:22:47.0248 0x1b50 FirebirdServerMAGIXInstance - ok
12:22:47.0272 0x1b50 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:22:47.0273 0x1b50 flpydisk - ok
12:22:47.0286 0x1b50 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:22:47.0293 0x1b50 FltMgr - ok
12:22:47.0364 0x1b50 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:22:47.0407 0x1b50 FontCache - ok
12:22:47.0434 0x1b50 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:22:47.0435 0x1b50 FontCache3.0.0.0 - ok
12:22:47.0450 0x1b50 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:22:47.0453 0x1b50 FsDepends - ok
12:22:47.0480 0x1b50 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:22:47.0482 0x1b50 Fs_Rec - ok
12:22:47.0523 0x1b50 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:22:47.0530 0x1b50 fvevol - ok
12:22:47.0595 0x1b50 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
12:22:47.0626 0x1b50 fwlanusb5 - ok
12:22:47.0674 0x1b50 [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
12:22:47.0704 0x1b50 fwlanusbn - ok
12:22:47.0721 0x1b50 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:22:47.0724 0x1b50 gagp30kx - ok
12:22:47.0755 0x1b50 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:22:47.0757 0x1b50 GEARAspiWDM - ok
12:22:47.0792 0x1b50 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:22:47.0821 0x1b50 gpsvc - ok
12:22:47.0879 0x1b50 [ A3F010D5DBFB589A3B3288C05C2EA3F9, 080EA07B0840D6922D37EDBAB61A24AD691B0E97C929FB9FFB929C134C30DFD4 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
12:22:47.0924 0x1b50 ha20x2k - ok
12:22:47.0958 0x1b50 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:22:47.0960 0x1b50 hamachi - ok
12:22:47.0974 0x1b50 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:22:47.0976 0x1b50 hcw85cir - ok
12:22:48.0007 0x1b50 [ 1DBFA37256022C31795C96C8E143A3C2, 7815B30DBC225C05448387DBF8E2231D6EF015B8C9E5DB36B650521670A4295D ] HCW88AUD C:\Windows\system32\drivers\hcw88aud.sys
12:22:48.0009 0x1b50 HCW88AUD - ok
12:22:48.0059 0x1b50 [ D9F81FB1D19D167B58825A75B4F1EDDB, 2B3236F11450F1BFB58D8B98B3DE9A58C91A9DC8B48ECEC3A82D0C7DCA90D5D3 ] HCW88BDA C:\Windows\system32\drivers\hcw88bda.sys
12:22:48.0076 0x1b50 HCW88BDA - ok
12:22:48.0116 0x1b50 [ 0413459C8BB193D9FEBA459501B8650F, 7EB8DC045C2EDAF4885F5E5116F8C03B03FC9AB2A2F22AA25958047DFEF09D51 ] HCW88TSE C:\Windows\system32\drivers\hcw88tse.sys
12:22:48.0133 0x1b50 HCW88TSE - ok
12:22:48.0166 0x1b50 [ 8C1120A6F6B18E59335E556CD9D7F3C0, 60F704FADF311C5178D5958E14B4FE66710E3DA43E84E6B5A9BEA6B7BAA9D08A ] HCW88TUNE C:\Windows\system32\drivers\hcw88tun.sys
12:22:48.0170 0x1b50 HCW88TUNE - ok
12:22:48.0214 0x1b50 [ 4E92B44EB359F4B129D1A0831D65D954, 8118F0A3175D33173289544CEEE3A3D2B6A1B205A97FC6E620E01B32576616D7 ] hcw88vid C:\Windows\system32\drivers\hcw88vid.sys
12:22:48.0237 0x1b50 hcw88vid - ok
12:22:48.0251 0x1b50 [ E00F95ABE9080C8EFDCFFCC2D631532D, 7D227353C1E32D8CC1FB48E34D81EF32E2E35DC1BAF63B0BC045962C82102B52 ] HCW88XBAR C:\Windows\system32\drivers\HCW88BAR.sys
12:22:48.0253 0x1b50 HCW88XBAR - ok
12:22:48.0309 0x1b50 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:22:48.0326 0x1b50 HdAudAddService - ok
12:22:48.0340 0x1b50 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:22:48.0344 0x1b50 HDAudBus - ok
12:22:48.0371 0x1b50 [ 62FB29642745DD290910BFD79537FCE0, 56206F936958082B3A2AD93E4E5C7EDA9518A6F12670C6F26EC7A35D0D5305DF ] HH10Help.sys C:\Windows\system32\drivers\HH10Help.sys
12:22:48.0373 0x1b50 HH10Help.sys - ok
12:22:48.0382 0x1b50 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:22:48.0384 0x1b50 HidBatt - ok
12:22:48.0400 0x1b50 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:22:48.0404 0x1b50 HidBth - ok
12:22:48.0413 0x1b50 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:22:48.0415 0x1b50 HidIr - ok
12:22:48.0424 0x1b50 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:22:48.0427 0x1b50 hidserv - ok
12:22:48.0463 0x1b50 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:22:48.0466 0x1b50 HidUsb - ok
12:22:48.0490 0x1b50 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:22:48.0495 0x1b50 hkmsvc - ok
12:22:48.0514 0x1b50 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:22:48.0531 0x1b50 HomeGroupListener - ok
12:22:48.0555 0x1b50 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:22:48.0564 0x1b50 HomeGroupProvider - ok
12:22:48.0579 0x1b50 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:22:48.0583 0x1b50 HpSAMD - ok
12:22:48.0620 0x1b50 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:22:48.0654 0x1b50 HTTP - ok
12:22:48.0669 0x1b50 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:22:48.0672 0x1b50 hwpolicy - ok
12:22:48.0695 0x1b50 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:22:48.0699 0x1b50 i8042prt - ok
12:22:48.0736 0x1b50 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:22:48.0757 0x1b50 iaStorV - ok
12:22:48.0915 0x1b50 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:22:48.0947 0x1b50 IDriverT - ok
12:22:49.0184 0x1b50 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:22:49.0234 0x1b50 idsvc - ok
12:22:49.0264 0x1b50 IEEtwCollectorService - ok
12:22:49.0278 0x1b50 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:22:49.0281 0x1b50 iirsp - ok
12:22:49.0329 0x1b50 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:22:49.0358 0x1b50 IKEEXT - ok
12:22:49.0381 0x1b50 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:22:49.0383 0x1b50 intelide - ok
12:22:49.0407 0x1b50 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:22:49.0409 0x1b50 intelppm - ok
12:22:49.0434 0x1b50 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:22:49.0439 0x1b50 IPBusEnum - ok
12:22:49.0449 0x1b50 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:22:49.0453 0x1b50 IpFilterDriver - ok
12:22:49.0504 0x1b50 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:22:49.0530 0x1b50 iphlpsvc - ok
12:22:49.0547 0x1b50 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:22:49.0551 0x1b50 IPMIDRV - ok
12:22:49.0566 0x1b50 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:22:49.0571 0x1b50 IPNAT - ok
12:22:49.0651 0x1b50 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:22:49.0665 0x1b50 iPod Service - ok
12:22:49.0684 0x1b50 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:22:49.0686 0x1b50 IRENUM - ok
12:22:49.0697 0x1b50 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:22:49.0699 0x1b50 isapnp - ok
12:22:49.0741 0x1b50 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:22:49.0750 0x1b50 iScsiPrt - ok
12:22:49.0763 0x1b50 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:22:49.0766 0x1b50 kbdclass - ok
12:22:49.0775 0x1b50 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:22:49.0778 0x1b50 kbdhid - ok
12:22:49.0792 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:22:49.0794 0x1b50 KeyIso - ok
12:22:49.0839 0x1b50 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
12:22:49.0865 0x1b50 kl1 - ok
12:22:49.0905 0x1b50 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
12:22:49.0911 0x1b50 klflt - ok
12:22:49.0961 0x1b50 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\Windows\system32\DRIVERS\klhk.sys
12:22:49.0969 0x1b50 klhk - ok
12:22:50.0030 0x1b50 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
12:22:50.0064 0x1b50 KLIF - ok
12:22:50.0102 0x1b50 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
12:22:50.0104 0x1b50 KLIM6 - ok
12:22:50.0127 0x1b50 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
12:22:50.0130 0x1b50 klkbdflt - ok
12:22:50.0142 0x1b50 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
12:22:50.0145 0x1b50 klmouflt - ok
12:22:50.0175 0x1b50 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
12:22:50.0177 0x1b50 klpd - ok
12:22:50.0213 0x1b50 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
12:22:50.0216 0x1b50 kltdi - ok
12:22:50.0246 0x1b50 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
12:22:50.0252 0x1b50 kneps - ok
12:22:50.0314 0x1b50 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:22:50.0318 0x1b50 KSecDD - ok
12:22:50.0356 0x1b50 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:22:50.0362 0x1b50 KSecPkg - ok
12:22:50.0374 0x1b50 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:22:50.0377 0x1b50 ksthunk - ok
12:22:50.0402 0x1b50 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:22:50.0425 0x1b50 KtmRm - ok
12:22:50.0451 0x1b50 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:22:50.0468 0x1b50 LanmanServer - ok
12:22:50.0489 0x1b50 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:22:50.0496 0x1b50 LanmanWorkstation - ok
12:22:50.0523 0x1b50 [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
12:22:50.0526 0x1b50 lirsgt - ok
12:22:50.0539 0x1b50 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:22:50.0543 0x1b50 lltdio - ok
12:22:50.0561 0x1b50 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:22:50.0578 0x1b50 lltdsvc - ok
12:22:50.0587 0x1b50 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:22:50.0590 0x1b50 lmhosts - ok
12:22:50.0614 0x1b50 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:22:50.0618 0x1b50 LSI_FC - ok
12:22:50.0635 0x1b50 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:22:50.0639 0x1b50 LSI_SAS - ok
12:22:50.0652 0x1b50 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:22:50.0656 0x1b50 LSI_SAS2 - ok
12:22:50.0673 0x1b50 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:22:50.0678 0x1b50 LSI_SCSI - ok
12:22:50.0691 0x1b50 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:22:50.0695 0x1b50 luafv - ok
12:22:50.0710 0x1b50 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:22:50.0715 0x1b50 Mcx2Svc - ok
12:22:50.0724 0x1b50 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:22:50.0727 0x1b50 megasas - ok
12:22:50.0749 0x1b50 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:22:50.0766 0x1b50 MegaSR - ok
12:22:50.0783 0x1b50 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:22:50.0787 0x1b50 MMCSS - ok
12:22:50.0799 0x1b50 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:22:50.0802 0x1b50 Modem - ok
12:22:50.0811 0x1b50 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:22:50.0812 0x1b50 monitor - ok
12:22:50.0817 0x1b50 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:22:50.0819 0x1b50 mouclass - ok
12:22:50.0832 0x1b50 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:22:50.0835 0x1b50 mouhid - ok
12:22:50.0848 0x1b50 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:22:50.0851 0x1b50 mountmgr - ok
12:22:50.0891 0x1b50 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:22:50.0895 0x1b50 MozillaMaintenance - ok
12:22:50.0910 0x1b50 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:22:50.0916 0x1b50 mpio - ok
12:22:50.0948 0x1b50 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:22:50.0952 0x1b50 mpsdrv - ok
12:22:50.0985 0x1b50 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:22:51.0014 0x1b50 MpsSvc - ok
12:22:51.0042 0x1b50 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:22:51.0048 0x1b50 MRxDAV - ok
12:22:51.0074 0x1b50 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:22:51.0082 0x1b50 mrxsmb - ok
12:22:51.0097 0x1b50 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:22:51.0105 0x1b50 mrxsmb10 - ok
12:22:51.0129 0x1b50 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:22:51.0133 0x1b50 mrxsmb20 - ok
12:22:51.0162 0x1b50 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:22:51.0164 0x1b50 msahci - ok
12:22:51.0203 0x1b50 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
12:22:51.0207 0x1b50 MSCamSvc - ok
12:22:51.0221 0x1b50 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:22:51.0226 0x1b50 msdsm - ok
12:22:51.0239 0x1b50 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:22:51.0246 0x1b50 MSDTC - ok
12:22:51.0255 0x1b50 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:22:51.0257 0x1b50 Msfs - ok
12:22:51.0268 0x1b50 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:22:51.0270 0x1b50 mshidkmdf - ok
12:22:51.0286 0x1b50 [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
12:22:51.0289 0x1b50 MSHUSBVideo - ok
12:22:51.0297 0x1b50 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:22:51.0298 0x1b50 msisadrv - ok
12:22:51.0321 0x1b50 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:22:51.0326 0x1b50 MSiSCSI - ok
12:22:51.0329 0x1b50 msiserver - ok
12:22:51.0350 0x1b50 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:22:51.0351 0x1b50 MSKSSRV - ok
12:22:51.0358 0x1b50 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:22:51.0360 0x1b50 MSPCLOCK - ok
12:22:51.0372 0x1b50 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:22:51.0374 0x1b50 MSPQM - ok
12:22:51.0396 0x1b50 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:22:51.0413 0x1b50 MsRPC - ok
12:22:51.0429 0x1b50 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:22:51.0429 0x1b50 mssmbios - ok
12:22:51.0443 0x1b50 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:22:51.0445 0x1b50 MSTEE - ok
12:22:51.0454 0x1b50 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:22:51.0456 0x1b50 MTConfig - ok
12:22:51.0485 0x1b50 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:22:51.0487 0x1b50 MTsensor - ok
12:22:51.0498 0x1b50 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:22:51.0501 0x1b50 Mup - ok
12:22:51.0530 0x1b50 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:22:51.0556 0x1b50 napagent - ok
12:22:51.0574 0x1b50 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:22:51.0591 0x1b50 NativeWifiP - ok
12:22:51.0654 0x1b50 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:22:51.0688 0x1b50 NDIS - ok
12:22:51.0697 0x1b50 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:22:51.0700 0x1b50 NdisCap - ok
12:22:51.0723 0x1b50 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:22:51.0725 0x1b50 NdisTapi - ok
12:22:51.0738 0x1b50 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:22:51.0741 0x1b50 Ndisuio - ok
12:22:51.0754 0x1b50 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:22:51.0759 0x1b50 NdisWan - ok
12:22:51.0770 0x1b50 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:22:51.0773 0x1b50 NDProxy - ok
12:22:51.0825 0x1b50 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
12:22:51.0827 0x1b50 Netaapl - ok
12:22:51.0837 0x1b50 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:22:51.0840 0x1b50 NetBIOS - ok
12:22:51.0857 0x1b50 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:22:51.0865 0x1b50 NetBT - ok
12:22:51.0874 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:22:51.0876 0x1b50 Netlogon - ok
12:22:51.0907 0x1b50 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:22:51.0928 0x1b50 Netman - ok
12:22:51.0966 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:51.0972 0x1b50 NetMsmqActivator - ok
12:22:51.0979 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:51.0982 0x1b50 NetPipeActivator - ok
12:22:52.0014 0x1b50 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:22:52.0039 0x1b50 netprofm - ok
12:22:52.0048 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:52.0052 0x1b50 NetTcpActivator - ok
12:22:52.0058 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:52.0062 0x1b50 NetTcpPortSharing - ok
12:22:52.0074 0x1b50 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:22:52.0077 0x1b50 nfrd960 - ok
12:22:52.0111 0x1b50 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:22:52.0128 0x1b50 NlaSvc - ok
12:22:52.0132 0x1b50 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:22:52.0134 0x1b50 Npfs - ok
12:22:52.0143 0x1b50 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:22:52.0145 0x1b50 nsi - ok
12:22:52.0151 0x1b50 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:22:52.0153 0x1b50 nsiproxy - ok
12:22:52.0224 0x1b50 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:22:52.0275 0x1b50 Ntfs - ok
12:22:52.0291 0x1b50 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:22:52.0295 0x1b50 Null - ok
12:22:52.0333 0x1b50 [ D584ABB6A308933A5F72B46C9E5A783F, 31922A27B3A9A64A9F71B7591FCAC6E0ACD15E36B9BFC4B4D75DE473E0F5CF6B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:22:52.0337 0x1b50 nusb3hub - ok
12:22:52.0378 0x1b50 [ 345B9C04E2036DA4346E3249A5BDFD06, 2FCA4661757EC8E33F6D1E8066165C0E0A0D32649318412A79A915B83496236A ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:22:52.0385 0x1b50 nusb3xhc - ok
12:22:52.0406 0x1b50 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:22:52.0412 0x1b50 nvraid - ok
12:22:52.0444 0x1b50 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:22:52.0451 0x1b50 nvstor - ok
12:22:52.0468 0x1b50 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:22:52.0472 0x1b50 nv_agp - ok
12:22:52.0530 0x1b50 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:22:52.0553 0x1b50 odserv - ok
12:22:52.0565 0x1b50 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:22:52.0568 0x1b50 ohci1394 - ok
12:22:52.0617 0x1b50 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:22:52.0623 0x1b50 ose - ok
12:22:52.0645 0x1b50 [ 0E2DE427EBE106E7E5B52869D5C99F68, D61B1B8847BC561785B64507D1D551B0184B1ACED960AF629F7AF5D6C3A30BB1 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
12:22:52.0652 0x1b50 ossrv - ok
12:22:52.0752 0x1b50 [ 79E8523EAB6C32EC634BD815B35B2DAE, 7B1467998772F3661D0F6355D0B8D8B06CEB8A0D929EBBACE1F696CFD9D75698 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
12:22:52.0788 0x1b50 OverwolfUpdater - ok
12:22:52.0811 0x1b50 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:22:52.0828 0x1b50 p2pimsvc - ok
12:22:52.0845 0x1b50 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:22:52.0862 0x1b50 p2psvc - ok
12:22:52.0871 0x1b50 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:22:52.0874 0x1b50 Parport - ok
12:22:52.0907 0x1b50 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:22:52.0910 0x1b50 partmgr - ok
12:22:52.0945 0x1b50 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:22:52.0953 0x1b50 PcaSvc - ok
12:22:52.0970 0x1b50 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:22:52.0975 0x1b50 pci - ok
12:22:53.0005 0x1b50 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:22:53.0007 0x1b50 pciide - ok
12:22:53.0025 0x1b50 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:22:53.0032 0x1b50 pcmcia - ok
12:22:53.0042 0x1b50 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:22:53.0044 0x1b50 pcw - ok
12:22:53.0074 0x1b50 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:22:53.0099 0x1b50 PEAUTH - ok
12:22:53.0154 0x1b50 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:22:53.0200 0x1b50 PeerDistSvc - ok
12:22:53.0261 0x1b50 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:22:53.0264 0x1b50 PerfHost - ok
12:22:53.0323 0x1b50 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:22:53.0365 0x1b50 pla - ok
12:22:53.0417 0x1b50 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:22:53.0436 0x1b50 PlugPlay - ok
12:22:53.0446 0x1b50 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:22:53.0450 0x1b50 PNRPAutoReg - ok
12:22:53.0471 0x1b50 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:22:53.0480 0x1b50 PNRPsvc - ok
12:22:53.0513 0x1b50 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:22:53.0515 0x1b50 Point64 - ok
12:22:53.0540 0x1b50 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:22:53.0562 0x1b50 PolicyAgent - ok
12:22:53.0584 0x1b50 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:22:53.0591 0x1b50 Power - ok
12:22:53.0612 0x1b50 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:22:53.0616 0x1b50 PptpMiniport - ok
12:22:53.0629 0x1b50 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:22:53.0631 0x1b50 Processor - ok
12:22:53.0660 0x1b50 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:22:53.0669 0x1b50 ProfSvc - ok
12:22:53.0681 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:22:53.0683 0x1b50 ProtectedStorage - ok
12:22:53.0705 0x1b50 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:22:53.0711 0x1b50 Psched - ok
12:22:53.0763 0x1b50 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:22:53.0807 0x1b50 ql2300 - ok
12:22:53.0827 0x1b50 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:22:53.0831 0x1b50 ql40xx - ok
12:22:53.0861 0x1b50 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:22:53.0870 0x1b50 QWAVE - ok
12:22:53.0878 0x1b50 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:22:53.0881 0x1b50 QWAVEdrv - ok
12:22:53.0892 0x1b50 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:22:53.0894 0x1b50 RasAcd - ok
12:22:53.0911 0x1b50 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:22:53.0913 0x1b50 RasAgileVpn - ok
12:22:53.0927 0x1b50 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:22:53.0933 0x1b50 RasAuto - ok
12:22:53.0942 0x1b50 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:22:53.0946 0x1b50 Rasl2tp - ok
12:22:53.0964 0x1b50 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:22:53.0981 0x1b50 RasMan - ok
12:22:53.0993 0x1b50 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:22:53.0997 0x1b50 RasPppoe - ok
12:22:54.0002 0x1b50 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:22:54.0005 0x1b50 RasSstp - ok
12:22:54.0025 0x1b50 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:22:54.0042 0x1b50 rdbss - ok
12:22:54.0087 0x1b50 [ 7B345FA8191172FB719C82417154058D, 0016B5C90FAF69CFEECE7C65E42C80FBA61A81CE235062B060A48883560C732D ] RDID1027 C:\Windows\system32\Drivers\rdwm1027.sys
12:22:54.0091 0x1b50 RDID1027 - ok
12:22:54.0101 0x1b50 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:22:54.0103 0x1b50 rdpbus - ok
12:22:54.0112 0x1b50 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:22:54.0113 0x1b50 RDPCDD - ok
12:22:54.0142 0x1b50 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:22:54.0148 0x1b50 RDPDR - ok
12:22:54.0165 0x1b50 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:22:54.0167 0x1b50 RDPENCDD - ok
12:22:54.0181 0x1b50 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:22:54.0182 0x1b50 RDPREFMP - ok
12:22:54.0208 0x1b50 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:22:54.0215 0x1b50 RDPWD - ok
12:22:54.0233 0x1b50 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:22:54.0240 0x1b50 rdyboost - ok
12:22:54.0308 0x1b50 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:22:54.0315 0x1b50 RemoteAccess - ok
12:22:54.0360 0x1b50 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:22:54.0366 0x1b50 RemoteRegistry - ok
12:22:54.0395 0x1b50 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:22:54.0399 0x1b50 RpcEptMapper - ok
12:22:54.0404 0x1b50 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:22:54.0406 0x1b50 RpcLocator - ok
12:22:54.0429 0x1b50 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:22:54.0439 0x1b50 RpcSs - ok
12:22:54.0455 0x1b50 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:22:54.0458 0x1b50 rspndr - ok
12:22:54.0470 0x1b50 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:22:54.0472 0x1b50 s3cap - ok
12:22:54.0475 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:22:54.0476 0x1b50 SamSs - ok
12:22:54.0489 0x1b50 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:22:54.0492 0x1b50 sbp2port - ok
12:22:54.0507 0x1b50 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:22:54.0514 0x1b50 SCardSvr - ok
12:22:54.0525 0x1b50 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:22:54.0528 0x1b50 scfilter - ok
12:22:54.0563 0x1b50 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:22:54.0597 0x1b50 Schedule - ok
12:22:54.0613 0x1b50 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:22:54.0615 0x1b50 SCPolicySvc - ok
12:22:54.0629 0x1b50 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:22:54.0635 0x1b50 SDRSVC - ok
12:22:54.0644 0x1b50 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:22:54.0646 0x1b50 secdrv - ok
12:22:54.0652 0x1b50 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:22:54.0655 0x1b50 seclogon - ok
12:22:54.0667 0x1b50 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:22:54.0671 0x1b50 SENS - ok
12:22:54.0675 0x1b50 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:22:54.0677 0x1b50 SensrSvc - ok
12:22:54.0699 0x1b50 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:22:54.0701 0x1b50 Serenum - ok
12:22:54.0706 0x1b50 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:22:54.0708 0x1b50 Serial - ok
12:22:54.0719 0x1b50 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:22:54.0722 0x1b50 sermouse - ok
12:22:54.0735 0x1b50 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:22:54.0740 0x1b50 SessionEnv - ok
12:22:54.0748 0x1b50 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:22:54.0750 0x1b50 sffdisk - ok
12:22:54.0759 0x1b50 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:22:54.0761 0x1b50 sffp_mmc - ok
12:22:54.0768 0x1b50 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:22:54.0770 0x1b50 sffp_sd - ok
12:22:54.0776 0x1b50 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:22:54.0778 0x1b50 sfloppy - ok
12:22:54.0808 0x1b50 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:22:54.0825 0x1b50 SharedAccess - ok
12:22:54.0847 0x1b50 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:22:54.0864 0x1b50 ShellHWDetection - ok
12:22:54.0885 0x1b50 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:22:54.0887 0x1b50 SiSRaid2 - ok
12:22:54.0912 0x1b50 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:22:54.0916 0x1b50 SiSRaid4 - ok
12:22:55.0003 0x1b50 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:22:55.0020 0x1b50 SkypeUpdate - ok
12:22:55.0040 0x1b50 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:22:55.0043 0x1b50 Smb - ok
12:22:55.0056 0x1b50 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:22:55.0060 0x1b50 SNMPTRAP - ok
12:22:55.0067 0x1b50 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:22:55.0068 0x1b50 spldr - ok
12:22:55.0112 0x1b50 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:22:55.0138 0x1b50 Spooler - ok
12:22:55.0245 0x1b50 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:22:55.0353 0x1b50 sppsvc - ok
12:22:55.0372 0x1b50 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:22:55.0376 0x1b50 sppuinotify - ok
12:22:55.0411 0x1b50 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:22:55.0432 0x1b50 srv - ok
12:22:55.0449 0x1b50 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:22:55.0466 0x1b50 srv2 - ok
12:22:55.0497 0x1b50 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:22:55.0502 0x1b50 srvnet - ok
12:22:55.0516 0x1b50 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:22:55.0523 0x1b50 SSDPSRV - ok
12:22:55.0538 0x1b50 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:22:55.0543 0x1b50 SstpSvc - ok
12:22:55.0649 0x1b50 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:22:55.0683 0x1b50 Steam Client Service - ok
12:22:55.0694 0x1b50 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:22:55.0696 0x1b50 stexstor - ok
12:22:55.0715 0x1b50 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:22:55.0741 0x1b50 stisvc - ok
12:22:55.0767 0x1b50 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:22:55.0770 0x1b50 storflt - ok
12:22:55.0784 0x1b50 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
12:22:55.0786 0x1b50 StorSvc - ok
12:22:55.0800 0x1b50 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:22:55.0802 0x1b50 storvsc - ok
12:22:55.0815 0x1b50 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:22:55.0817 0x1b50 swenum - ok
12:22:55.0916 0x1b50 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:22:55.0938 0x1b50 SwitchBoard - ok
12:22:55.0962 0x1b50 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:22:55.0987 0x1b50 swprv - ok
12:22:56.0037 0x1b50 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:22:56.0088 0x1b50 SysMain - ok
12:22:56.0104 0x1b50 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:22:56.0109 0x1b50 TabletInputService - ok
12:22:56.0124 0x1b50 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:22:56.0133 0x1b50 TapiSrv - ok
12:22:56.0147 0x1b50 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:22:56.0151 0x1b50 TBS - ok
12:22:56.0237 0x1b50 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:22:56.0304 0x1b50 Tcpip - ok
12:22:56.0415 0x1b50 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:22:56.0443 0x1b50 TCPIP6 - ok
12:22:56.0471 0x1b50 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:22:56.0474 0x1b50 tcpipreg - ok
12:22:56.0488 0x1b50 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:22:56.0490 0x1b50 TDPIPE - ok
12:22:56.0517 0x1b50 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:22:56.0519 0x1b50 TDTCP - ok
12:22:56.0551 0x1b50 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:22:56.0555 0x1b50 tdx - ok
12:22:56.0708 0x1b50 [ 9F3E7CABE86BBDECA009DE291DB6D9E2, C85176BA98382C82178D682C5F91B5590201BF8C7335DF7ABCAB469367701106 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
12:22:56.0759 0x1b50 TeamViewer8 - ok
12:22:56.0781 0x1b50 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:22:56.0784 0x1b50 TermDD - ok
12:22:56.0826 0x1b50 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:22:56.0851 0x1b50 TermService - ok
12:22:56.0859 0x1b50 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:22:56.0863 0x1b50 Themes - ok
12:22:56.0880 0x1b50 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:22:56.0882 0x1b50 THREADORDER - ok
12:22:56.0893 0x1b50 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:22:56.0898 0x1b50 TrkWks - ok
12:22:56.0940 0x1b50 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:22:56.0945 0x1b50 TrustedInstaller - ok
12:22:56.0968 0x1b50 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:22:56.0970 0x1b50 tssecsrv - ok
12:22:56.0991 0x1b50 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:22:56.0994 0x1b50 TsUsbFlt - ok
12:22:57.0008 0x1b50 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:22:57.0010 0x1b50 TsUsbGD - ok
12:22:57.0027 0x1b50 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:22:57.0031 0x1b50 tunnel - ok
12:22:57.0043 0x1b50 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:22:57.0046 0x1b50 uagp35 - ok
12:22:57.0063 0x1b50 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:22:57.0072 0x1b50 udfs - ok
12:22:57.0079 0x1b50 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:22:57.0081 0x1b50 UI0Detect - ok
12:22:57.0097 0x1b50 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:22:57.0100 0x1b50 uliagpkx - ok
12:22:57.0120 0x1b50 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:22:57.0122 0x1b50 umbus - ok
12:22:57.0134 0x1b50 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:22:57.0136 0x1b50 UmPass - ok
12:22:57.0167 0x1b50 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:22:57.0176 0x1b50 UmRdpService - ok
12:22:57.0195 0x1b50 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:22:57.0210 0x1b50 upnphost - ok
12:22:57.0245 0x1b50 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:22:57.0247 0x1b50 USBAAPL64 - ok
12:22:57.0285 0x1b50 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:22:57.0290 0x1b50 usbaudio - ok
12:22:57.0300 0x1b50 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:22:57.0305 0x1b50 usbccgp - ok
12:22:57.0336 0x1b50 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:22:57.0340 0x1b50 usbcir - ok
12:22:57.0370 0x1b50 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:22:57.0373 0x1b50 usbehci - ok
12:22:57.0396 0x1b50 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:22:57.0413 0x1b50 usbhub - ok
12:22:57.0424 0x1b50 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:22:57.0427 0x1b50 usbohci - ok
12:22:57.0444 0x1b50 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:22:57.0447 0x1b50 usbprint - ok
12:22:57.0482 0x1b50 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
12:22:57.0485 0x1b50 usbscan - ok
12:22:57.0501 0x1b50 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:22:57.0505 0x1b50 USBSTOR - ok
12:22:57.0536 0x1b50 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:22:57.0539 0x1b50 usbuhci - ok
12:22:57.0556 0x1b50 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:22:57.0563 0x1b50 usbvideo - ok
12:22:57.0576 0x1b50 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:22:57.0581 0x1b50 UxSms - ok
12:22:57.0588 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:22:57.0590 0x1b50 VaultSvc - ok
12:22:57.0659 0x1b50 [ 301F11B8BC2208D4F4867D2103DA7CE2, FD844240D349AF3CD34AE2F30DCABB1327DBDCB6DB3336A379CFFF65F72EB642 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
12:22:57.0696 0x1b50 VBoxDrv - ok
12:22:57.0718 0x1b50 [ C64AD70CCCB0CED8925BE4E2C889DE3A, 0E25202639B10F66BDFEA867594508977112ADCCF51054E82C0C14475A1F18F5 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
12:22:57.0723 0x1b50 VBoxNetAdp - ok
12:22:57.0748 0x1b50 [ 712724A7C726CA15AD2FC8C40D56AE6D, 221DB97E433629660C704667FA7BCAA9037063DC4C8CE8CB67C7AF6AFD87B005 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
12:22:57.0753 0x1b50 VBoxNetFlt - ok
12:22:57.0808 0x1b50 [ 3FB968D261CE6A51454CE0C65E43B205, 2860554CC35495CC1A1D14DF002AAAE985E9C37650384B1D1524263D27DD68C5 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
12:22:57.0813 0x1b50 VBoxUSBMon - ok
12:22:57.0859 0x1b50 [ 17DFE3E67A89721AF755117E5EAAA9A7, 2BD4F3F884E78485BC856D0373C66F1F49884AA385B0B2B1403A1184ACA0D6F2 ] VC10SecS C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
12:22:57.0862 0x1b50 VC10SecS - ok
12:22:57.0872 0x1b50 [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus C:\Windows\system32\DRIVERS\vcd10bus.sys
12:22:57.0875 0x1b50 vcd10bus - ok
12:22:57.0876 0x1b50 Suspicious service (NoAccess): vdrv1000
12:22:57.0889 0x1b50 [ F0ECF990B3DE8842E948279AF31CC4E5, EF8C8D6F292A39914EDAB9BEF8E5243B60A7FAC48620D144A0F2079C852B3092 ] vdrv1000 C:\Windows\system32\DRIVERS\vdrv1000.sys
12:22:57.0898 0x1b50 vdrv1000 - detected LockedService.Multi.Generic ( 1 )
12:23:00.0846 0x1b50 Detect skipped due to KSN trusted
12:23:00.0846 0x1b50 vdrv1000 - ok
12:23:00.0903 0x1b50 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:23:00.0906 0x1b50 vdrvroot - ok
12:23:00.0928 0x1b50 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:23:00.0954 0x1b50 vds - ok
12:23:00.0966 0x1b50 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:23:00.0969 0x1b50 vga - ok
12:23:00.0984 0x1b50 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:23:00.0987 0x1b50 VgaSave - ok
12:23:01.0002 0x1b50 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:23:01.0010 0x1b50 vhdmp - ok
12:23:01.0040 0x1b50 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:23:01.0042 0x1b50 viaide - ok
12:23:01.0063 0x1b50 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:23:01.0071 0x1b50 vmbus - ok
12:23:01.0081 0x1b50 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:23:01.0083 0x1b50 VMBusHID - ok
12:23:01.0119 0x1b50 [ 32984E65F126D91836EADDC165236DE3, 2B692C71221D421A649E3E312382C71831D43210E5D0C45BBC570CBD1BF97C55 ] VMUVC C:\Windows\system32\Drivers\VMUVC.sys
12:23:01.0127 0x1b50 VMUVC - ok
12:23:01.0142 0x1b50 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:23:01.0146 0x1b50 volmgr - ok
12:23:01.0169 0x1b50 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:23:01.0186 0x1b50 volmgrx - ok
12:23:01.0206 0x1b50 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:23:01.0223 0x1b50 volsnap - ok
12:23:01.0244 0x1b50 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:23:01.0250 0x1b50 vsmraid - ok
12:23:01.0298 0x1b50 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:23:01.0345 0x1b50 VSS - ok
12:23:01.0374 0x1b50 [ 9D9FE9E24F03AD87324245F516BEDAE5, 0C9E9A8FFF8A2F29433DD6A17B8DA284E134F300F928BF45F5713E97E283D33B ] vvftUVC C:\Windows\system32\drivers\vvftUVC.sys
12:23:01.0382 0x1b50 vvftUVC - ok
12:23:01.0392 0x1b50 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:23:01.0395 0x1b50 vwifibus - ok
12:23:01.0429 0x1b50 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:23:01.0432 0x1b50 VWiFiFlt - ok
12:23:01.0456 0x1b50 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:23:01.0458 0x1b50 vwifimp - ok
12:23:01.0478 0x1b50 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:23:01.0499 0x1b50 W32Time - ok
12:23:01.0510 0x1b50 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:23:01.0513 0x1b50 WacomPen - ok
12:23:01.0528 0x1b50 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:23:01.0531 0x1b50 WANARP - ok
12:23:01.0542 0x1b50 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:23:01.0543 0x1b50 Wanarpv6 - ok
12:23:01.0586 0x1b50 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:23:01.0629 0x1b50 wbengine - ok
12:23:01.0649 0x1b50 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:23:01.0656 0x1b50 WbioSrvc - ok
12:23:01.0680 0x1b50 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:23:01.0697 0x1b50 wcncsvc - ok
12:23:01.0702 0x1b50 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:23:01.0705 0x1b50 WcsPlugInService - ok
12:23:01.0713 0x1b50 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:23:01.0715 0x1b50 Wd - ok
12:23:01.0760 0x1b50 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:23:01.0786 0x1b50 Wdf01000 - ok
12:23:01.0805 0x1b50 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:23:01.0810 0x1b50 WdiServiceHost - ok
12:23:01.0814 0x1b50 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:23:01.0818 0x1b50 WdiSystemHost - ok
12:23:01.0852 0x1b50 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:23:01.0860 0x1b50 WebClient - ok
12:23:01.0874 0x1b50 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:23:01.0882 0x1b50 Wecsvc - ok
12:23:01.0892 0x1b50 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:23:01.0897 0x1b50 wercplsupport - ok
12:23:01.0912 0x1b50 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:23:01.0916 0x1b50 WerSvc - ok
12:23:01.0925 0x1b50 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:23:01.0927 0x1b50 WfpLwf - ok
12:23:01.0941 0x1b50 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:23:01.0943 0x1b50 WIMMount - ok
12:23:01.0961 0x1b50 WinDefend - ok
12:23:01.0966 0x1b50 WinHttpAutoProxySvc - ok
12:23:02.0006 0x1b50 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:23:02.0013 0x1b50 Winmgmt - ok
12:23:02.0089 0x1b50 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:23:02.0148 0x1b50 WinRM - ok
12:23:02.0195 0x1b50 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:23:02.0197 0x1b50 WinUsb - ok
12:23:02.0230 0x1b50 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:23:02.0260 0x1b50 Wlansvc - ok
12:23:02.0520 0x1b50 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:23:02.0556 0x1b50 wlidsvc - ok
12:23:02.0577 0x1b50 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:23:02.0579 0x1b50 WmiAcpi - ok
12:23:02.0601 0x1b50 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:23:02.0606 0x1b50 wmiApSrv - ok
12:23:02.0609 0x1b50 WMPNetworkSvc - ok
12:23:02.0615 0x1b50 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:23:02.0618 0x1b50 WPCSvc - ok
12:23:02.0628 0x1b50 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:23:02.0633 0x1b50 WPDBusEnum - ok
12:23:02.0643 0x1b50 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:23:02.0645 0x1b50 ws2ifsl - ok
12:23:02.0654 0x1b50 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:23:02.0659 0x1b50 wscsvc - ok
12:23:02.0701 0x1b50 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:23:02.0703 0x1b50 WSDPrintDevice - ok
12:23:02.0731 0x1b50 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
12:23:02.0733 0x1b50 WSDScan - ok
12:23:02.0736 0x1b50 WSearch - ok
12:23:02.0840 0x1b50 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:23:02.0905 0x1b50 wuauserv - ok
12:23:02.0934 0x1b50 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:23:02.0937 0x1b50 WudfPf - ok
12:23:02.0963 0x1b50 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:23:02.0970 0x1b50 WUDFRd - ok
12:23:03.0006 0x1b50 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:23:03.0012 0x1b50 wudfsvc - ok
12:23:03.0048 0x1b50 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:23:03.0065 0x1b50 WwanSvc - ok
12:23:03.0082 0x1b50 ================ Scan global ===============================
12:23:03.0103 0x1b50 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:23:03.0142 0x1b50 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:23:03.0175 0x1b50 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:23:03.0191 0x1b50 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:23:03.0210 0x1b50 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:23:03.0226 0x1b50 [ Global ] - ok
12:23:03.0227 0x1b50 ================ Scan MBR ==================================
12:23:03.0236 0x1b50 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:23:03.0403 0x1b50 \Device\Harddisk0\DR0 - ok
12:23:03.0406 0x1b50 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:23:04.0124 0x1b50 \Device\Harddisk1\DR1 - ok
12:23:04.0124 0x1b50 ================ Scan VBR ==================================
12:23:04.0152 0x1b50 [ 6E7749CE83D177B38518C6EF19FFCC41 ] \Device\Harddisk0\DR0\Partition1
12:23:04.0179 0x1b50 \Device\Harddisk0\DR0\Partition1 - ok
12:23:04.0182 0x1b50 [ 7E72767D016D004A5E4CD0D2B26955C3 ] \Device\Harddisk0\DR0\Partition2
12:23:04.0184 0x1b50 \Device\Harddisk0\DR0\Partition2 - ok
12:23:04.0186 0x1b50 [ 08D3F6DA42CD2408F3DFE40C76A402B4 ] \Device\Harddisk1\DR1\Partition1
12:23:04.0188 0x1b50 \Device\Harddisk1\DR1\Partition1 - ok
12:23:04.0189 0x1b50 ================ Scan generic autorun ======================
12:23:04.0282 0x1b50 [ 88CA0FFA894AF4B0D90B93FAA2A0A0D9, FC48386A287EB95E5D173FA358D6F0823A651C83835605892EAFD6ED11F17D6F ] c:\Program Files\Microsoft IntelliType Pro\itype.exe
12:23:04.0308 0x1b50 itype - ok
12:23:04.0408 0x1b50 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
12:23:04.0442 0x1b50 IntelliPoint - ok
12:23:04.0557 0x1b50 [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
12:23:04.0595 0x1b50 CanonMyPrinter - ok
12:23:04.0652 0x1b50 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:23:04.0674 0x1b50 AdobeAAMUpdater-1.0 - ok
12:23:04.0678 0x1b50 CTxfiHlp - ok
12:23:04.0744 0x1b50 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:23:04.0745 0x1b50 APSDaemon - ok
12:23:04.0789 0x1b50 [ BFD8FC00279EDCE90C0981C29AF90683, 8FCA9802F8AB96712CCA006735860EE1AE0CFC67CAC561DB122BA9C7204B881C ] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
12:23:04.0799 0x1b50 ASUS Ai Charger - ok
12:23:04.0839 0x1b50 Adobe Reader Speed Launcher - ok
12:23:04.0891 0x1b50 [ 8943465BEFA91044227D42E84ECB8280, 76D19CE3EB7E6C6573F250543CDC10B3601604535BFB756805AE246FA55AC265 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:23:04.0894 0x1b50 NUSB3MON - ok
12:23:04.0955 0x1b50 [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
12:23:04.0958 0x1b50 LifeCam - ok
12:23:05.0184 0x1b50 [ 76561AF4D33CFA51710A1FB8C7B3E91A, 787F292AE88BAEEB47A959477701DFEBA41C4EA6BA54B8CE6F8AB6D800D130EE ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
12:23:05.0207 0x1b50 CanonSolutionMenuEx - ok
12:23:05.0235 0x1b50 [ 9CC83F60C71DAEAFF79971E5D94C11E1, 089C6A3553CCB5807320766F2F166E391960FDD29BBA25831449F03B5036FEC1 ] C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
12:23:05.0238 0x1b50 VMonitorVMUVC - ok
12:23:05.0259 0x1b50 [ 147D0268474E2A9766C1D3F2C5DCDCEB, 0EF941C1AAFB51590ED2CC89A7B3F47293C9476DCD13157DAC5512275C92A497 ] C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
12:23:05.0265 0x1b50 VC10Player - ok
12:23:05.0323 0x1b50 [ 696A74A2E7AAD166D0A97499A43AD084, A661156C420B3198A82A6A395B986B28E89645CCFEFF4ED68B95EE5FC447E032 ] C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium\TrayServer.exe
12:23:05.0326 0x1b50 TrayServer - ok
12:23:05.0386 0x1b50 [ D2AEADFD998706B4216315B2BD3FA79E, D45634355B7733F9B6754A6FB80B7EC20C0D584A08E2F710DF612B393D96A8F9 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
12:23:05.0389 0x1b50 ISUSScheduler - ok
12:23:05.0454 0x1b50 [ 7C73B5C50CAEDB1771A049142026906B, A4992339D71A9297963C70616C4124BD701E46AEE439E09C392C2B2EBAE624E6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:23:05.0478 0x1b50 StartCCC - ok
12:23:05.0548 0x1b50 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:23:05.0563 0x1b50 Adobe ARM - ok
12:23:05.0583 0x1b50 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:23:05.0590 0x1b50 SwitchBoard - ok
12:23:05.0672 0x1b50 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
12:23:05.0698 0x1b50 AdobeCS6ServiceManager - ok
12:23:05.0808 0x1b50 [ 243B5482278830626BFE515A65253B81, 5595B9B076E8D772DB828D62740324265B3AA6B2DB829F2D130239DAEC0CD81F ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
12:23:05.0861 0x1b50 KeePass 2 PreLoad - ok
12:23:05.0941 0x1b50 [ 6DC01D7EFE861921709454B9AE18575D, 8BC8D4064EDFCFE9536A320E600B08B3089CF1CBFF62EB8E3452ABA373C0553F ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
12:23:05.0957 0x1b50 BlueStacks Agent - ok
12:23:06.0056 0x1b50 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
12:23:06.0097 0x1b50 AVMWlanClient - ok
12:23:06.0157 0x1b50 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
12:23:06.0161 0x1b50 iTunesHelper - ok
12:23:06.0218 0x1b50 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:23:06.0252 0x1b50 Sidebar - ok
12:23:06.0272 0x1b50 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:23:06.0279 0x1b50 mctadmin - ok
12:23:06.0319 0x1b50 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:23:06.0335 0x1b50 Sidebar - ok
12:23:06.0342 0x1b50 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:23:06.0344 0x1b50 mctadmin - ok
12:23:06.0467 0x1b50 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:23:06.0527 0x1b50 Sidebar - ok
12:23:06.0712 0x1b50 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe
12:23:06.0715 0x1b50 Google Update - ok
12:23:06.0742 0x1b50 msnmsgr - ok
12:23:06.0766 0x1b50 MobileDocuments - ok
12:23:06.0795 0x1b50 [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe
12:23:06.0800 0x1b50 Facebook Update - ok
12:23:06.0815 0x1b50 ISUSPM - ok
12:23:06.0815 0x1b50 ISUSPM Startup - ok
12:23:06.0844 0x1b50 [ EC58C1A9A3281CE0C8FCC05BDBFECB37, 3738BBC112346B32F686F1CB4B4AAD89B06AA1F8FB2D333BC2D2F554212A0A59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
12:23:06.0845 0x1b50 iCloudServices - ok
12:23:06.0871 0x1b50 [ 105C276BB7B43501225C419B062096D0, F5D35230FC5E116FB04147F216313D2E2542D96E975B19F5FD9F7641CF11271F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
12:23:06.0872 0x1b50 ApplePhotoStreams - ok
12:23:06.0873 0x1b50 com.apple.dav.bookmarks.daemon - ok
12:23:06.0980 0x1b50 [ 60A5CF720CE4017796DE9EB5F0B8F970, B696934264D121E6D1707CDE75CD9807157AAA33C71146D4A31739E0696C563A ] C:\Program Files (x86)\Steam\Steam.exe
12:23:07.0007 0x1b50 Steam - ok
12:23:07.0059 0x1b50 [ ED3DA146CE26D7E566ED5723B8E577C0, AEBBC32A61546028BF2B2368176149C649F078AF03338D012D86B664323872D7 ] C:\Program Files (x86)\Overwolf\Overwolf.exe
12:23:07.0060 0x1b50 Overwolf - ok
12:23:07.0120 0x1b50 [ CD5557CE0963166E4C79CD1FB7855382, F98146CB7D1F4C98163A9EEB73351E72F5F65AF435D95B36ED96E0C71D4C41C6 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe
12:23:07.0123 0x1b50 AnyDVD - ok
12:23:07.0372 0x1b50 [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Paul\AppData\Roaming\Spotify\Spotify.exe
12:23:07.0466 0x1b50 Spotify - ok
12:23:07.0563 0x1b50 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:23:07.0590 0x1b50 Spotify Web Helper - ok
12:23:07.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:08.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:09.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:10.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:11.0638 0x1b50 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
12:23:11.0659 0x1b50 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
12:23:14.0577 0x1b50 ============================================================
12:23:14.0577 0x1b50 Scan finished
12:23:14.0577 0x1b50 ============================================================
12:23:14.0585 0x0c64 Detected object count: 0
12:23:14.0586 0x0c64 Actual detected object count: 0
12:27:17.0640 0x15ec Deinitialize success
|
|
25.01.2015, 12:32
| #7 |
| | Verdacht auf Virus, der das Internet mitnutzt TDSSKiller Code:
ATTFilter 12:22:05.0973 0x1544 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:22:13.0842 0x1544 ============================================================
12:22:13.0842 0x1544 Current date / time: 2015/01/25 12:22:13.0842
12:22:13.0842 0x1544 SystemInfo:
12:22:13.0842 0x1544
12:22:13.0842 0x1544 OS Version: 6.1.7601 ServicePack: 1.0
12:22:13.0842 0x1544 Product type: Workstation
12:22:13.0843 0x1544 ComputerName: PAUL-PC
12:22:13.0843 0x1544 UserName: Paul
12:22:13.0843 0x1544 Windows directory: C:\Windows
12:22:13.0843 0x1544 System windows directory: C:\Windows
12:22:13.0843 0x1544 Running under WOW64
12:22:13.0843 0x1544 Processor architecture: Intel x64
12:22:13.0843 0x1544 Number of processors: 4
12:22:13.0843 0x1544 Page size: 0x1000
12:22:13.0843 0x1544 Boot type: Normal boot
12:22:13.0843 0x1544 ============================================================
12:22:15.0648 0x1544 KLMD registered as C:\Windows\system32\drivers\91634602.sys
12:22:15.0952 0x1544 System UUID: {452A613B-7B89-D48E-BB9D-34B44B34754D}
12:22:16.0484 0x1544 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:22:16.0490 0x1544 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:22:31.0112 0x1544 ============================================================
12:22:31.0112 0x1544 \Device\Harddisk0\DR0:
12:22:31.0139 0x1544 MBR partitions:
12:22:31.0139 0x1544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5C065982
12:22:31.0139 0x1544 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5C066000, BlocksNum 0x186A0000
12:22:31.0139 0x1544 \Device\Harddisk1\DR1:
12:22:31.0151 0x1544 MBR partitions:
12:22:31.0151 0x1544 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
12:22:31.0151 0x1544 ============================================================
12:22:31.0184 0x1544 C: <-> \Device\Harddisk0\DR0\Partition1
12:22:31.0202 0x1544 N: <-> \Device\Harddisk1\DR1\Partition1
12:22:31.0230 0x1544 F: <-> \Device\Harddisk0\DR0\Partition2
12:22:31.0230 0x1544 ============================================================
12:22:31.0230 0x1544 Initialize success
12:22:31.0230 0x1544 ============================================================
12:22:35.0024 0x1b50 ============================================================
12:22:35.0025 0x1b50 Scan started
12:22:35.0025 0x1b50 Mode: Manual;
12:22:35.0025 0x1b50 ============================================================
12:22:35.0025 0x1b50 KSN ping started
12:22:38.0958 0x1b50 KSN ping finished: true
12:22:40.0823 0x1b50 ================ Scan system memory ========================
12:22:40.0823 0x1b50 System memory - ok
12:22:40.0823 0x1b50 ================ Scan services =============================
12:22:40.0929 0x1b50 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:22:40.0937 0x1b50 1394ohci - ok
12:22:41.0013 0x1b50 [ CF43E9BAEBD41844856D14DBE9C07CD7, C8DE2166B91F74B50EB20D7B588CC7CAAC29F0427D3012140BB7D56A3F4B3450 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
12:22:41.0034 0x1b50 acedrv11 - ok
12:22:41.0057 0x1b50 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:22:41.0064 0x1b50 ACPI - ok
12:22:41.0087 0x1b50 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:22:41.0089 0x1b50 AcpiPmi - ok
12:22:41.0191 0x1b50 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:22:41.0193 0x1b50 AdobeARMservice - ok
12:22:41.0436 0x1b50 [ 73F937DCC68E13C752D59FE33BE62FC5, 60F6ED81FCB3655372A87311296E79139F9FA41B7A1473F54422EAD2C592C04C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:22:41.0445 0x1b50 AdobeFlashPlayerUpdateSvc - ok
12:22:41.0481 0x1b50 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:22:41.0508 0x1b50 adp94xx - ok
12:22:41.0529 0x1b50 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:22:41.0546 0x1b50 adpahci - ok
12:22:41.0566 0x1b50 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:22:41.0572 0x1b50 adpu320 - ok
12:22:41.0597 0x1b50 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:22:41.0600 0x1b50 AeLookupSvc - ok
12:22:41.0658 0x1b50 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:22:41.0683 0x1b50 AFD - ok
12:22:41.0698 0x1b50 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:22:41.0702 0x1b50 agp440 - ok
12:22:41.0736 0x1b50 [ A41B855EDC1F141851E27F984827942C, 7BCB8C5962BED2C773CDD05BBA34F00502BB6844B9F5C83A173399CFFA8F8CDE ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
12:22:41.0737 0x1b50 AiCharger - ok
12:22:41.0750 0x1b50 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:22:41.0754 0x1b50 ALG - ok
12:22:41.0781 0x1b50 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:22:41.0783 0x1b50 aliide - ok
12:22:41.0833 0x1b50 [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:22:41.0841 0x1b50 AMD External Events Utility - ok
12:22:41.0863 0x1b50 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:22:41.0865 0x1b50 amdide - ok
12:22:41.0878 0x1b50 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:22:41.0881 0x1b50 AmdK8 - ok
12:22:42.0206 0x1b50 [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:22:42.0512 0x1b50 amdkmdag - ok
12:22:42.0586 0x1b50 [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:22:42.0608 0x1b50 amdkmdap - ok
12:22:42.0621 0x1b50 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:22:42.0623 0x1b50 AmdPPM - ok
12:22:42.0651 0x1b50 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:22:42.0655 0x1b50 amdsata - ok
12:22:42.0672 0x1b50 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:22:42.0679 0x1b50 amdsbs - ok
12:22:42.0688 0x1b50 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:22:42.0690 0x1b50 amdxata - ok
12:22:42.0764 0x1b50 [ 4D8EBB1749651A5BAF59EB89878B2EE4, EE1DE79F078D60978219EEECB29520D6BC035D69A3D5C86C232BA1B92F55577D ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
12:22:42.0771 0x1b50 AnyDVD - ok
12:22:42.0800 0x1b50 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:22:42.0803 0x1b50 AppID - ok
12:22:42.0814 0x1b50 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:22:42.0817 0x1b50 AppIDSvc - ok
12:22:42.0849 0x1b50 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:22:42.0853 0x1b50 Appinfo - ok
12:22:42.0938 0x1b50 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:22:42.0940 0x1b50 Apple Mobile Device - ok
12:22:42.0964 0x1b50 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:22:42.0971 0x1b50 AppMgmt - ok
12:22:42.0982 0x1b50 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:22:42.0986 0x1b50 arc - ok
12:22:42.0999 0x1b50 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:22:43.0003 0x1b50 arcsas - ok
12:22:43.0059 0x1b50 [ 3B52CA3643113058ED95097CBA4AE469, 3116728826AF50FEB1FC17A1BC390982DB2A226990763C73D7854CFCA7D6B5BB ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe
12:22:43.0074 0x1b50 asHmComSvc - ok
12:22:43.0091 0x1b50 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:22:43.0093 0x1b50 AsIO - ok
12:22:43.0188 0x1b50 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:22:43.0192 0x1b50 aspnet_state - ok
12:22:43.0228 0x1b50 [ E781164C7D47950E3D218C84B2901CB2, D9A62D28DFE41E34C3D9F3F53722F7DE419D709E9D1FC4B8CDFC970ADC1A8FC9 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
12:22:43.0232 0x1b50 AsSysCtrlService - ok
12:22:43.0255 0x1b50 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:22:43.0258 0x1b50 AsyncMac - ok
12:22:43.0283 0x1b50 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:22:43.0284 0x1b50 atapi - ok
12:22:43.0310 0x1b50 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:22:43.0314 0x1b50 AtiHDAudioService - ok
12:22:43.0350 0x1b50 [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
12:22:43.0354 0x1b50 atksgt - ok
12:22:43.0405 0x1b50 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:22:43.0429 0x1b50 AudioEndpointBuilder - ok
12:22:43.0455 0x1b50 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:22:43.0465 0x1b50 AudioSrv - ok
12:22:43.0547 0x1b50 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
12:22:43.0564 0x1b50 AVM WLAN Connection Service - ok
12:22:43.0592 0x1b50 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
12:22:43.0594 0x1b50 avmeject - ok
12:22:43.0677 0x1b50 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
12:22:43.0682 0x1b50 AVP15.0.0 - ok
12:22:43.0707 0x1b50 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:22:43.0712 0x1b50 AxInstSV - ok
12:22:43.0740 0x1b50 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:22:43.0763 0x1b50 b06bdrv - ok
12:22:43.0783 0x1b50 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:22:43.0791 0x1b50 b57nd60a - ok
12:22:43.0809 0x1b50 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:22:43.0813 0x1b50 BDESVC - ok
12:22:43.0824 0x1b50 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:22:43.0826 0x1b50 Beep - ok
12:22:43.0864 0x1b50 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:22:43.0890 0x1b50 BFE - ok
12:22:43.0933 0x1b50 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:22:43.0967 0x1b50 BITS - ok
12:22:43.0978 0x1b50 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:22:43.0980 0x1b50 blbdrive - ok
12:22:44.0014 0x1b50 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:22:44.0049 0x1b50 bowser - ok
12:22:44.0070 0x1b50 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:22:44.0072 0x1b50 BrFiltLo - ok
12:22:44.0079 0x1b50 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:22:44.0081 0x1b50 BrFiltUp - ok
12:22:44.0096 0x1b50 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:22:44.0101 0x1b50 Browser - ok
12:22:44.0117 0x1b50 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:22:44.0126 0x1b50 Brserid - ok
12:22:44.0136 0x1b50 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:22:44.0139 0x1b50 BrSerWdm - ok
12:22:44.0147 0x1b50 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:22:44.0149 0x1b50 BrUsbMdm - ok
12:22:44.0157 0x1b50 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:22:44.0159 0x1b50 BrUsbSer - ok
12:22:44.0251 0x1b50 [ 8779C3C1A4BF6526F8655D07B736E60B, 02F6A33355C348A49EA7CE84B644CB7CA7A201FC4D7B371EEE3CDAD5CB3AD5B2 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
12:22:44.0275 0x1b50 BstHdAndroidSvc - ok
12:22:44.0369 0x1b50 [ A2552839132B07E223F6027B9BB277CC, D929F5E8348E5A45CF75562D653EA7D68803FCE948566C58C8384F58E6CACBF6 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
12:22:44.0373 0x1b50 BstHdDrv - ok
12:22:44.0421 0x1b50 [ D4D0C20A704E7F2461972D4B09C99B2F, F80BBCB9604CF1956DBE8F200EB96603E9573D55C4FB31B42DAD877852E93CEF ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
12:22:44.0430 0x1b50 BstHdLogRotatorSvc - ok
12:22:44.0461 0x1b50 [ 253D86E6CEEFB5828C3DFF14D855E6C6, AFB750345809D1E0EBDC7BC24B05B0A08F0F576586CB2AF0E58C7DA7195FA45B ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
12:22:44.0473 0x1b50 BstHdUpdaterSvc - ok
12:22:44.0492 0x1b50 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:22:44.0495 0x1b50 BTHMODEM - ok
12:22:44.0511 0x1b50 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:22:44.0514 0x1b50 bthserv - ok
12:22:44.0524 0x1b50 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:22:44.0527 0x1b50 cdfs - ok
12:22:44.0542 0x1b50 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:22:44.0547 0x1b50 cdrom - ok
12:22:44.0560 0x1b50 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:22:44.0563 0x1b50 CertPropSvc - ok
12:22:44.0576 0x1b50 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:22:44.0579 0x1b50 circlass - ok
12:22:44.0599 0x1b50 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:22:44.0615 0x1b50 CLFS - ok
12:22:44.0664 0x1b50 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:22:44.0668 0x1b50 clr_optimization_v2.0.50727_32 - ok
12:22:44.0709 0x1b50 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:22:44.0713 0x1b50 clr_optimization_v2.0.50727_64 - ok
12:22:44.0788 0x1b50 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:22:44.0792 0x1b50 clr_optimization_v4.0.30319_32 - ok
12:22:44.0809 0x1b50 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:22:44.0814 0x1b50 clr_optimization_v4.0.30319_64 - ok
12:22:44.0823 0x1b50 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:22:44.0825 0x1b50 CmBatt - ok
12:22:44.0854 0x1b50 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:22:44.0856 0x1b50 cmdide - ok
12:22:44.0903 0x1b50 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:22:44.0928 0x1b50 CNG - ok
12:22:44.0941 0x1b50 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:22:44.0944 0x1b50 Compbatt - ok
12:22:44.0956 0x1b50 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:22:44.0959 0x1b50 CompositeBus - ok
12:22:44.0963 0x1b50 COMSysApp - ok
12:22:44.0974 0x1b50 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:22:44.0976 0x1b50 crcdisk - ok
12:22:45.0016 0x1b50 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:22:45.0019 0x1b50 Creative Audio Engine Licensing Service - ok
12:22:45.0054 0x1b50 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:22:45.0061 0x1b50 CryptSvc - ok
12:22:45.0089 0x1b50 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:22:45.0115 0x1b50 CSC - ok
12:22:45.0145 0x1b50 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:22:45.0175 0x1b50 CscService - ok
12:22:45.0204 0x1b50 [ 229E3B8F266ABDAFD54E4A372B9D5DDC, 2FA1518C12D6DB71FD88CE18BA0560D8D26379A3B97240187AA2F7FB7D3FAA87 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
12:22:45.0211 0x1b50 CT20XUT - ok
12:22:45.0223 0x1b50 [ 229E3B8F266ABDAFD54E4A372B9D5DDC, 2FA1518C12D6DB71FD88CE18BA0560D8D26379A3B97240187AA2F7FB7D3FAA87 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
12:22:45.0228 0x1b50 CT20XUT.SYS - ok
12:22:45.0254 0x1b50 [ EB3843A91A10150C9E05607CBCB44090, DCFA097E089A3710AD352373C3CC3484F2461D86AB53561618406815928C0227 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
12:22:45.0276 0x1b50 ctac32k - ok
12:22:45.0306 0x1b50 [ BC06EFB59A2316537765462DFE40F764, EE4D439D659C4D12195202841F5CBD0C4F1529FBCD2DA73BE90D2F24300478C3 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
12:22:45.0333 0x1b50 ctaud2k - ok
12:22:45.0371 0x1b50 [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
12:22:45.0381 0x1b50 CTAudSvcService - ok
12:22:45.0436 0x1b50 [ 63B2B6CE9D3EF182981FB64BD5433DA4, D2ED11E38F3FD852844C2B184B903FBF1AE14EE93339114EAADBBA88A4AEDD9B ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
12:22:45.0479 0x1b50 CTEXFIFX - ok
12:22:45.0527 0x1b50 [ 63B2B6CE9D3EF182981FB64BD5433DA4, D2ED11E38F3FD852844C2B184B903FBF1AE14EE93339114EAADBBA88A4AEDD9B ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
12:22:45.0548 0x1b50 CTEXFIFX.SYS - ok
12:22:45.0563 0x1b50 [ 6D115CC80873B85FD80DDA1C41F75A2C, DF08AB8B2C621473E6B373159D57F365077738BFCE3C75D095FFBE44A271F591 ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
12:22:45.0567 0x1b50 CTHWIUT - ok
12:22:45.0571 0x1b50 [ 6D115CC80873B85FD80DDA1C41F75A2C, DF08AB8B2C621473E6B373159D57F365077738BFCE3C75D095FFBE44A271F591 ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
12:22:45.0573 0x1b50 CTHWIUT.SYS - ok
12:22:45.0587 0x1b50 [ EBC9548EF5838CB5AA8F18B3AC28AF12, BD7B6E203D03D44A1A5BCE79A8857B48E46EBF58320D7056AAB2186A88DE7E2D ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
12:22:45.0588 0x1b50 ctprxy2k - ok
12:22:45.0608 0x1b50 [ 459BEE1682121842285C162E2D98D81A, 6F7A8286B9F5A752487A54F37F5AA21757D0A4BDB7494E319E19C43C2D45A582 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
12:22:45.0614 0x1b50 ctsfm2k - ok
12:22:45.0640 0x1b50 [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
12:22:45.0642 0x1b50 dc3d - ok
12:22:45.0672 0x1b50 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:22:45.0698 0x1b50 DcomLaunch - ok
12:22:45.0728 0x1b50 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:22:45.0736 0x1b50 defragsvc - ok
12:22:45.0748 0x1b50 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:22:45.0752 0x1b50 DfsC - ok
12:22:45.0772 0x1b50 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:22:45.0789 0x1b50 Dhcp - ok
12:22:45.0803 0x1b50 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:22:45.0806 0x1b50 discache - ok
12:22:45.0835 0x1b50 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:22:45.0838 0x1b50 Disk - ok
12:22:45.0862 0x1b50 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:22:45.0865 0x1b50 dmvsc - ok
12:22:45.0900 0x1b50 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:22:45.0907 0x1b50 Dnscache - ok
12:22:45.0928 0x1b50 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:22:45.0937 0x1b50 dot3svc - ok
12:22:45.0960 0x1b50 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:22:45.0967 0x1b50 DPS - ok
12:22:46.0007 0x1b50 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:22:46.0049 0x1b50 drmkaud - ok
12:22:46.0109 0x1b50 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:22:46.0143 0x1b50 DXGKrnl - ok
12:22:46.0186 0x1b50 [ D53A04F8CB50F87D57B19E3B06822CEB, 2EA2D0B3AA4E4062EC21985A1BBFAFAFF79D18A6F6B5ED908561F31156FEF436 ] DxVGrb C:\Windows\system32\drivers\DxVGrb.sys
12:22:46.0194 0x1b50 DxVGrb - ok
12:22:46.0213 0x1b50 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:22:46.0218 0x1b50 EapHost - ok
12:22:46.0323 0x1b50 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:22:46.0419 0x1b50 ebdrv - ok
12:22:46.0493 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:22:46.0495 0x1b50 EFS - ok
12:22:46.0552 0x1b50 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:22:46.0583 0x1b50 ehRecvr - ok
12:22:46.0601 0x1b50 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:22:46.0605 0x1b50 ehSched - ok
12:22:46.0676 0x1b50 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
12:22:46.0679 0x1b50 ElbyCDIO - ok
12:22:46.0702 0x1b50 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:22:46.0727 0x1b50 elxstor - ok
12:22:46.0742 0x1b50 [ C26133B6165928FBD156C6FE570F9ED2, E7DD3A187E493F4BBC604B553578C7BC68F7C9B8FC952BE2FDDB3794E993F43A ] emupia C:\Windows\system32\drivers\emupia2k.sys
12:22:46.0746 0x1b50 emupia - ok
12:22:46.0760 0x1b50 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:22:46.0762 0x1b50 ErrDev - ok
12:22:46.0791 0x1b50 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:22:46.0812 0x1b50 EventSystem - ok
12:22:46.0827 0x1b50 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:22:46.0834 0x1b50 exfat - ok
12:22:46.0877 0x1b50 Fabs - ok
12:22:46.0897 0x1b50 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:22:46.0904 0x1b50 fastfat - ok
12:22:46.0942 0x1b50 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:22:46.0968 0x1b50 Fax - ok
12:22:46.0984 0x1b50 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:22:46.0986 0x1b50 fdc - ok
12:22:47.0001 0x1b50 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:22:47.0004 0x1b50 fdPHost - ok
12:22:47.0016 0x1b50 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:22:47.0019 0x1b50 FDResPub - ok
12:22:47.0032 0x1b50 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:22:47.0035 0x1b50 FileInfo - ok
12:22:47.0049 0x1b50 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:22:47.0051 0x1b50 Filetrace - ok
12:22:47.0162 0x1b50 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
12:22:47.0248 0x1b50 FirebirdServerMAGIXInstance - ok
12:22:47.0272 0x1b50 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:22:47.0273 0x1b50 flpydisk - ok
12:22:47.0286 0x1b50 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:22:47.0293 0x1b50 FltMgr - ok
12:22:47.0364 0x1b50 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:22:47.0407 0x1b50 FontCache - ok
12:22:47.0434 0x1b50 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:22:47.0435 0x1b50 FontCache3.0.0.0 - ok
12:22:47.0450 0x1b50 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:22:47.0453 0x1b50 FsDepends - ok
12:22:47.0480 0x1b50 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:22:47.0482 0x1b50 Fs_Rec - ok
12:22:47.0523 0x1b50 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:22:47.0530 0x1b50 fvevol - ok
12:22:47.0595 0x1b50 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
12:22:47.0626 0x1b50 fwlanusb5 - ok
12:22:47.0674 0x1b50 [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
12:22:47.0704 0x1b50 fwlanusbn - ok
12:22:47.0721 0x1b50 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:22:47.0724 0x1b50 gagp30kx - ok
12:22:47.0755 0x1b50 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:22:47.0757 0x1b50 GEARAspiWDM - ok
12:22:47.0792 0x1b50 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:22:47.0821 0x1b50 gpsvc - ok
12:22:47.0879 0x1b50 [ A3F010D5DBFB589A3B3288C05C2EA3F9, 080EA07B0840D6922D37EDBAB61A24AD691B0E97C929FB9FFB929C134C30DFD4 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
12:22:47.0924 0x1b50 ha20x2k - ok
12:22:47.0958 0x1b50 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:22:47.0960 0x1b50 hamachi - ok
12:22:47.0974 0x1b50 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:22:47.0976 0x1b50 hcw85cir - ok
12:22:48.0007 0x1b50 [ 1DBFA37256022C31795C96C8E143A3C2, 7815B30DBC225C05448387DBF8E2231D6EF015B8C9E5DB36B650521670A4295D ] HCW88AUD C:\Windows\system32\drivers\hcw88aud.sys
12:22:48.0009 0x1b50 HCW88AUD - ok
12:22:48.0059 0x1b50 [ D9F81FB1D19D167B58825A75B4F1EDDB, 2B3236F11450F1BFB58D8B98B3DE9A58C91A9DC8B48ECEC3A82D0C7DCA90D5D3 ] HCW88BDA C:\Windows\system32\drivers\hcw88bda.sys
12:22:48.0076 0x1b50 HCW88BDA - ok
12:22:48.0116 0x1b50 [ 0413459C8BB193D9FEBA459501B8650F, 7EB8DC045C2EDAF4885F5E5116F8C03B03FC9AB2A2F22AA25958047DFEF09D51 ] HCW88TSE C:\Windows\system32\drivers\hcw88tse.sys
12:22:48.0133 0x1b50 HCW88TSE - ok
12:22:48.0166 0x1b50 [ 8C1120A6F6B18E59335E556CD9D7F3C0, 60F704FADF311C5178D5958E14B4FE66710E3DA43E84E6B5A9BEA6B7BAA9D08A ] HCW88TUNE C:\Windows\system32\drivers\hcw88tun.sys
12:22:48.0170 0x1b50 HCW88TUNE - ok
12:22:48.0214 0x1b50 [ 4E92B44EB359F4B129D1A0831D65D954, 8118F0A3175D33173289544CEEE3A3D2B6A1B205A97FC6E620E01B32576616D7 ] hcw88vid C:\Windows\system32\drivers\hcw88vid.sys
12:22:48.0237 0x1b50 hcw88vid - ok
12:22:48.0251 0x1b50 [ E00F95ABE9080C8EFDCFFCC2D631532D, 7D227353C1E32D8CC1FB48E34D81EF32E2E35DC1BAF63B0BC045962C82102B52 ] HCW88XBAR C:\Windows\system32\drivers\HCW88BAR.sys
12:22:48.0253 0x1b50 HCW88XBAR - ok
12:22:48.0309 0x1b50 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:22:48.0326 0x1b50 HdAudAddService - ok
12:22:48.0340 0x1b50 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:22:48.0344 0x1b50 HDAudBus - ok
12:22:48.0371 0x1b50 [ 62FB29642745DD290910BFD79537FCE0, 56206F936958082B3A2AD93E4E5C7EDA9518A6F12670C6F26EC7A35D0D5305DF ] HH10Help.sys C:\Windows\system32\drivers\HH10Help.sys
12:22:48.0373 0x1b50 HH10Help.sys - ok
12:22:48.0382 0x1b50 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:22:48.0384 0x1b50 HidBatt - ok
12:22:48.0400 0x1b50 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:22:48.0404 0x1b50 HidBth - ok
12:22:48.0413 0x1b50 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:22:48.0415 0x1b50 HidIr - ok
12:22:48.0424 0x1b50 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:22:48.0427 0x1b50 hidserv - ok
12:22:48.0463 0x1b50 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:22:48.0466 0x1b50 HidUsb - ok
12:22:48.0490 0x1b50 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:22:48.0495 0x1b50 hkmsvc - ok
12:22:48.0514 0x1b50 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:22:48.0531 0x1b50 HomeGroupListener - ok
12:22:48.0555 0x1b50 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:22:48.0564 0x1b50 HomeGroupProvider - ok
12:22:48.0579 0x1b50 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:22:48.0583 0x1b50 HpSAMD - ok
12:22:48.0620 0x1b50 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:22:48.0654 0x1b50 HTTP - ok
12:22:48.0669 0x1b50 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:22:48.0672 0x1b50 hwpolicy - ok
12:22:48.0695 0x1b50 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:22:48.0699 0x1b50 i8042prt - ok
12:22:48.0736 0x1b50 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:22:48.0757 0x1b50 iaStorV - ok
12:22:48.0915 0x1b50 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:22:48.0947 0x1b50 IDriverT - ok
12:22:49.0184 0x1b50 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:22:49.0234 0x1b50 idsvc - ok
12:22:49.0264 0x1b50 IEEtwCollectorService - ok
12:22:49.0278 0x1b50 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:22:49.0281 0x1b50 iirsp - ok
12:22:49.0329 0x1b50 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:22:49.0358 0x1b50 IKEEXT - ok
12:22:49.0381 0x1b50 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:22:49.0383 0x1b50 intelide - ok
12:22:49.0407 0x1b50 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:22:49.0409 0x1b50 intelppm - ok
12:22:49.0434 0x1b50 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:22:49.0439 0x1b50 IPBusEnum - ok
12:22:49.0449 0x1b50 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:22:49.0453 0x1b50 IpFilterDriver - ok
12:22:49.0504 0x1b50 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:22:49.0530 0x1b50 iphlpsvc - ok
12:22:49.0547 0x1b50 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:22:49.0551 0x1b50 IPMIDRV - ok
12:22:49.0566 0x1b50 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:22:49.0571 0x1b50 IPNAT - ok
12:22:49.0651 0x1b50 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:22:49.0665 0x1b50 iPod Service - ok
12:22:49.0684 0x1b50 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:22:49.0686 0x1b50 IRENUM - ok
12:22:49.0697 0x1b50 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:22:49.0699 0x1b50 isapnp - ok
12:22:49.0741 0x1b50 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:22:49.0750 0x1b50 iScsiPrt - ok
12:22:49.0763 0x1b50 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:22:49.0766 0x1b50 kbdclass - ok
12:22:49.0775 0x1b50 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:22:49.0778 0x1b50 kbdhid - ok
12:22:49.0792 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:22:49.0794 0x1b50 KeyIso - ok
12:22:49.0839 0x1b50 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
12:22:49.0865 0x1b50 kl1 - ok
12:22:49.0905 0x1b50 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
12:22:49.0911 0x1b50 klflt - ok
12:22:49.0961 0x1b50 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\Windows\system32\DRIVERS\klhk.sys
12:22:49.0969 0x1b50 klhk - ok
12:22:50.0030 0x1b50 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
12:22:50.0064 0x1b50 KLIF - ok
12:22:50.0102 0x1b50 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
12:22:50.0104 0x1b50 KLIM6 - ok
12:22:50.0127 0x1b50 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
12:22:50.0130 0x1b50 klkbdflt - ok
12:22:50.0142 0x1b50 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
12:22:50.0145 0x1b50 klmouflt - ok
12:22:50.0175 0x1b50 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
12:22:50.0177 0x1b50 klpd - ok
12:22:50.0213 0x1b50 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
12:22:50.0216 0x1b50 kltdi - ok
12:22:50.0246 0x1b50 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
12:22:50.0252 0x1b50 kneps - ok
12:22:50.0314 0x1b50 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:22:50.0318 0x1b50 KSecDD - ok
12:22:50.0356 0x1b50 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:22:50.0362 0x1b50 KSecPkg - ok
12:22:50.0374 0x1b50 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:22:50.0377 0x1b50 ksthunk - ok
12:22:50.0402 0x1b50 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:22:50.0425 0x1b50 KtmRm - ok
12:22:50.0451 0x1b50 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:22:50.0468 0x1b50 LanmanServer - ok
12:22:50.0489 0x1b50 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:22:50.0496 0x1b50 LanmanWorkstation - ok
12:22:50.0523 0x1b50 [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
12:22:50.0526 0x1b50 lirsgt - ok
12:22:50.0539 0x1b50 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:22:50.0543 0x1b50 lltdio - ok
12:22:50.0561 0x1b50 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:22:50.0578 0x1b50 lltdsvc - ok
12:22:50.0587 0x1b50 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:22:50.0590 0x1b50 lmhosts - ok
12:22:50.0614 0x1b50 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:22:50.0618 0x1b50 LSI_FC - ok
12:22:50.0635 0x1b50 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:22:50.0639 0x1b50 LSI_SAS - ok
12:22:50.0652 0x1b50 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:22:50.0656 0x1b50 LSI_SAS2 - ok
12:22:50.0673 0x1b50 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:22:50.0678 0x1b50 LSI_SCSI - ok
12:22:50.0691 0x1b50 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:22:50.0695 0x1b50 luafv - ok
12:22:50.0710 0x1b50 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:22:50.0715 0x1b50 Mcx2Svc - ok
12:22:50.0724 0x1b50 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:22:50.0727 0x1b50 megasas - ok
12:22:50.0749 0x1b50 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:22:50.0766 0x1b50 MegaSR - ok
12:22:50.0783 0x1b50 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:22:50.0787 0x1b50 MMCSS - ok
12:22:50.0799 0x1b50 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:22:50.0802 0x1b50 Modem - ok
12:22:50.0811 0x1b50 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:22:50.0812 0x1b50 monitor - ok
12:22:50.0817 0x1b50 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:22:50.0819 0x1b50 mouclass - ok
12:22:50.0832 0x1b50 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:22:50.0835 0x1b50 mouhid - ok
12:22:50.0848 0x1b50 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:22:50.0851 0x1b50 mountmgr - ok
12:22:50.0891 0x1b50 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:22:50.0895 0x1b50 MozillaMaintenance - ok
12:22:50.0910 0x1b50 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:22:50.0916 0x1b50 mpio - ok
12:22:50.0948 0x1b50 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:22:50.0952 0x1b50 mpsdrv - ok
12:22:50.0985 0x1b50 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:22:51.0014 0x1b50 MpsSvc - ok
12:22:51.0042 0x1b50 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:22:51.0048 0x1b50 MRxDAV - ok
12:22:51.0074 0x1b50 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:22:51.0082 0x1b50 mrxsmb - ok
12:22:51.0097 0x1b50 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:22:51.0105 0x1b50 mrxsmb10 - ok
12:22:51.0129 0x1b50 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:22:51.0133 0x1b50 mrxsmb20 - ok
12:22:51.0162 0x1b50 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:22:51.0164 0x1b50 msahci - ok
12:22:51.0203 0x1b50 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
12:22:51.0207 0x1b50 MSCamSvc - ok
12:22:51.0221 0x1b50 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:22:51.0226 0x1b50 msdsm - ok
12:22:51.0239 0x1b50 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:22:51.0246 0x1b50 MSDTC - ok
12:22:51.0255 0x1b50 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:22:51.0257 0x1b50 Msfs - ok
12:22:51.0268 0x1b50 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:22:51.0270 0x1b50 mshidkmdf - ok
12:22:51.0286 0x1b50 [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
12:22:51.0289 0x1b50 MSHUSBVideo - ok
12:22:51.0297 0x1b50 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:22:51.0298 0x1b50 msisadrv - ok
12:22:51.0321 0x1b50 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:22:51.0326 0x1b50 MSiSCSI - ok
12:22:51.0329 0x1b50 msiserver - ok
12:22:51.0350 0x1b50 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:22:51.0351 0x1b50 MSKSSRV - ok
12:22:51.0358 0x1b50 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:22:51.0360 0x1b50 MSPCLOCK - ok
12:22:51.0372 0x1b50 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:22:51.0374 0x1b50 MSPQM - ok
12:22:51.0396 0x1b50 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:22:51.0413 0x1b50 MsRPC - ok
12:22:51.0429 0x1b50 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:22:51.0429 0x1b50 mssmbios - ok
12:22:51.0443 0x1b50 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:22:51.0445 0x1b50 MSTEE - ok
12:22:51.0454 0x1b50 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:22:51.0456 0x1b50 MTConfig - ok
12:22:51.0485 0x1b50 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:22:51.0487 0x1b50 MTsensor - ok
12:22:51.0498 0x1b50 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:22:51.0501 0x1b50 Mup - ok
12:22:51.0530 0x1b50 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:22:51.0556 0x1b50 napagent - ok
12:22:51.0574 0x1b50 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:22:51.0591 0x1b50 NativeWifiP - ok
12:22:51.0654 0x1b50 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:22:51.0688 0x1b50 NDIS - ok
12:22:51.0697 0x1b50 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:22:51.0700 0x1b50 NdisCap - ok
12:22:51.0723 0x1b50 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:22:51.0725 0x1b50 NdisTapi - ok
12:22:51.0738 0x1b50 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:22:51.0741 0x1b50 Ndisuio - ok
12:22:51.0754 0x1b50 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:22:51.0759 0x1b50 NdisWan - ok
12:22:51.0770 0x1b50 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:22:51.0773 0x1b50 NDProxy - ok
12:22:51.0825 0x1b50 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
12:22:51.0827 0x1b50 Netaapl - ok
12:22:51.0837 0x1b50 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:22:51.0840 0x1b50 NetBIOS - ok
12:22:51.0857 0x1b50 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:22:51.0865 0x1b50 NetBT - ok
12:22:51.0874 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:22:51.0876 0x1b50 Netlogon - ok
12:22:51.0907 0x1b50 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:22:51.0928 0x1b50 Netman - ok
12:22:51.0966 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:51.0972 0x1b50 NetMsmqActivator - ok
12:22:51.0979 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:51.0982 0x1b50 NetPipeActivator - ok
12:22:52.0014 0x1b50 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:22:52.0039 0x1b50 netprofm - ok
12:22:52.0048 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:52.0052 0x1b50 NetTcpActivator - ok
12:22:52.0058 0x1b50 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:52.0062 0x1b50 NetTcpPortSharing - ok
12:22:52.0074 0x1b50 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:22:52.0077 0x1b50 nfrd960 - ok
12:22:52.0111 0x1b50 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:22:52.0128 0x1b50 NlaSvc - ok
12:22:52.0132 0x1b50 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:22:52.0134 0x1b50 Npfs - ok
12:22:52.0143 0x1b50 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:22:52.0145 0x1b50 nsi - ok
12:22:52.0151 0x1b50 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:22:52.0153 0x1b50 nsiproxy - ok
12:22:52.0224 0x1b50 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:22:52.0275 0x1b50 Ntfs - ok
12:22:52.0291 0x1b50 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:22:52.0295 0x1b50 Null - ok
12:22:52.0333 0x1b50 [ D584ABB6A308933A5F72B46C9E5A783F, 31922A27B3A9A64A9F71B7591FCAC6E0ACD15E36B9BFC4B4D75DE473E0F5CF6B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:22:52.0337 0x1b50 nusb3hub - ok
12:22:52.0378 0x1b50 [ 345B9C04E2036DA4346E3249A5BDFD06, 2FCA4661757EC8E33F6D1E8066165C0E0A0D32649318412A79A915B83496236A ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:22:52.0385 0x1b50 nusb3xhc - ok
12:22:52.0406 0x1b50 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:22:52.0412 0x1b50 nvraid - ok
12:22:52.0444 0x1b50 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:22:52.0451 0x1b50 nvstor - ok
12:22:52.0468 0x1b50 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:22:52.0472 0x1b50 nv_agp - ok
12:22:52.0530 0x1b50 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:22:52.0553 0x1b50 odserv - ok
12:22:52.0565 0x1b50 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:22:52.0568 0x1b50 ohci1394 - ok
12:22:52.0617 0x1b50 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:22:52.0623 0x1b50 ose - ok
12:22:52.0645 0x1b50 [ 0E2DE427EBE106E7E5B52869D5C99F68, D61B1B8847BC561785B64507D1D551B0184B1ACED960AF629F7AF5D6C3A30BB1 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
12:22:52.0652 0x1b50 ossrv - ok
12:22:52.0752 0x1b50 [ 79E8523EAB6C32EC634BD815B35B2DAE, 7B1467998772F3661D0F6355D0B8D8B06CEB8A0D929EBBACE1F696CFD9D75698 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
12:22:52.0788 0x1b50 OverwolfUpdater - ok
12:22:52.0811 0x1b50 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:22:52.0828 0x1b50 p2pimsvc - ok
12:22:52.0845 0x1b50 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:22:52.0862 0x1b50 p2psvc - ok
12:22:52.0871 0x1b50 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:22:52.0874 0x1b50 Parport - ok
12:22:52.0907 0x1b50 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:22:52.0910 0x1b50 partmgr - ok
12:22:52.0945 0x1b50 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:22:52.0953 0x1b50 PcaSvc - ok
12:22:52.0970 0x1b50 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:22:52.0975 0x1b50 pci - ok
12:22:53.0005 0x1b50 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:22:53.0007 0x1b50 pciide - ok
12:22:53.0025 0x1b50 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:22:53.0032 0x1b50 pcmcia - ok
12:22:53.0042 0x1b50 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:22:53.0044 0x1b50 pcw - ok
12:22:53.0074 0x1b50 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:22:53.0099 0x1b50 PEAUTH - ok
12:22:53.0154 0x1b50 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:22:53.0200 0x1b50 PeerDistSvc - ok
12:22:53.0261 0x1b50 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:22:53.0264 0x1b50 PerfHost - ok
12:22:53.0323 0x1b50 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:22:53.0365 0x1b50 pla - ok
12:22:53.0417 0x1b50 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:22:53.0436 0x1b50 PlugPlay - ok
12:22:53.0446 0x1b50 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:22:53.0450 0x1b50 PNRPAutoReg - ok
12:22:53.0471 0x1b50 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:22:53.0480 0x1b50 PNRPsvc - ok
12:22:53.0513 0x1b50 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:22:53.0515 0x1b50 Point64 - ok
12:22:53.0540 0x1b50 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:22:53.0562 0x1b50 PolicyAgent - ok
12:22:53.0584 0x1b50 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:22:53.0591 0x1b50 Power - ok
12:22:53.0612 0x1b50 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:22:53.0616 0x1b50 PptpMiniport - ok
12:22:53.0629 0x1b50 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:22:53.0631 0x1b50 Processor - ok
12:22:53.0660 0x1b50 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:22:53.0669 0x1b50 ProfSvc - ok
12:22:53.0681 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:22:53.0683 0x1b50 ProtectedStorage - ok
12:22:53.0705 0x1b50 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:22:53.0711 0x1b50 Psched - ok
12:22:53.0763 0x1b50 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:22:53.0807 0x1b50 ql2300 - ok
12:22:53.0827 0x1b50 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:22:53.0831 0x1b50 ql40xx - ok
12:22:53.0861 0x1b50 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:22:53.0870 0x1b50 QWAVE - ok
12:22:53.0878 0x1b50 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:22:53.0881 0x1b50 QWAVEdrv - ok
12:22:53.0892 0x1b50 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:22:53.0894 0x1b50 RasAcd - ok
12:22:53.0911 0x1b50 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:22:53.0913 0x1b50 RasAgileVpn - ok
12:22:53.0927 0x1b50 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:22:53.0933 0x1b50 RasAuto - ok
12:22:53.0942 0x1b50 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:22:53.0946 0x1b50 Rasl2tp - ok
12:22:53.0964 0x1b50 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:22:53.0981 0x1b50 RasMan - ok
12:22:53.0993 0x1b50 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:22:53.0997 0x1b50 RasPppoe - ok
12:22:54.0002 0x1b50 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:22:54.0005 0x1b50 RasSstp - ok
12:22:54.0025 0x1b50 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:22:54.0042 0x1b50 rdbss - ok
12:22:54.0087 0x1b50 [ 7B345FA8191172FB719C82417154058D, 0016B5C90FAF69CFEECE7C65E42C80FBA61A81CE235062B060A48883560C732D ] RDID1027 C:\Windows\system32\Drivers\rdwm1027.sys
12:22:54.0091 0x1b50 RDID1027 - ok
12:22:54.0101 0x1b50 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:22:54.0103 0x1b50 rdpbus - ok
12:22:54.0112 0x1b50 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:22:54.0113 0x1b50 RDPCDD - ok
12:22:54.0142 0x1b50 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:22:54.0148 0x1b50 RDPDR - ok
12:22:54.0165 0x1b50 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:22:54.0167 0x1b50 RDPENCDD - ok
12:22:54.0181 0x1b50 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:22:54.0182 0x1b50 RDPREFMP - ok
12:22:54.0208 0x1b50 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:22:54.0215 0x1b50 RDPWD - ok
12:22:54.0233 0x1b50 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:22:54.0240 0x1b50 rdyboost - ok
12:22:54.0308 0x1b50 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:22:54.0315 0x1b50 RemoteAccess - ok
12:22:54.0360 0x1b50 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:22:54.0366 0x1b50 RemoteRegistry - ok
12:22:54.0395 0x1b50 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:22:54.0399 0x1b50 RpcEptMapper - ok
12:22:54.0404 0x1b50 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:22:54.0406 0x1b50 RpcLocator - ok
12:22:54.0429 0x1b50 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:22:54.0439 0x1b50 RpcSs - ok
12:22:54.0455 0x1b50 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:22:54.0458 0x1b50 rspndr - ok
12:22:54.0470 0x1b50 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:22:54.0472 0x1b50 s3cap - ok
12:22:54.0475 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:22:54.0476 0x1b50 SamSs - ok
12:22:54.0489 0x1b50 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:22:54.0492 0x1b50 sbp2port - ok
12:22:54.0507 0x1b50 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:22:54.0514 0x1b50 SCardSvr - ok
12:22:54.0525 0x1b50 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:22:54.0528 0x1b50 scfilter - ok
12:22:54.0563 0x1b50 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:22:54.0597 0x1b50 Schedule - ok
12:22:54.0613 0x1b50 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:22:54.0615 0x1b50 SCPolicySvc - ok
12:22:54.0629 0x1b50 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:22:54.0635 0x1b50 SDRSVC - ok
12:22:54.0644 0x1b50 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:22:54.0646 0x1b50 secdrv - ok
12:22:54.0652 0x1b50 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:22:54.0655 0x1b50 seclogon - ok
12:22:54.0667 0x1b50 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:22:54.0671 0x1b50 SENS - ok
12:22:54.0675 0x1b50 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:22:54.0677 0x1b50 SensrSvc - ok
12:22:54.0699 0x1b50 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:22:54.0701 0x1b50 Serenum - ok
12:22:54.0706 0x1b50 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:22:54.0708 0x1b50 Serial - ok
12:22:54.0719 0x1b50 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:22:54.0722 0x1b50 sermouse - ok
12:22:54.0735 0x1b50 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:22:54.0740 0x1b50 SessionEnv - ok
12:22:54.0748 0x1b50 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:22:54.0750 0x1b50 sffdisk - ok
12:22:54.0759 0x1b50 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:22:54.0761 0x1b50 sffp_mmc - ok
12:22:54.0768 0x1b50 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:22:54.0770 0x1b50 sffp_sd - ok
12:22:54.0776 0x1b50 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:22:54.0778 0x1b50 sfloppy - ok
12:22:54.0808 0x1b50 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:22:54.0825 0x1b50 SharedAccess - ok
12:22:54.0847 0x1b50 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:22:54.0864 0x1b50 ShellHWDetection - ok
12:22:54.0885 0x1b50 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:22:54.0887 0x1b50 SiSRaid2 - ok
12:22:54.0912 0x1b50 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:22:54.0916 0x1b50 SiSRaid4 - ok
12:22:55.0003 0x1b50 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:22:55.0020 0x1b50 SkypeUpdate - ok
12:22:55.0040 0x1b50 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:22:55.0043 0x1b50 Smb - ok
12:22:55.0056 0x1b50 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:22:55.0060 0x1b50 SNMPTRAP - ok
12:22:55.0067 0x1b50 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:22:55.0068 0x1b50 spldr - ok
12:22:55.0112 0x1b50 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:22:55.0138 0x1b50 Spooler - ok
12:22:55.0245 0x1b50 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:22:55.0353 0x1b50 sppsvc - ok
12:22:55.0372 0x1b50 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:22:55.0376 0x1b50 sppuinotify - ok
12:22:55.0411 0x1b50 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:22:55.0432 0x1b50 srv - ok
12:22:55.0449 0x1b50 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:22:55.0466 0x1b50 srv2 - ok
12:22:55.0497 0x1b50 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:22:55.0502 0x1b50 srvnet - ok
12:22:55.0516 0x1b50 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:22:55.0523 0x1b50 SSDPSRV - ok
12:22:55.0538 0x1b50 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:22:55.0543 0x1b50 SstpSvc - ok
12:22:55.0649 0x1b50 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:22:55.0683 0x1b50 Steam Client Service - ok
12:22:55.0694 0x1b50 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:22:55.0696 0x1b50 stexstor - ok
12:22:55.0715 0x1b50 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:22:55.0741 0x1b50 stisvc - ok
12:22:55.0767 0x1b50 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:22:55.0770 0x1b50 storflt - ok
12:22:55.0784 0x1b50 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
12:22:55.0786 0x1b50 StorSvc - ok
12:22:55.0800 0x1b50 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:22:55.0802 0x1b50 storvsc - ok
12:22:55.0815 0x1b50 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:22:55.0817 0x1b50 swenum - ok
12:22:55.0916 0x1b50 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:22:55.0938 0x1b50 SwitchBoard - ok
12:22:55.0962 0x1b50 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:22:55.0987 0x1b50 swprv - ok
12:22:56.0037 0x1b50 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:22:56.0088 0x1b50 SysMain - ok
12:22:56.0104 0x1b50 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:22:56.0109 0x1b50 TabletInputService - ok
12:22:56.0124 0x1b50 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:22:56.0133 0x1b50 TapiSrv - ok
12:22:56.0147 0x1b50 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:22:56.0151 0x1b50 TBS - ok
12:22:56.0237 0x1b50 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:22:56.0304 0x1b50 Tcpip - ok
12:22:56.0415 0x1b50 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:22:56.0443 0x1b50 TCPIP6 - ok
12:22:56.0471 0x1b50 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:22:56.0474 0x1b50 tcpipreg - ok
12:22:56.0488 0x1b50 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:22:56.0490 0x1b50 TDPIPE - ok
12:22:56.0517 0x1b50 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:22:56.0519 0x1b50 TDTCP - ok
12:22:56.0551 0x1b50 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:22:56.0555 0x1b50 tdx - ok
12:22:56.0708 0x1b50 [ 9F3E7CABE86BBDECA009DE291DB6D9E2, C85176BA98382C82178D682C5F91B5590201BF8C7335DF7ABCAB469367701106 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
12:22:56.0759 0x1b50 TeamViewer8 - ok
12:22:56.0781 0x1b50 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:22:56.0784 0x1b50 TermDD - ok
12:22:56.0826 0x1b50 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:22:56.0851 0x1b50 TermService - ok
12:22:56.0859 0x1b50 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:22:56.0863 0x1b50 Themes - ok
12:22:56.0880 0x1b50 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:22:56.0882 0x1b50 THREADORDER - ok
12:22:56.0893 0x1b50 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:22:56.0898 0x1b50 TrkWks - ok
12:22:56.0940 0x1b50 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:22:56.0945 0x1b50 TrustedInstaller - ok
12:22:56.0968 0x1b50 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:22:56.0970 0x1b50 tssecsrv - ok
12:22:56.0991 0x1b50 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:22:56.0994 0x1b50 TsUsbFlt - ok
12:22:57.0008 0x1b50 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:22:57.0010 0x1b50 TsUsbGD - ok
12:22:57.0027 0x1b50 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:22:57.0031 0x1b50 tunnel - ok
12:22:57.0043 0x1b50 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:22:57.0046 0x1b50 uagp35 - ok
12:22:57.0063 0x1b50 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:22:57.0072 0x1b50 udfs - ok
12:22:57.0079 0x1b50 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:22:57.0081 0x1b50 UI0Detect - ok
12:22:57.0097 0x1b50 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:22:57.0100 0x1b50 uliagpkx - ok
12:22:57.0120 0x1b50 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:22:57.0122 0x1b50 umbus - ok
12:22:57.0134 0x1b50 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:22:57.0136 0x1b50 UmPass - ok
12:22:57.0167 0x1b50 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:22:57.0176 0x1b50 UmRdpService - ok
12:22:57.0195 0x1b50 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:22:57.0210 0x1b50 upnphost - ok
12:22:57.0245 0x1b50 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:22:57.0247 0x1b50 USBAAPL64 - ok
12:22:57.0285 0x1b50 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:22:57.0290 0x1b50 usbaudio - ok
12:22:57.0300 0x1b50 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:22:57.0305 0x1b50 usbccgp - ok
12:22:57.0336 0x1b50 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:22:57.0340 0x1b50 usbcir - ok
12:22:57.0370 0x1b50 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:22:57.0373 0x1b50 usbehci - ok
12:22:57.0396 0x1b50 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:22:57.0413 0x1b50 usbhub - ok
12:22:57.0424 0x1b50 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:22:57.0427 0x1b50 usbohci - ok
12:22:57.0444 0x1b50 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:22:57.0447 0x1b50 usbprint - ok
12:22:57.0482 0x1b50 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
12:22:57.0485 0x1b50 usbscan - ok
12:22:57.0501 0x1b50 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:22:57.0505 0x1b50 USBSTOR - ok
12:22:57.0536 0x1b50 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:22:57.0539 0x1b50 usbuhci - ok
12:22:57.0556 0x1b50 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:22:57.0563 0x1b50 usbvideo - ok
12:22:57.0576 0x1b50 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:22:57.0581 0x1b50 UxSms - ok
12:22:57.0588 0x1b50 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:22:57.0590 0x1b50 VaultSvc - ok
12:22:57.0659 0x1b50 [ 301F11B8BC2208D4F4867D2103DA7CE2, FD844240D349AF3CD34AE2F30DCABB1327DBDCB6DB3336A379CFFF65F72EB642 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
12:22:57.0696 0x1b50 VBoxDrv - ok
12:22:57.0718 0x1b50 [ C64AD70CCCB0CED8925BE4E2C889DE3A, 0E25202639B10F66BDFEA867594508977112ADCCF51054E82C0C14475A1F18F5 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
12:22:57.0723 0x1b50 VBoxNetAdp - ok
12:22:57.0748 0x1b50 [ 712724A7C726CA15AD2FC8C40D56AE6D, 221DB97E433629660C704667FA7BCAA9037063DC4C8CE8CB67C7AF6AFD87B005 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
12:22:57.0753 0x1b50 VBoxNetFlt - ok
12:22:57.0808 0x1b50 [ 3FB968D261CE6A51454CE0C65E43B205, 2860554CC35495CC1A1D14DF002AAAE985E9C37650384B1D1524263D27DD68C5 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
12:22:57.0813 0x1b50 VBoxUSBMon - ok
12:22:57.0859 0x1b50 [ 17DFE3E67A89721AF755117E5EAAA9A7, 2BD4F3F884E78485BC856D0373C66F1F49884AA385B0B2B1403A1184ACA0D6F2 ] VC10SecS C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
12:22:57.0862 0x1b50 VC10SecS - ok
12:22:57.0872 0x1b50 [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus C:\Windows\system32\DRIVERS\vcd10bus.sys
12:22:57.0875 0x1b50 vcd10bus - ok
12:22:57.0876 0x1b50 Suspicious service (NoAccess): vdrv1000
12:22:57.0889 0x1b50 [ F0ECF990B3DE8842E948279AF31CC4E5, EF8C8D6F292A39914EDAB9BEF8E5243B60A7FAC48620D144A0F2079C852B3092 ] vdrv1000 C:\Windows\system32\DRIVERS\vdrv1000.sys
12:22:57.0898 0x1b50 vdrv1000 - detected LockedService.Multi.Generic ( 1 )
12:23:00.0846 0x1b50 Detect skipped due to KSN trusted
12:23:00.0846 0x1b50 vdrv1000 - ok
12:23:00.0903 0x1b50 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:23:00.0906 0x1b50 vdrvroot - ok
12:23:00.0928 0x1b50 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:23:00.0954 0x1b50 vds - ok
12:23:00.0966 0x1b50 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:23:00.0969 0x1b50 vga - ok
12:23:00.0984 0x1b50 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:23:00.0987 0x1b50 VgaSave - ok
12:23:01.0002 0x1b50 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:23:01.0010 0x1b50 vhdmp - ok
12:23:01.0040 0x1b50 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:23:01.0042 0x1b50 viaide - ok
12:23:01.0063 0x1b50 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:23:01.0071 0x1b50 vmbus - ok
12:23:01.0081 0x1b50 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:23:01.0083 0x1b50 VMBusHID - ok
12:23:01.0119 0x1b50 [ 32984E65F126D91836EADDC165236DE3, 2B692C71221D421A649E3E312382C71831D43210E5D0C45BBC570CBD1BF97C55 ] VMUVC C:\Windows\system32\Drivers\VMUVC.sys
12:23:01.0127 0x1b50 VMUVC - ok
12:23:01.0142 0x1b50 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:23:01.0146 0x1b50 volmgr - ok
12:23:01.0169 0x1b50 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:23:01.0186 0x1b50 volmgrx - ok
12:23:01.0206 0x1b50 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:23:01.0223 0x1b50 volsnap - ok
12:23:01.0244 0x1b50 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:23:01.0250 0x1b50 vsmraid - ok
12:23:01.0298 0x1b50 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:23:01.0345 0x1b50 VSS - ok
12:23:01.0374 0x1b50 [ 9D9FE9E24F03AD87324245F516BEDAE5, 0C9E9A8FFF8A2F29433DD6A17B8DA284E134F300F928BF45F5713E97E283D33B ] vvftUVC C:\Windows\system32\drivers\vvftUVC.sys
12:23:01.0382 0x1b50 vvftUVC - ok
12:23:01.0392 0x1b50 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:23:01.0395 0x1b50 vwifibus - ok
12:23:01.0429 0x1b50 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:23:01.0432 0x1b50 VWiFiFlt - ok
12:23:01.0456 0x1b50 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:23:01.0458 0x1b50 vwifimp - ok
12:23:01.0478 0x1b50 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:23:01.0499 0x1b50 W32Time - ok
12:23:01.0510 0x1b50 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:23:01.0513 0x1b50 WacomPen - ok
12:23:01.0528 0x1b50 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:23:01.0531 0x1b50 WANARP - ok
12:23:01.0542 0x1b50 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:23:01.0543 0x1b50 Wanarpv6 - ok
12:23:01.0586 0x1b50 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:23:01.0629 0x1b50 wbengine - ok
12:23:01.0649 0x1b50 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:23:01.0656 0x1b50 WbioSrvc - ok
12:23:01.0680 0x1b50 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:23:01.0697 0x1b50 wcncsvc - ok
12:23:01.0702 0x1b50 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:23:01.0705 0x1b50 WcsPlugInService - ok
12:23:01.0713 0x1b50 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:23:01.0715 0x1b50 Wd - ok
12:23:01.0760 0x1b50 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:23:01.0786 0x1b50 Wdf01000 - ok
12:23:01.0805 0x1b50 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:23:01.0810 0x1b50 WdiServiceHost - ok
12:23:01.0814 0x1b50 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:23:01.0818 0x1b50 WdiSystemHost - ok
12:23:01.0852 0x1b50 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:23:01.0860 0x1b50 WebClient - ok
12:23:01.0874 0x1b50 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:23:01.0882 0x1b50 Wecsvc - ok
12:23:01.0892 0x1b50 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:23:01.0897 0x1b50 wercplsupport - ok
12:23:01.0912 0x1b50 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:23:01.0916 0x1b50 WerSvc - ok
12:23:01.0925 0x1b50 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:23:01.0927 0x1b50 WfpLwf - ok
12:23:01.0941 0x1b50 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:23:01.0943 0x1b50 WIMMount - ok
12:23:01.0961 0x1b50 WinDefend - ok
12:23:01.0966 0x1b50 WinHttpAutoProxySvc - ok
12:23:02.0006 0x1b50 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:23:02.0013 0x1b50 Winmgmt - ok
12:23:02.0089 0x1b50 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:23:02.0148 0x1b50 WinRM - ok
12:23:02.0195 0x1b50 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:23:02.0197 0x1b50 WinUsb - ok
12:23:02.0230 0x1b50 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:23:02.0260 0x1b50 Wlansvc - ok
12:23:02.0520 0x1b50 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:23:02.0556 0x1b50 wlidsvc - ok
12:23:02.0577 0x1b50 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:23:02.0579 0x1b50 WmiAcpi - ok
12:23:02.0601 0x1b50 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:23:02.0606 0x1b50 wmiApSrv - ok
12:23:02.0609 0x1b50 WMPNetworkSvc - ok
12:23:02.0615 0x1b50 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:23:02.0618 0x1b50 WPCSvc - ok
12:23:02.0628 0x1b50 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:23:02.0633 0x1b50 WPDBusEnum - ok
12:23:02.0643 0x1b50 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:23:02.0645 0x1b50 ws2ifsl - ok
12:23:02.0654 0x1b50 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:23:02.0659 0x1b50 wscsvc - ok
12:23:02.0701 0x1b50 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:23:02.0703 0x1b50 WSDPrintDevice - ok
12:23:02.0731 0x1b50 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
12:23:02.0733 0x1b50 WSDScan - ok
12:23:02.0736 0x1b50 WSearch - ok
12:23:02.0840 0x1b50 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:23:02.0905 0x1b50 wuauserv - ok
12:23:02.0934 0x1b50 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:23:02.0937 0x1b50 WudfPf - ok
12:23:02.0963 0x1b50 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:23:02.0970 0x1b50 WUDFRd - ok
12:23:03.0006 0x1b50 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:23:03.0012 0x1b50 wudfsvc - ok
12:23:03.0048 0x1b50 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:23:03.0065 0x1b50 WwanSvc - ok
12:23:03.0082 0x1b50 ================ Scan global ===============================
12:23:03.0103 0x1b50 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:23:03.0142 0x1b50 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:23:03.0175 0x1b50 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:23:03.0191 0x1b50 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:23:03.0210 0x1b50 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:23:03.0226 0x1b50 [ Global ] - ok
12:23:03.0227 0x1b50 ================ Scan MBR ==================================
12:23:03.0236 0x1b50 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:23:03.0403 0x1b50 \Device\Harddisk0\DR0 - ok
12:23:03.0406 0x1b50 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:23:04.0124 0x1b50 \Device\Harddisk1\DR1 - ok
12:23:04.0124 0x1b50 ================ Scan VBR ==================================
12:23:04.0152 0x1b50 [ 6E7749CE83D177B38518C6EF19FFCC41 ] \Device\Harddisk0\DR0\Partition1
12:23:04.0179 0x1b50 \Device\Harddisk0\DR0\Partition1 - ok
12:23:04.0182 0x1b50 [ 7E72767D016D004A5E4CD0D2B26955C3 ] \Device\Harddisk0\DR0\Partition2
12:23:04.0184 0x1b50 \Device\Harddisk0\DR0\Partition2 - ok
12:23:04.0186 0x1b50 [ 08D3F6DA42CD2408F3DFE40C76A402B4 ] \Device\Harddisk1\DR1\Partition1
12:23:04.0188 0x1b50 \Device\Harddisk1\DR1\Partition1 - ok
12:23:04.0189 0x1b50 ================ Scan generic autorun ======================
12:23:04.0282 0x1b50 [ 88CA0FFA894AF4B0D90B93FAA2A0A0D9, FC48386A287EB95E5D173FA358D6F0823A651C83835605892EAFD6ED11F17D6F ] c:\Program Files\Microsoft IntelliType Pro\itype.exe
12:23:04.0308 0x1b50 itype - ok
12:23:04.0408 0x1b50 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
12:23:04.0442 0x1b50 IntelliPoint - ok
12:23:04.0557 0x1b50 [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
12:23:04.0595 0x1b50 CanonMyPrinter - ok
12:23:04.0652 0x1b50 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:23:04.0674 0x1b50 AdobeAAMUpdater-1.0 - ok
12:23:04.0678 0x1b50 CTxfiHlp - ok
12:23:04.0744 0x1b50 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:23:04.0745 0x1b50 APSDaemon - ok
12:23:04.0789 0x1b50 [ BFD8FC00279EDCE90C0981C29AF90683, 8FCA9802F8AB96712CCA006735860EE1AE0CFC67CAC561DB122BA9C7204B881C ] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
12:23:04.0799 0x1b50 ASUS Ai Charger - ok
12:23:04.0839 0x1b50 Adobe Reader Speed Launcher - ok
12:23:04.0891 0x1b50 [ 8943465BEFA91044227D42E84ECB8280, 76D19CE3EB7E6C6573F250543CDC10B3601604535BFB756805AE246FA55AC265 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:23:04.0894 0x1b50 NUSB3MON - ok
12:23:04.0955 0x1b50 [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
12:23:04.0958 0x1b50 LifeCam - ok
12:23:05.0184 0x1b50 [ 76561AF4D33CFA51710A1FB8C7B3E91A, 787F292AE88BAEEB47A959477701DFEBA41C4EA6BA54B8CE6F8AB6D800D130EE ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
12:23:05.0207 0x1b50 CanonSolutionMenuEx - ok
12:23:05.0235 0x1b50 [ 9CC83F60C71DAEAFF79971E5D94C11E1, 089C6A3553CCB5807320766F2F166E391960FDD29BBA25831449F03B5036FEC1 ] C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
12:23:05.0238 0x1b50 VMonitorVMUVC - ok
12:23:05.0259 0x1b50 [ 147D0268474E2A9766C1D3F2C5DCDCEB, 0EF941C1AAFB51590ED2CC89A7B3F47293C9476DCD13157DAC5512275C92A497 ] C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
12:23:05.0265 0x1b50 VC10Player - ok
12:23:05.0323 0x1b50 [ 696A74A2E7AAD166D0A97499A43AD084, A661156C420B3198A82A6A395B986B28E89645CCFEFF4ED68B95EE5FC447E032 ] C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium\TrayServer.exe
12:23:05.0326 0x1b50 TrayServer - ok
12:23:05.0386 0x1b50 [ D2AEADFD998706B4216315B2BD3FA79E, D45634355B7733F9B6754A6FB80B7EC20C0D584A08E2F710DF612B393D96A8F9 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
12:23:05.0389 0x1b50 ISUSScheduler - ok
12:23:05.0454 0x1b50 [ 7C73B5C50CAEDB1771A049142026906B, A4992339D71A9297963C70616C4124BD701E46AEE439E09C392C2B2EBAE624E6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:23:05.0478 0x1b50 StartCCC - ok
12:23:05.0548 0x1b50 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:23:05.0563 0x1b50 Adobe ARM - ok
12:23:05.0583 0x1b50 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:23:05.0590 0x1b50 SwitchBoard - ok
12:23:05.0672 0x1b50 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
12:23:05.0698 0x1b50 AdobeCS6ServiceManager - ok
12:23:05.0808 0x1b50 [ 243B5482278830626BFE515A65253B81, 5595B9B076E8D772DB828D62740324265B3AA6B2DB829F2D130239DAEC0CD81F ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
12:23:05.0861 0x1b50 KeePass 2 PreLoad - ok
12:23:05.0941 0x1b50 [ 6DC01D7EFE861921709454B9AE18575D, 8BC8D4064EDFCFE9536A320E600B08B3089CF1CBFF62EB8E3452ABA373C0553F ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
12:23:05.0957 0x1b50 BlueStacks Agent - ok
12:23:06.0056 0x1b50 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
12:23:06.0097 0x1b50 AVMWlanClient - ok
12:23:06.0157 0x1b50 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
12:23:06.0161 0x1b50 iTunesHelper - ok
12:23:06.0218 0x1b50 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:23:06.0252 0x1b50 Sidebar - ok
12:23:06.0272 0x1b50 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:23:06.0279 0x1b50 mctadmin - ok
12:23:06.0319 0x1b50 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:23:06.0335 0x1b50 Sidebar - ok
12:23:06.0342 0x1b50 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:23:06.0344 0x1b50 mctadmin - ok
12:23:06.0467 0x1b50 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:23:06.0527 0x1b50 Sidebar - ok
12:23:06.0712 0x1b50 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe
12:23:06.0715 0x1b50 Google Update - ok
12:23:06.0742 0x1b50 msnmsgr - ok
12:23:06.0766 0x1b50 MobileDocuments - ok
12:23:06.0795 0x1b50 [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe
12:23:06.0800 0x1b50 Facebook Update - ok
12:23:06.0815 0x1b50 ISUSPM - ok
12:23:06.0815 0x1b50 ISUSPM Startup - ok
12:23:06.0844 0x1b50 [ EC58C1A9A3281CE0C8FCC05BDBFECB37, 3738BBC112346B32F686F1CB4B4AAD89B06AA1F8FB2D333BC2D2F554212A0A59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
12:23:06.0845 0x1b50 iCloudServices - ok
12:23:06.0871 0x1b50 [ 105C276BB7B43501225C419B062096D0, F5D35230FC5E116FB04147F216313D2E2542D96E975B19F5FD9F7641CF11271F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
12:23:06.0872 0x1b50 ApplePhotoStreams - ok
12:23:06.0873 0x1b50 com.apple.dav.bookmarks.daemon - ok
12:23:06.0980 0x1b50 [ 60A5CF720CE4017796DE9EB5F0B8F970, B696934264D121E6D1707CDE75CD9807157AAA33C71146D4A31739E0696C563A ] C:\Program Files (x86)\Steam\Steam.exe
12:23:07.0007 0x1b50 Steam - ok
12:23:07.0059 0x1b50 [ ED3DA146CE26D7E566ED5723B8E577C0, AEBBC32A61546028BF2B2368176149C649F078AF03338D012D86B664323872D7 ] C:\Program Files (x86)\Overwolf\Overwolf.exe
12:23:07.0060 0x1b50 Overwolf - ok
12:23:07.0120 0x1b50 [ CD5557CE0963166E4C79CD1FB7855382, F98146CB7D1F4C98163A9EEB73351E72F5F65AF435D95B36ED96E0C71D4C41C6 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe
12:23:07.0123 0x1b50 AnyDVD - ok
12:23:07.0372 0x1b50 [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Paul\AppData\Roaming\Spotify\Spotify.exe
12:23:07.0466 0x1b50 Spotify - ok
12:23:07.0563 0x1b50 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:23:07.0590 0x1b50 Spotify Web Helper - ok
12:23:07.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:08.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:09.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:10.0593 0x1b50 Waiting for KSN requests completion. In queue: 116
12:23:11.0638 0x1b50 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
12:23:11.0659 0x1b50 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
12:23:14.0577 0x1b50 ============================================================
12:23:14.0577 0x1b50 Scan finished
12:23:14.0577 0x1b50 ============================================================
12:23:14.0585 0x0c64 Detected object count: 0
12:23:14.0586 0x0c64 Actual detected object count: 0
12:27:17.0640 0x15ec Deinitialize success
|
|
25.01.2015, 15:57
| #8 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus, der das Internet mitnutzt hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.01.2015, 16:43
| #9 |
| | Verdacht auf Virus, der das Internet mitnutzt Combofix.txt Code:
ATTFilter ComboFix 15-01-22.02 - Paul 25.01.2015 16:07:48.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.6143.3497 [GMT 1:00]
ausgeführt von:: c:\users\Paul\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\Install.exe
c:\users\Paul\AppData\Roaming\IHelper
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\ArtworkDB
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\Books.plist
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\iTunesCDB
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\iTunesCDB.unzip
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\MediaLibrary.sqlitedb-shm
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\MediaLibrary.sqlitedb-wal
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\MediaLibrary.sqlitedb
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\Purchases.plist
c:\users\Paul\AppData\Roaming\IHelper\PPHelper-share.ipa
N:\Autorun.inf
N:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-25 bis 2015-01-25 ))))))))))))))))))))))))))))))
.
.
2015-01-25 10:02 . 2015-01-25 10:02 -------- d-----w- c:\programdata\Malwarebytes
2015-01-25 10:01 . 2015-01-25 15:26 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-25 10:01 . 2015-01-25 10:34 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-25 09:30 . 2015-01-25 10:33 97496 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-25 08:27 . 2015-01-25 08:27 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-01-24 16:43 . 2015-01-24 16:49 -------- d-----w- C:\FRST
2015-01-23 17:49 . 2015-01-23 17:49 -------- d-----w- c:\users\Paul\AppData\Roaming\xm1
2015-01-23 15:05 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15C28C70-FE55-422E-BF2E-5512F5801192}\mpengine.dll
2015-01-23 14:14 . 2015-01-25 14:38 -------- d-----w- c:\program files (x86)\Texmaker
2015-01-16 13:07 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-16 13:07 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-16 13:07 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
2015-01-16 13:07 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
2015-01-16 13:07 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-01-16 13:07 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-16 13:07 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-01-14 18:41 . 2014-12-11 17:47 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-14 18:41 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-01-14 13:30 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-14 13:30 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-01-14 13:30 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2015-01-14 13:22 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-13 19:41 . 2015-01-13 19:41 -------- d-----w- c:\program files\iPod
2015-01-13 19:41 . 2015-01-13 19:42 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-13 19:41 . 2015-01-13 19:42 -------- d-----w- c:\program files\iTunes
2015-01-13 19:41 . 2015-01-13 19:42 -------- d-----w- c:\program files (x86)\iTunes
2014-12-28 15:51 . 2014-12-28 15:51 -------- d-----w- c:\program files (x86)\City Interactive
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-23 13:08 . 2012-04-06 09:33 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-23 13:08 . 2012-02-24 18:38 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-16 14:02 . 2012-02-24 07:34 113365784 ----a-w- c:\windows\system32\MRT.exe
2015-01-08 08:55 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-23 15:41 . 2014-12-23 15:41 150440 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys
2014-12-23 15:41 . 2014-12-23 15:41 150440 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2014-12-20 22:31 . 2014-12-20 22:31 40344 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
2014-12-20 10:52 . 2014-12-19 20:34 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2014-12-18 22:31 . 2014-12-18 22:31 97176 ----a-w- c:\windows\SysWow64\ElbyCDIO.dll
2014-12-13 05:09 . 2014-12-19 16:10 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-19 16:10 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-13 16:31 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-13 16:31 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-13 16:31 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-13 16:31 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-13 16:31 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-13 16:31 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-13 16:31 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-13 16:31 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-13 16:39 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-13 16:39 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-13 16:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-13 16:39 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-13 16:39 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-13 16:39 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-13 16:40 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-13 16:39 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-13 16:39 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-13 16:39 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-13 16:39 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-13 16:39 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-13 16:40 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-13 16:39 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-13 16:39 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-13 16:39 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-13 16:39 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-13 16:39 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-13 16:39 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-13 16:39 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-13 16:39 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-13 16:39 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-13 16:39 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-13 16:40 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-13 16:39 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-13 16:39 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-13 16:39 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-13 16:39 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-13 16:39 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-13 16:39 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-13 16:39 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-13 16:39 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-13 16:39 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-13 16:39 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-13 16:39 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-13 16:39 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-13 16:39 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-13 16:39 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-13 16:39 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-13 16:39 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 13:57 . 2014-11-29 12:44 916024 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-11-21 13:55 . 2014-11-29 12:43 128080 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-11-21 13:55 . 2014-11-21 13:55 204264 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2014-11-21 13:55 . 2014-11-21 13:55 156360 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-11-21 13:55 . 2014-11-21 13:55 141440 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-11 03:09 . 2014-12-13 16:27 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-20 13:18 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-20 13:18 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-13 16:27 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-20 13:18 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-20 13:18 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-13 16:21 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-12 16:04 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-12 16:04 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-10-30 02:03 . 2014-12-12 16:05 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-30 01:45 . 2014-12-12 16:05 155136 ----a-w- c:\windows\SysWow64\charmap.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-11-21 43816]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-01-23 1942720]
"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2015-01-15 40688]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVD.exe" [2014-12-29 109480]
"Spotify"="c:\users\Paul\AppData\Roaming\Spotify\Spotify.exe" [2014-12-16 6737976]
"Spotify Web Helper"="c:\users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-12-16 1676344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"ASUS Ai Charger"="c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2010-10-19 465536]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160]
"VMonitorVMUVC"="c:\program files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" [2008-08-29 143360]
"VC10Player"="c:\program files (x86)\Virtual CD v10\System\VC10Play.exe" [2011-05-20 411976]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_17_Premium\TrayServer.exe" [2008-08-07 90112]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2013-07-20 2010624]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-03-06 819984]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
c:\users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DxVGrb;DxVGrb;c:\windows\system32\drivers\DxVGrb.sys;c:\windows\SYSNATIVE\drivers\DxVGrb.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 fwlanusb5;FRITZ!WLAN N v2;c:\windows\system32\DRIVERS\fwlanusb5.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb5.sys [x]
R3 HH10Help.sys;HH10Help.sys;c:\windows\system32\drivers\HH10Help.sys;c:\windows\SYSNATIVE\drivers\HH10Help.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys;c:\windows\SYSNATIVE\Drivers\VMUVC.sys [x]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys;c:\windows\SYSNATIVE\drivers\vvftUVC.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S1 HCW88AUD;Hauppauge WinTV 88x Audio Capture;c:\windows\system32\drivers\hcw88aud.sys;c:\windows\SYSNATIVE\drivers\hcw88aud.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S1 vdrv1000;vdrv1000;c:\windows\system32\DRIVERS\vdrv1000.sys;c:\windows\SYSNATIVE\DRIVERS\vdrv1000.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 VC10SecS;Virtual CD v10 Management Service;c:\program files (x86)\Virtual CD v10\System\VC10SecS.exe;c:\program files (x86)\Virtual CD v10\System\VC10SecS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 HCW88BDA;Hauppauge WinTV 88x DVB Tuner/Demod;c:\windows\system32\drivers\hcw88bda.sys;c:\windows\SYSNATIVE\drivers\hcw88bda.sys [x]
S3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture;c:\windows\system32\drivers\hcw88tse.sys;c:\windows\SYSNATIVE\drivers\hcw88tse.sys [x]
S3 HCW88TUNE;Hauppauge WinTV 88x Tuner;c:\windows\system32\drivers\hcw88tun.sys;c:\windows\SYSNATIVE\drivers\hcw88tun.sys [x]
S3 hcw88vid;Hauppauge WinTV 88x Video;c:\windows\system32\drivers\hcw88vid.sys;c:\windows\SYSNATIVE\drivers\hcw88vid.sys [x]
S3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;c:\windows\system32\drivers\HCW88BAR.sys;c:\windows\SYSNATIVE\drivers\HCW88BAR.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys;c:\windows\SYSNATIVE\DRIVERS\vcd10bus.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 13:08]
.
2015-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job
- c:\users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-27 11:15]
.
2015-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
- c:\users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-27 11:15]
.
2014-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-08 18:52]
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-08 18:52]
.
2014-12-09 c:\windows\Tasks\updater.job
- c:\program files (x86)\MC-RP Setup\updater.exe [2014-01-03 22:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.178.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\
FF - user.js: extensions.softonic_i.newTab - false
FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.softonic_i.id - 742e8651000000000000bc05430144ab
FF - user.js: extensions.softonic_i.instlDay - 15395
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.513:15
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - SD
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - de12JANdefault
FF - user.js: extensions.softonic_i.instlRef - MON00015
FF - user.js: extensions.softonic_i.dfltLng - de
FF - user.js: extensions.softonic_i.excTlbr - false
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe
Wow6432Node-HKCU-Run-ISUSPM Startup - c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
Wow6432Node-HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Findus2 - c:\windows\unvise32.exe
AddRemove-Findus4 - c:\windows\unvise32.exe
AddRemove-{66D8D1B9-0B6F-423F-950A-1E6B0B7482C4}_is1 - c:\program files (x86)\The Binding Of Isaac\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vdrv1000]
"ImagePath"="system32\DRIVERS\vdrv1000.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1518553307-3788296194-4095220867-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0f,b4,e5,87,f3,21,3a,56,4c,56,53,c9,29,f8,1e,13,35,6c,05,1f,e6,57,80,
f1,b0,c6,1a,38,78,cc,4d,06,e1,93,0f,45,fb,09,d1,87,da,fd,84,f4,40,fc,1b,0e,\
"??"=hex:62,2e,33,55,0b,87,68,3b,0c,ac,c4,06,53,1e,d7,d3
.
[HKEY_USERS\S-1-5-21-1518553307-3788296194-4095220867-1000\Software\SecuROM\License information*]
"datasecu"=hex:c6,32,31,61,cb,0b,80,60,53,a3,f3,73,49,5f,96,39,08,e9,c7,a4,91,
64,27,5a,62,0c,28,13,b4,25,35,e7,16,d7,07,1a,9f,0a,ef,dd,7f,d7,54,5a,83,08,\
"rkeysecu"=hex:30,65,fc,c4,39,21,80,4e,91,76,a9,9b,98,d2,7e,9d
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-25 16:39:58 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-01-25 15:39
.
Vor Suchlauf: 23 Verzeichnis(se), 402.100.916.224 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 412.430.835.712 Bytes frei
.
- - End Of File - - E5653D7160B9F85DB7EEDD598DEEDF97
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter ComboFix 15-01-22.02 - Paul 25.01.2015 16:07:48.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.6143.3497 [GMT 1:00]
ausgeführt von:: c:\users\Paul\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\Install.exe
c:\users\Paul\AppData\Roaming\IHelper
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\ArtworkDB
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\Books.plist
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\iTunesCDB
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\iTunesCDB.unzip
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\MediaLibrary.sqlitedb-shm
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\MediaLibrary.sqlitedb-wal
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\MediaLibrary.sqlitedb
c:\users\Paul\AppData\Roaming\IHelper\0a9ea77c06489015f495bfba661a6b18e4939c08\system\Purchases.plist
c:\users\Paul\AppData\Roaming\IHelper\PPHelper-share.ipa
N:\Autorun.inf
N:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-25 bis 2015-01-25 ))))))))))))))))))))))))))))))
.
.
2015-01-25 10:02 . 2015-01-25 10:02 -------- d-----w- c:\programdata\Malwarebytes
2015-01-25 10:01 . 2015-01-25 15:26 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-25 10:01 . 2015-01-25 10:34 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-25 09:30 . 2015-01-25 10:33 97496 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-25 08:27 . 2015-01-25 08:27 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-01-24 16:43 . 2015-01-24 16:49 -------- d-----w- C:\FRST
2015-01-23 17:49 . 2015-01-23 17:49 -------- d-----w- c:\users\Paul\AppData\Roaming\xm1
2015-01-23 15:05 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15C28C70-FE55-422E-BF2E-5512F5801192}\mpengine.dll
2015-01-23 14:14 . 2015-01-25 14:38 -------- d-----w- c:\program files (x86)\Texmaker
2015-01-16 13:07 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-16 13:07 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-16 13:07 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
2015-01-16 13:07 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
2015-01-16 13:07 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-01-16 13:07 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-16 13:07 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-01-14 18:41 . 2014-12-11 17:47 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-14 18:41 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-01-14 13:30 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-14 13:30 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-01-14 13:30 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2015-01-14 13:22 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-13 19:41 . 2015-01-13 19:41 -------- d-----w- c:\program files\iPod
2015-01-13 19:41 . 2015-01-13 19:42 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-13 19:41 . 2015-01-13 19:42 -------- d-----w- c:\program files\iTunes
2015-01-13 19:41 . 2015-01-13 19:42 -------- d-----w- c:\program files (x86)\iTunes
2014-12-28 15:51 . 2014-12-28 15:51 -------- d-----w- c:\program files (x86)\City Interactive
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-23 13:08 . 2012-04-06 09:33 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-23 13:08 . 2012-02-24 18:38 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-16 14:02 . 2012-02-24 07:34 113365784 ----a-w- c:\windows\system32\MRT.exe
2015-01-08 08:55 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-23 15:41 . 2014-12-23 15:41 150440 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys
2014-12-23 15:41 . 2014-12-23 15:41 150440 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2014-12-20 22:31 . 2014-12-20 22:31 40344 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
2014-12-20 10:52 . 2014-12-19 20:34 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2014-12-18 22:31 . 2014-12-18 22:31 97176 ----a-w- c:\windows\SysWow64\ElbyCDIO.dll
2014-12-13 05:09 . 2014-12-19 16:10 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-19 16:10 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-13 16:31 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-13 16:31 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-13 16:31 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-13 16:31 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-13 16:31 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-13 16:31 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-13 16:31 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-13 16:31 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-13 16:39 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-13 16:39 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-13 16:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-13 16:39 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-13 16:39 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-13 16:39 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-13 16:40 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-13 16:39 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-13 16:39 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-13 16:39 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-13 16:39 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-13 16:39 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-13 16:40 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-13 16:39 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-13 16:39 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-13 16:39 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-13 16:39 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-13 16:39 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-13 16:39 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-13 16:39 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-13 16:39 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-13 16:39 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-13 16:39 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-13 16:40 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-13 16:39 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-13 16:39 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-13 16:39 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-13 16:39 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-13 16:39 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-13 16:39 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-13 16:39 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-13 16:39 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-13 16:39 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-13 16:39 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-13 16:39 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-13 16:39 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-13 16:39 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-13 16:39 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-13 16:39 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-13 16:39 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 13:57 . 2014-11-29 12:44 916024 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-11-21 13:55 . 2014-11-29 12:43 128080 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-11-21 13:55 . 2014-11-21 13:55 204264 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2014-11-21 13:55 . 2014-11-21 13:55 156360 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-11-21 13:55 . 2014-11-21 13:55 141440 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-11 03:09 . 2014-12-13 16:27 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-20 13:18 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-20 13:18 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-13 16:27 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-20 13:18 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-20 13:18 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-13 16:21 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-12 16:04 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-12 16:04 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-10-30 02:03 . 2014-12-12 16:05 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-30 01:45 . 2014-12-12 16:05 155136 ----a-w- c:\windows\SysWow64\charmap.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-11-21 43816]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-01-23 1942720]
"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2015-01-15 40688]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVD.exe" [2014-12-29 109480]
"Spotify"="c:\users\Paul\AppData\Roaming\Spotify\Spotify.exe" [2014-12-16 6737976]
"Spotify Web Helper"="c:\users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-12-16 1676344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"ASUS Ai Charger"="c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2010-10-19 465536]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160]
"VMonitorVMUVC"="c:\program files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" [2008-08-29 143360]
"VC10Player"="c:\program files (x86)\Virtual CD v10\System\VC10Play.exe" [2011-05-20 411976]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_17_Premium\TrayServer.exe" [2008-08-07 90112]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2013-07-20 2010624]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-03-06 819984]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
c:\users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DxVGrb;DxVGrb;c:\windows\system32\drivers\DxVGrb.sys;c:\windows\SYSNATIVE\drivers\DxVGrb.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 fwlanusb5;FRITZ!WLAN N v2;c:\windows\system32\DRIVERS\fwlanusb5.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb5.sys [x]
R3 HH10Help.sys;HH10Help.sys;c:\windows\system32\drivers\HH10Help.sys;c:\windows\SYSNATIVE\drivers\HH10Help.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys;c:\windows\SYSNATIVE\Drivers\VMUVC.sys [x]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys;c:\windows\SYSNATIVE\drivers\vvftUVC.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S1 HCW88AUD;Hauppauge WinTV 88x Audio Capture;c:\windows\system32\drivers\hcw88aud.sys;c:\windows\SYSNATIVE\drivers\hcw88aud.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S1 vdrv1000;vdrv1000;c:\windows\system32\DRIVERS\vdrv1000.sys;c:\windows\SYSNATIVE\DRIVERS\vdrv1000.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 VC10SecS;Virtual CD v10 Management Service;c:\program files (x86)\Virtual CD v10\System\VC10SecS.exe;c:\program files (x86)\Virtual CD v10\System\VC10SecS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 HCW88BDA;Hauppauge WinTV 88x DVB Tuner/Demod;c:\windows\system32\drivers\hcw88bda.sys;c:\windows\SYSNATIVE\drivers\hcw88bda.sys [x]
S3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture;c:\windows\system32\drivers\hcw88tse.sys;c:\windows\SYSNATIVE\drivers\hcw88tse.sys [x]
S3 HCW88TUNE;Hauppauge WinTV 88x Tuner;c:\windows\system32\drivers\hcw88tun.sys;c:\windows\SYSNATIVE\drivers\hcw88tun.sys [x]
S3 hcw88vid;Hauppauge WinTV 88x Video;c:\windows\system32\drivers\hcw88vid.sys;c:\windows\SYSNATIVE\drivers\hcw88vid.sys [x]
S3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;c:\windows\system32\drivers\HCW88BAR.sys;c:\windows\SYSNATIVE\drivers\HCW88BAR.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys;c:\windows\SYSNATIVE\DRIVERS\vcd10bus.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 13:08]
.
2015-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job
- c:\users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-27 11:15]
.
2015-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
- c:\users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-27 11:15]
.
2014-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-08 18:52]
.
2015-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-08 18:52]
.
2014-12-09 c:\windows\Tasks\updater.job
- c:\program files (x86)\MC-RP Setup\updater.exe [2014-01-03 22:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.178.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\
FF - user.js: extensions.softonic_i.newTab - false
FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.softonic_i.id - 742e8651000000000000bc05430144ab
FF - user.js: extensions.softonic_i.instlDay - 15395
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.513:15
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - SD
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - de12JANdefault
FF - user.js: extensions.softonic_i.instlRef - MON00015
FF - user.js: extensions.softonic_i.dfltLng - de
FF - user.js: extensions.softonic_i.excTlbr - false
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe
Wow6432Node-HKCU-Run-ISUSPM Startup - c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
Wow6432Node-HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Findus2 - c:\windows\unvise32.exe
AddRemove-Findus4 - c:\windows\unvise32.exe
AddRemove-{66D8D1B9-0B6F-423F-950A-1E6B0B7482C4}_is1 - c:\program files (x86)\The Binding Of Isaac\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vdrv1000]
"ImagePath"="system32\DRIVERS\vdrv1000.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1518553307-3788296194-4095220867-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0f,b4,e5,87,f3,21,3a,56,4c,56,53,c9,29,f8,1e,13,35,6c,05,1f,e6,57,80,
f1,b0,c6,1a,38,78,cc,4d,06,e1,93,0f,45,fb,09,d1,87,da,fd,84,f4,40,fc,1b,0e,\
"??"=hex:62,2e,33,55,0b,87,68,3b,0c,ac,c4,06,53,1e,d7,d3
.
[HKEY_USERS\S-1-5-21-1518553307-3788296194-4095220867-1000\Software\SecuROM\License information*]
"datasecu"=hex:c6,32,31,61,cb,0b,80,60,53,a3,f3,73,49,5f,96,39,08,e9,c7,a4,91,
64,27,5a,62,0c,28,13,b4,25,35,e7,16,d7,07,1a,9f,0a,ef,dd,7f,d7,54,5a,83,08,\
"rkeysecu"=hex:30,65,fc,c4,39,21,80,4e,91,76,a9,9b,98,d2,7e,9d
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-25 16:39:58 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-01-25 15:39
.
Vor Suchlauf: 23 Verzeichnis(se), 402.100.916.224 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 412.430.835.712 Bytes frei
.
- - End Of File - - E5653D7160B9F85DB7EEDD598DEEDF97
A36C5E4F47E84449FF07ED3517B43A31
|
|
25.01.2015, 19:00
| #10 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus, der das Internet mitnutzt Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.01.2015, 20:16
| #11 |
| | Verdacht auf Virus, der das Internet mitnutzt mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 25.01.2015 Suchlauf-Zeit: 19:23:49 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.01.25.10 Rootkit Datenbank: v2015.01.14.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Paul Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 370687 Verstrichene Zeit: 12 Min, 14 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 6 PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}, In Quarantäne, [801ea358c1c82b0b31a02efede25e21e], PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DF84E609-C3A4-49CB-A160-61767DAF8899}, In Quarantäne, [801ea358c1c82b0b31a02efede25e21e], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [900e59a25c2d8aac62b159d47a899d63], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [1a848378503996a0ce46bb724bb85ba5], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [06983ebdd1b81620b4fe2c9535ce9a66], PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.8, In Quarantäne, [edb1b447c9c064d28cbc288c748f18e8], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 9 PUP.Optional.OpenCandy, C:\Users\Paul\AppData\Roaming\OpenCandy, In Quarantäne, [6935bf3c3e4b2b0bffd73f01a063f20e], PUP.Optional.OpenCandy, C:\Users\Paul\AppData\Roaming\OpenCandy\DC948E3B29FF453092D843A5B807AB34, In Quarantäne, [6935bf3c3e4b2b0bffd73f01a063f20e], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\defaults, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\defaults\preferences, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onlnnachibjmjahfpoemhledlpakoicg, In Quarantäne, [b8e608f37217c96da5be9faadb28e61a], Dateien: 59 PUP.Optional.Spigot.A, C:\ProgramData\YTD Video Downloader\ytd_installer.exe, In Quarantäne, [544a7a81fd8c142212dcbb6bc8389769], PUP.Optional.Somoto, C:\Users\Paul\Downloads\MCPatcher_downloader_by_MCPatcher(1).exe, In Quarantäne, [4c529764672281b5fdbbcffb838204fc], PUP.Optional.Somoto, C:\Users\Paul\Downloads\mcpatcher_downloader_by_mcpatcher.exe, In Quarantäne, [1e8042b9672232045e5abf0bd035e020], PUP.Optional.Iminent.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, In Quarantäne, [0a94ea11ddacd56122a0affb659ea55b], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_onlnnachibjmjahfpoemhledlpakoicg_0.localstorage, In Quarantäne, [a1fd4ab16b1e0d29db2dc7eafb087c84], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_onlnnachibjmjahfpoemhledlpakoicg_0.localstorage-journal, In Quarantäne, [b7e78279b5d43501ba4ea30e42c15ba5], PUP.Optional.OpenCandy, C:\Users\Paul\AppData\Roaming\OpenCandy\DC948E3B29FF453092D843A5B807AB34\TuneUp2014GER1day-de-DE-p4v1.exe, In Quarantäne, [6935bf3c3e4b2b0bffd73f01a063f20e], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\chrome.manifest, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\install.rdf, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\mtstart.js, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\softonic.css, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\softonic.xul, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\tmplt.js, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\location_combo.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\09.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\amazon.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\arwDwn.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\bg_temprature_frame.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\bg_window.jpg, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\cancel.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\change_location_icon.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\dic.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\fcbk.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\flicker.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\googletranslate.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\help_16.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\home.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\images.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\location_dropdown.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\logo.PNG, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\music.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\news.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\onsoftware.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\privecy_16_hot.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\radio.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\save.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\search.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\search.PNG, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\shopping.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\srch.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\srch.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\stat.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\tellafriend.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\Thumbs.db, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\twitter.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\uninstall.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\video.bmp, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\web.png, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\wiki.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\wthrclose.jpg, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\content\imgs\youtube.gif, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.SoftTonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\extensions\ffxtlbra@softonic.com\defaults\preferences\instlPref.js, In Quarantäne, [b6e85c9f8900e551140e60e844bfca36], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onlnnachibjmjahfpoemhledlpakoicg\000003.log, In Quarantäne, [b8e608f37217c96da5be9faadb28e61a], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onlnnachibjmjahfpoemhledlpakoicg\CURRENT, In Quarantäne, [b8e608f37217c96da5be9faadb28e61a], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onlnnachibjmjahfpoemhledlpakoicg\LOCK, In Quarantäne, [b8e608f37217c96da5be9faadb28e61a], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onlnnachibjmjahfpoemhledlpakoicg\LOG, In Quarantäne, [b8e608f37217c96da5be9faadb28e61a], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onlnnachibjmjahfpoemhledlpakoicg\MANIFEST-000002, In Quarantäne, [b8e608f37217c96da5be9faadb28e61a], PUP.Optional.CrossRider.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1429f97c3df1d5680c11e64d8ba1d834");), Ersetzt,[821c22d94346d264174ee4fc877e3dc3] PUP.Optional.Softonic.A, C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.softonic_i.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=");), Ersetzt,[faa4b8437712d363a3e0499761a4a35d] Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 19:54:59
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Paul - PAUL-PC
# Gestartet von : C:\Users\Paul\Desktop\AdwCleaner_4.109.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\ytd video downloader
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Users\Paul\AppData\LocalLow\Softonic
Datei Gelöscht : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\user.js
Datei Gelöscht : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage
Datei Gelöscht : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
Datei Gelöscht : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage
Datei Gelöscht : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{90C48AB7-731B-4A00-8D33-FF1BCF841C90}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{66D8D1B9-0B6F-423F-950A-1E6B0B7482C4}_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - fritz.box
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v24.0 (de)
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.aflt", "SD");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.dfltLng", "de");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.excTlbr", false);
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.id", "742e8651000000000000bc05430144ab");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.instlDay", "15395");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.instlRef", "MON00015");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.newTab", false);
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.prdct", "softonic");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.prtnrId", "softonic");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.smplGrp", "eng7");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.tlbrId", "de12JANdefault");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.vrsn", "1.5.11.5");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.vrsnTs", "1.5.11.513:15:58");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("extensions.softonic_i.vrsni", "1.5.11.5");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("iminent.LayoutId", "1");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("iminent.enabledAds", "false");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("iminent.version", "7.48.1.1");
[vqr73kky.default\prefs.js] - Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.48.1.1\",\"InstallEventCTime\":1385656993428,\"InstallEvent\":\"True\"}");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [14831 octets] - [25/01/2015 19:52:18]
AdwCleaner[S0].txt - [14504 octets] - [25/01/2015 19:54:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14565 octets] ##########
JRT.txt: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Paul on 25.01.2015 at 20:03:38,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{00187449-6AF7-4EBB-8E15-62D53A31A28A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{016C7695-B32A-4BCD-9D29-2F25A9DBE798}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{016D8329-8736-4642-B4FC-946C2680411A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{016FA8C4-9D38-4AE7-84D1-F2A756241C1A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{01D27554-D3D8-4A78-ACB0-ACC7A3F526D8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{037CD670-CB70-4A9A-B1F7-5651DBC3DE00}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{04A0DE57-29D8-4398-AB97-730584F422A1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{04C36391-3251-4612-9813-30476ADE29AF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{04D164CB-BA83-43AC-8FCC-0940AEED4A9B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{04FA54B2-2A60-456D-B66F-425AB6BA42BE}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{066D8B94-9A09-4B3A-91FB-47EF83E8372B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{073AF0FE-A431-4921-968C-54DD9F85BB41}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{07546CF8-E88C-44BD-97E6-785C51D6DB19}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0767ADEF-9E5E-465D-9F43-E07FE9B159F2}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0A05FC9D-03AE-4B6C-8983-BE90B6935553}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0A4A233D-E05C-4F66-A6B0-838A6307F5A0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0B03A6F8-4AFC-42CD-91DB-218BD682685D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0D39B259-7436-4765-83CB-051E22F275B1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0D3EBAEE-F481-4674-A161-E900CD86A414}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0D5DA3DE-75A0-418C-8539-780C5BDEC0B5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0D5FCFA4-F7CA-49B0-8CE3-590C822721D1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0D981BC3-1B19-4138-9DDD-46E5657FB929}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0E32057D-00D4-4EEF-A995-082A45BA761D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0EA3770D-BEA1-4F63-9B32-8AD1C8737E1C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0EB78AB6-4D60-49EF-8F0F-7957BADE1719}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0EE39844-DA6F-4571-A614-D7EFE9BF2B4A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0F173E62-8AB8-4904-B7AC-8972A403F48E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{0FBE209C-2F25-4EC5-9B63-64EFCCDC9D05}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{102B5B34-E7D8-40CC-A7C8-930840F44F9C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{11D546ED-0F14-4B3E-A09E-136006ECE739}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{13ACE1AA-CE49-4FDA-9A40-D99ED4428F2F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{14F5A297-20F6-443C-92BB-763A3690C9BF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{1544308F-12BA-49AC-8270-0192041E2C1D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{16C48FEE-2264-4590-9A77-60B86E3D7A96}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{176E7F0B-48B0-49FC-BB38-6D11849FCECF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{178484FD-7FD3-42BD-B606-17C989ACE568}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{180EF359-99AD-4D23-B489-E153E77A8FE0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{18C2C47C-D8D7-4D5A-A3E9-43BBE0D28D24}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{19D6B0C4-3B52-46DA-94AA-317BC054D347}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{1D27EB42-BB44-4BB9-8899-3DB74EAFC968}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{1D61E119-1B29-450C-9047-A12E737910E1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{1DB347F0-539F-4D0F-A9A0-2976679A8099}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{1E01BC25-E0E8-4A48-AA21-74A4CA5D6F9C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{1ECCDEBF-C6C6-44B9-ACBE-CD7D30EFDE6D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{200FCE8B-A7EA-4C6C-91C3-33ABA69229E4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2077CD9C-EEC7-4ABD-91EA-A419AC7A470A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{20B9AF81-AFD4-4A1C-85B5-97866079D747}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{20EEAD39-DDD5-472E-B532-0F879E936951}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{21A92770-37F0-4F11-99F7-70F70D7BAAF5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2377E0B0-26CA-4532-BB41-CF57609A168A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{23D43319-C5CD-4658-9B57-C2CB75F430C5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{24FF951B-8D77-4ECB-B2FE-037A267460CA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{26104EF5-FDBB-4E64-903B-7B8BA7570CDF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{267ED501-8C2D-4A19-ACB4-87AA6B2D1A56}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{274261B5-8832-4610-A893-4BA2B2EF5C1F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{27738670-4DA0-4BEF-ACCB-3A39D619F0DB}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{294B04ED-DD82-46B4-9DD8-73885226274B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2961A890-36E8-4C7C-9B4B-F5ECC0360494}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{29EAE522-52E0-4681-955E-1FEF8C71ECFA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2A3413E7-A859-4EE3-8557-A1ADE9F721BD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2A405C54-94DE-4304-8B59-D4AF8CED2466}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2B75A59D-4DF2-4912-80EB-33D358CBEE15}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2BD7BC17-EEC4-486D-92B6-B4A5BB4D4AB8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2C971BC5-BF51-4247-AF1C-D0F2CC65AD62}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2CFF1095-BFC0-4E15-AD64-C7D853CC7196}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2DAEC177-CF0C-4600-ABD9-3363FA3C56A3}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2F015A52-CE20-431D-906C-7058F39062EC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{2F85E1F9-666D-4BD6-A147-E4B93E915643}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{306F8F6A-5D33-41BB-B64E-1C0A5800AEBF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{32701F17-FAD1-4383-AD2C-070EE882CAE8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{32E1DDD9-EA6C-4CC8-BD38-2129695358A8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{33827126-686F-4D90-AA8E-CA6696DDFF48}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{33FC9B66-ED6D-460C-A61B-CBF59B6111A5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{348702F2-B49B-48EB-A839-EB2DACF4E22A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{350BA559-55E2-4FF9-853C-C028C4997CC6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{354F78CA-69F4-42E9-B34A-CF9351F96ADA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{35C5EA5B-B45E-436B-B0A2-0787C321C65E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{35E82F65-372C-4105-9132-9E25C6DCEE5C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{36374BCD-61BF-4C11-8BFF-E81EB1A9331B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{363779CA-7BD3-45C0-921F-83433B02D92F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{364675D6-5B7B-4AC4-91B1-B88159C05239}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{3959FDC6-1059-4237-A97D-221CB0827BAE}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{3BD2DE94-299D-47E7-B21B-9F11513A1124}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{3D2B6234-CE05-4FEA-BFBF-E545DF8C255E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{3D7DF23D-6607-4E46-864E-056B6CED384E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{3D85D780-C9E6-4C82-8CB4-6DA66E8EB8A1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{3EF225ED-F42A-43A4-BB67-5F80BAB522D4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{3F87FF48-CFB0-4A37-8BDF-31EB0F7314C4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{408BF86A-2DA4-43F7-A43B-E53C6F1D8254}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{40CDC6B1-6680-4296-B8A0-89E88854E377}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4198DE6C-4F79-46D6-85E6-141DCE09A330}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{42D26F3A-EAB6-4F0E-AECC-84759871416E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4306BF06-5472-4343-8AE6-F2DF0EF7932B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{444FAE17-6A01-4DB6-8EF7-6AEEC8712AF0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{447E806B-CB79-47F9-8005-22C8F2A18C13}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{44EAF434-38A1-4988-804F-E0BC48FE8D11}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4549E5F4-1902-4583-9636-773D11C8F66D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{461BCD66-7F4B-4BE5-B780-43783B2CC638}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{468D46C7-2C8D-4C2A-98A0-1261B8666335}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{46C72247-B51F-497B-8142-8B7C8FA5B533}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{47527170-013F-4FB4-A277-EF4DB713F687}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{478A072B-7A8C-4E39-9902-3B7AF2BD3A6A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{485CB04C-01D4-4DDA-A2BB-8134F1647BAA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4994B4F6-28D0-4BDD-BEBD-A6D2BD6D4933}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4A8C8E21-5F36-4D62-9D81-FDE377C19F74}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4BA183D3-8F04-41EB-97C5-9C4555632B74}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4BC08852-868D-4777-8586-FE7B1AE26282}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4BCCC524-3137-4BEE-8EC4-86211762E251}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4C0D17B1-C1C6-45C9-A435-1AD26148064A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4D2E6D70-D1F5-4894-8C7E-9EEBFD4EC229}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4E833EBF-A7F4-4365-9256-BDCA697C1CF1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4EA8F9B9-6DE0-44E1-BFB0-0031FBE62DD8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{4F50EF60-86AD-42A4-9ABF-D02F561FBF71}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{50FF8942-1990-4878-A752-EFD4F4E2CD38}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{53EDA058-854C-458C-BE4F-A55761C40615}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{549D327D-D65C-4D96-96C5-B4C79DDE5927}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{56024540-D562-47CA-BE36-181A6064BB7B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{56BBA8EE-A030-40FA-8919-89E8F0DE6DD2}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{57227D1A-9FD4-463F-B81C-E025C982B85D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{57925D7B-772C-4B55-9B89-FC58AE091FEA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{57DB84E7-7901-4D8A-AEAA-B85184077E96}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{57F5F6C8-C75B-419F-9477-814A211B163B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{57FC9DEC-E97C-4EA6-96E4-CDE5BA72291A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{59276EE2-4CD3-499D-A0A5-F866A8CC7C7A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{59B9947F-3BB0-4EBE-B8B7-7BCC571A396A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{5AB13482-0B3B-4B88-8C31-7D81EF95AA2F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{5AD4A679-BCC2-4706-BB37-77CEA3350700}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{5D65A57C-F8D0-4961-A7B1-6AC9A130F153}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{5DDAE829-9101-41F2-85CF-A87059000C4E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{5E6701E6-E11A-4DEA-8DA5-446268288A2B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{5F29F1AE-F1E5-4855-A280-4CF401FCE02B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{5F6E1669-6791-4E07-8EEE-616F7DFE31F1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{60893B6E-952C-436B-A430-448E69BFDBB9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{609AF6B8-29E0-439C-A198-2D28A3ECFB1D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{61DCBDC6-7BDA-49E0-9EFE-C9FDB98A88F4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{63C2F130-34E6-4FD6-A406-BC56C788B4FA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{64CC3308-9D66-4049-94E8-67431DF2815B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{65868A01-9211-4AA0-8E5F-96703DAEB5F9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6639A676-B00B-4005-B437-15EAADC70D95}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{665B6A74-5EA6-4A8E-9D75-582336DC1E15}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{66CF1F32-A9EE-4386-B67E-447FA899A79A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6799B880-BC50-47DB-88BB-D913E779328D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{68211F04-29AB-43DA-A50C-55C556B3BF63}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6923D2B8-B9B3-4BF9-801D-7D960DB8A8B5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6969BCF3-3A41-423E-A3A5-894B2030D6D2}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{69EBAA12-3917-49C7-9394-1AE4EFD3CA88}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6AB2DA42-3B1D-4FCB-BF83-38BE3894D1FA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6B5E0061-C0C4-43B8-8BCE-36E60A1D6B37}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6B9ADCE5-1F8D-403A-A1E3-CE455055B5E1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6BDD6A49-6953-4126-90F3-00820D0F0336}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6CD5745C-AA7E-4023-867A-914D962FBC61}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6CD9AE1D-1FA5-4DD2-A99B-E56CE0F85130}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6D38E7E5-CDA2-4968-ACB7-BC8F6B022E61}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{6F8DBA4F-55FB-4509-A51A-426EAD2288C8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{70E97C29-BD4E-468A-903F-EF4DFABF8426}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{73B39780-39F9-44ED-A11C-112D5C4EE8D8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{73C97DDC-007E-4DFA-AD55-5F0DDE29D30A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{74170755-7137-47B1-A067-788558BB0949}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{750BC71D-667F-47A7-93A4-474D7B39120D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{75404333-C45D-45C8-8ED0-698A75A85256}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{754E0673-ECFA-4D10-ADA4-2E0FFC1C4A84}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{756B52F3-4A23-4F56-9D31-8EFE2BA39AC6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{757D7781-C051-40C8-9FCE-5AD9D2001CF6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{761271BC-BDFE-420C-8EC4-844BA3B3DF0B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{761496E3-342A-4676-9E12-66C2BC3853DA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{761B089F-4469-47D8-953C-7D2C30ED49F9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{763368D4-EAF1-41EF-B63D-8F9DF47A436A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{76A019FD-BA1B-419A-BBEB-E57514093FD9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{792938B1-D8AB-48EC-AF00-561AC83F64EF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7977F59D-C372-4103-AE9E-C61E92833D3C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7A03E6D6-AFC4-40F3-BC89-66C419D5BB9C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7A73A0D0-8259-43D9-A7DA-282FD63AF884}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7A78375E-3C6B-46EA-BD43-3B37971DEB66}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7B32B5AB-4D79-4EAC-9284-3F0D6BC3D6C8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7DA4EF47-3F93-4B78-AF68-D9AB8BFF265D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7EB197F4-9D42-40B9-BAA4-7022FCB58C81}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7F0048C4-3FBE-4C96-A7C0-318A40C3D3D7}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7F8675E5-413E-4B35-9FA4-FA8DD29429EE}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{7FDA0F03-F933-40CA-B6D0-840AA374E63C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8057CB6B-6FD2-407D-857A-CCE155D90498}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{80A8DA08-1197-47BA-8F16-AE8A1D218B9F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{818891CD-C8A7-4258-88D8-6F1CD7F77E91}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{819ACD39-D0B4-489E-98AB-7863867AC703}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8484B082-C72C-45A2-B0E8-D86D3CC840F2}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{85468A7A-A74A-4064-892C-2FFA3CEB80D9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{859A9CB5-3B7A-455E-8D04-25D36B7E62DC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{86C06A1A-D46F-4E45-B8DA-2935713945DD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8766C185-DCD8-4AFD-9C40-C24C8E82D985}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{87A3F12B-B58F-4A74-8182-D02027EF3DC0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8903F708-6D58-44A1-B091-C0B296A47158}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{89D1C54A-1344-45B3-9AD4-A17E1FE83F31}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8A470C44-7679-4597-92ED-EFE8951A47A9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8AE86FBB-E43E-401B-99AF-751BA4870349}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8AF476C2-85EF-4C85-B199-AE9E681233B8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8AFE0BD0-50F9-42A4-BA13-F512ECC13C6B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8B09A16F-0266-4A74-9C9C-DB27969F05F4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8B5E76E7-A19B-4B9D-B7CD-BFE3086C0464}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8B90FC86-4960-4460-AB1A-806234775380}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8D42A5AA-0295-47D5-8F61-381D17C91857}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8E3E0007-28DE-40C3-A251-1D352F84929D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8E9A823A-C5CB-445B-A5B7-CED220B3855F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8F76519C-BCBE-4EBA-8CBD-149590565C4C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{8FD1DC57-B1FF-4BBB-9422-B1D3197EA78D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9017C46C-4F46-4270-88B8-0CC88404AFF7}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{906DFE7C-2749-4912-82C9-4F73074DEEEF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9211235C-1772-486E-AD35-72568F4E3DF2}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{92681CF0-148E-4830-A97E-7C5AB66068B8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{93997802-2591-49FF-87B0-F135AB44A44D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9633A056-10EC-474B-BD44-58E55AF74608}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{98787338-6C4F-4E82-A2EA-A3319EE4EB91}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9910ACF4-D372-4431-9D1B-1894153E58C8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{99E35811-88AA-42E1-B721-D2E31600736E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9A71BA8C-0F86-4EF6-B493-0E4FE7009AF4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9A903C96-61F8-460B-8E24-1EC808CA57DD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9BDE44D3-DBFC-4542-8D6D-D1743C68135B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9C713E1B-6F86-440C-8B33-5132EE883D98}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9ED95A0F-33DB-4FA8-ABBE-35946FF1BBCF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{9F7DF3C9-29BB-4147-9ACE-5F5628D354F9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A127FC6F-6C18-420F-962D-7BAF3138ED3C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A2265694-728B-4BD7-88A0-3679CFE9C7C5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A31CC8D3-2CCF-4EE5-BA98-1E932A50E267}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A331DC95-230A-4C2D-8D85-17C0E64A8E8A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A388AA28-47C6-4C6F-92C4-CF4691818538}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A3C013BA-57B8-49C5-A4A6-CC4A31F1CBCC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A509DA5F-9819-4BE8-A582-1726908A279B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A5472F25-9DD1-4C78-A6BA-3F9B78109F3E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A58118E9-46EE-41C2-9E61-C25DAC32D922}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A5890C0C-4BBA-4BF5-8732-6F64698262B1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A58A781A-64E7-4B11-B561-22D1DD9053AC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A6989A07-2F8D-4568-9C33-865E3DE26AD0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A7172E90-6592-4EC8-9E0C-72AA5D8C1EF1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A7CA9D1A-7AC7-48D8-BA20-22235F44FEDD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A7DCEDDB-9CE5-4DD4-8685-609421823EDA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A829FEAE-2CC0-45CD-B41D-500812B9CBE6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A8DB640A-B134-45CD-88EF-0EFF14005F06}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A93A8F3D-0F3E-4ADB-A832-CCA5750FA3D1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{A9D93FED-12FE-4A31-A8D6-D8C24820B1E4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AA0D5586-F0F3-4BE5-8A91-5E29635C2C90}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AA14DD7F-59F9-4E0D-B538-264B52D7CC94}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AA76CAA3-9673-4B24-A7FE-890CDF09468A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AAD1C10F-9BA8-4092-A597-4C50CAB009A5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AB914840-F816-4AE8-ADC3-EA4E00A8AF24}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{ACF70C32-D5D3-4992-A065-6F4EF50F2089}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AD92944A-4AC3-4FE7-B993-1D269C5A6ED7}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AE485068-C381-4972-91BC-6E93A5369214}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AF60FF11-CC63-4DC5-AEAA-A82A422B7BF8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{AF7EE147-926E-40FE-A006-A27096E366AF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B0FC364D-988A-4AD5-AA2C-05D3A63C6E23}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B1C7A593-8824-40EF-9A05-397AFC370C96}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B25D0255-2FB7-48D6-BF20-4FB42E6BBFAB}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B2BB22B1-FA36-4435-BA13-3E8CC59DE6FA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B3061BE4-C94D-4906-BC42-CD40984E641E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B428501E-2E7B-41A9-8AA9-4ECFB98C5DE9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B5DB2C82-B1D1-4A90-B405-89B5F6953769}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B60E6167-C9ED-4C75-890D-8418AD0528A8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B675B8E3-2AF0-4572-90E7-4B2BC80EF185}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B6B1B1D1-0EBA-4776-BCD7-5FE3C0A2F2C9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B6B33FC0-B8F4-451C-A822-425DCC6DFEFB}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B716C359-B2DF-4526-87A1-CCC5BF6B47FD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B8994786-5EBE-4B60-9786-7CA0CF82D6E7}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B899B6B5-8BB3-4645-87BA-C449F58F5A82}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B91051DC-9DF9-4317-AE1E-973B326AF5F2}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{B9BB5919-C579-4DD3-BB4B-070624762F7C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BA6E9DD8-889D-4B30-B75C-6996EB60CC51}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BAD34B94-E874-4F6E-9FAB-F170498D2AA1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BB1DF1B3-4406-4B19-8320-75892ACCD542}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BB35416B-D2F7-499A-9704-435C26AA6F2E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BBB277A1-5827-43FA-B415-69C43551F9A3}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BBEA1930-13BD-4CB1-8CDE-28475347EF14}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BC8AFAEE-BA49-42B3-A489-755EB3AFAD64}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BC97876B-5B0F-45AF-BC33-2FAF313058C0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BD1C6A17-2453-48AD-AA80-F2B934A31179}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BD35ED7A-2D89-4BBF-86CD-269932A541F1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BEC6C394-E744-4362-B3F4-6539EB0B4B78}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BEE15D1A-77B1-4D51-9612-0CBE11163390}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{BF564043-99D6-42D6-A008-7FB28B8D401B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C01F1B03-EAF6-4707-A808-BA5488DFFEE9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C159C66A-20E4-44DB-9E50-597F3945AE45}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C202F75C-4C25-4AF1-BF36-94A28673F53E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C26D5312-4C2D-4C27-AA88-AB7D7B33A085}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C2A2E688-1CCB-4D7B-83FC-8AAA35B820EB}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C339CFB8-C615-46F7-BDD8-6DBCD4DE60E6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C3AC72AB-8A91-47E5-A169-F29AC21E488F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C3F16025-D2E8-4B74-92DD-F9A98BD4A831}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C42C8C11-6224-40BA-8D72-E74C4989E024}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C522A104-36B3-492D-934A-856BD6ECFDF4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C5FC40D3-BAE2-47ED-BF4B-84AFB08FD4CB}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C6187794-5B22-4AE1-B576-AD4E25546D58}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C64998A1-0BC7-4406-8698-47CE9CC910A9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C699BC69-1B96-4F45-9A92-12819C47776A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{C9DD1CEF-377C-4718-9057-68A727FAE76C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{CC86BA8F-4855-446C-8E72-579F746559C9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{CD64C970-E51C-4E44-A96C-3A7F009562B1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{CE9D0FB5-39E2-4590-9B42-E57357349AE8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{CFD974BB-6B06-4018-A57E-C192EB8BDCF6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D146C7C4-1D49-4FCE-A2F0-FC8BFA4996AC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D1ADF115-7C66-4752-8ABE-96B5F66B180E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D1BDC18A-0B3F-4342-AABA-C7385E230458}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D2EB6F3F-1F21-44B2-BC94-A02F4C9E5372}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D345EF19-B525-4A6C-ACA9-B0A39FB3419D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D364BD53-750D-4DBB-8763-A82334D90044}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D3BA7D18-6D89-458B-B0DC-99EC1AA3389F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D4700C50-CCB6-4DC9-AB40-C602AD199E96}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D6AEE3CA-0D45-4DC3-99FE-4744B9EF9EA0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D70DF002-75FF-436E-8D84-E9B261BF11FE}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D7604BFA-FC5E-41CA-880D-D22F1A87B9BF}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D89271A3-5600-41C0-B19B-2926EE327DE9}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D99D3C25-6774-4712-B819-6C0F8A2872D6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{D9DFD2D4-1E88-4FD2-AB77-BAAD694572A5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DA13A293-B358-4DF5-81B5-AE5F3020311F}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DA7CBD00-969E-45AB-812C-F22C7153053B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DB203B8B-8D11-484E-A4A6-FB116B40F15C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DB6AF27F-70E0-4FC1-B9E5-047C77A8C37C}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DB8E1F4E-85CF-4E2F-99DC-DA8B82EE1648}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DB8F6D42-14C4-4D7C-A9B4-126445292EDC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DC3FDB36-0055-4740-A2AE-6E1E76762CDD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DC6C5EC9-14E8-4BFD-80F7-91F83B5FD93E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DC809E04-4EBA-44F8-8ED4-5A3F5F06D544}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DCC020D2-D943-4752-A2D1-6651BD4F8CCA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DDDE5559-A6D7-4E92-9823-9C30AB0BCAD4}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DE00E140-9FE2-4958-B7C6-02C580F26CAD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DE4B8493-4772-4603-96C9-794C1345B4B5}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DE68F112-D2F5-4367-A08F-FEF5FFCBCC9A}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DE8ACFA1-D08F-49F1-BA7D-23717763C6C0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DEACB089-D843-4B3A-8B19-F262D5D4E6CD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DEB50548-0F21-403B-AD7B-945D7C3028CD}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DF2A48EF-5FEB-4CE3-B100-8B657E9304DC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{DF420689-8667-4B9D-98C4-A06FC4951801}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E05D45BA-1755-4568-B387-9E18DBE833B8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E0C90DD3-7E50-4448-9297-0990B8AF341B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E1C17405-E192-4CD6-8EB1-6B51709CDF83}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E3243A9D-32FC-421F-97CE-4D0D3BECDA99}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E389987D-89C9-439F-848E-117DB12AD4EB}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E56BF222-AD21-40EC-9E81-C6217AC12A53}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E6330A92-30F1-49EB-BB46-C3C45BAA1643}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E66CD097-1AD6-4218-A555-5EDF341CB204}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E712E47F-4815-47B2-A6A3-B3168F0F8540}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E761DD17-E702-4E94-AA1F-4B3BCCF37621}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E7BA52BD-20A6-4D55-8031-0264AE40CF0E}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E88205F8-7FA6-4BD0-B66A-DCC4FD04C0F1}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E88A4F60-7B49-4746-AFBB-BFFBDD7AD048}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E8A93DE5-27AF-4C5D-A480-DF974B3EC873}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{E92C6778-82FA-4B73-9738-7C60E89A923B}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{EAAC2018-F28A-41AE-966B-70F7CEEE1FF8}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{EB7EE757-2B0C-4B22-9CB1-FE46F7737713}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{EDF6D4B2-5CB8-41C4-B9B3-39174506D762}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{EE150B53-1018-4706-B5A8-92ADAA8B792D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{EEAD65FD-69B2-4718-80DE-444F0FF345EA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{EF19C659-6520-41CF-AF55-31DB14729F59}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F0FB1C2B-9B2A-42EE-8A09-129EF14D7A99}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F149EAB5-7FA0-469A-A454-97D389D46CAA}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F6F7895F-FDD7-4CFB-9AE1-957EC2B0FC99}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F728CB82-A252-4E09-99D4-40FD16D063E6}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F76A9DD1-2819-480D-A540-2471ED72FF43}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F777D007-EF79-4194-A343-AC2B0AA3C392}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F7A2AFB0-6AA6-41B5-A41A-805FEE093E65}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F7A918AA-4313-4E84-9D26-ED0C238D3D88}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F7C0DCDB-CE41-4044-8395-243F9CC2BFE0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F7F9102F-8A84-4B41-87DD-7B8AA65B340D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F976768C-D9F7-4D41-9D1F-07A9D8165568}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{F9E71BE2-7A2D-4F2D-91C2-56A254D1D340}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FABC0B98-CC7A-496A-AFF0-C1AF8D9E7AA2}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FADCB889-3480-4693-BA40-5936C1BB0EC0}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FB1A5971-DFCF-434D-A295-B42193A56DAB}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FB4B7AF4-32FE-4393-A83A-5CB4F73C792D}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FC6A1FC2-1817-4346-95FF-5DFB8EAC8540}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FC74D71C-6B78-477A-8AA6-195934DF0550}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FD224C1A-D851-465D-B2DF-250EFC8B1BAC}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FD4A7473-70DD-42E9-B1FD-27350DC09E78}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FD6D669B-3D6B-4017-BF75-322A0E6D5CB3}
Successfully deleted: [Empty Folder] C:\Users\Paul\appdata\local\{FF235A66-7C51-4C89-8F96-5E6FCD645A7E}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Paul\AppData\Roaming\mozilla\firefox\profiles\vqr73kky.default\minidumps [260 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2015 at 20:08:13,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Paul (administrator) on PAUL-PC on 25-01-2015 20:08:47
Running from C:\Users\Paul\Desktop
Loaded Profiles: Paul (Available profiles: Paul)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Vimicro Corporation) C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10tray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.82.106.0\OverwolfBrowser.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.82.106.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.82.106.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\Purplizer.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.82.106.0\OverwolfBrowser.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2010-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
HKLM-x32\...\Run: [VMonitorVMUVC] => C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [143360 2008-08-29] (Vimicro Corporation)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411976 2011-05-20] (H+H Software GmbH)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2010624 2013-07-20] (Dominik Reichl)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-06] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-01-15] (Overwolf LTD)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2014-12-29] (SlySoft, Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Spotify Web Helper] => C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-16] (Spotify Ltd)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///D:/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///D:/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///D:/components/wmvhdrating.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Paul\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-21]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [Not Found]
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.youtube.com/", "https://soundcloud.com/"
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-08]
CHR Extension: (Adblock Plus) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-31]
CHR Extension: (Google-Suche) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-08]
CHR Extension: (Kaspersky Protection) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-21]
CHR Extension: (HTTP Switchboard) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghdpehejfekicfjcdbfofhcmnjhgaag [2015-01-09]
CHR Extension: (Google Wallet) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Blue Space Sunset Chrome Theme) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog [2013-09-19]
CHR Extension: (Google Mail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-08]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
StartMenuInternet: Google Chrome.77NF3QMOJ2JKXZ5OQSOMNEPPWE - C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Locked "vdrv1000" service was unlocked successfully. <===== ATTENTION
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] () [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R3 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-15] (Overwolf LTD)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2011-05-20] (H+H Software GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-02-29] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [227616 2013-12-13] (Dexetek )
S3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [File not signed]
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-02-29] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198784 2009-05-25] (Vimicro Corporation)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-25 20:08 - 2015-01-25 20:09 - 00027474 _____ () C:\Users\Paul\Desktop\FRST.txt
2015-01-25 20:08 - 2015-01-25 20:08 - 00039822 _____ () C:\Users\Paul\Desktop\JRT.txt
2015-01-25 20:03 - 2015-01-25 20:03 - 00000000 ____D () C:\Windows\ERUNT
2015-01-25 19:52 - 2015-01-25 19:55 - 00000000 ____D () C:\AdwCleaner
2015-01-25 19:49 - 2015-01-25 19:49 - 00016004 _____ () C:\Users\Paul\Desktop\mbam.txt
2015-01-25 19:40 - 2015-01-25 19:58 - 00001172 _____ () C:\Users\Paul\Desktop\LEWIS (D) 0 Bytes.lnk
2015-01-25 19:16 - 2015-01-25 19:16 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-25 19:16 - 2015-01-25 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-25 19:16 - 2015-01-25 19:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-25 19:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 19:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-25 19:12 - 2015-01-25 19:14 - 01707939 _____ (Thisisu) C:\Users\Paul\Desktop\JRT.exe
2015-01-25 19:11 - 2015-01-25 19:12 - 02194432 _____ () C:\Users\Paul\Desktop\AdwCleaner_4.109.exe
2015-01-25 19:06 - 2015-01-25 19:15 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Paul\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-25 17:34 - 2015-01-25 17:34 - 00003234 _____ () C:\Windows\System32\Tasks\SidebarExecute
2015-01-25 16:40 - 2015-01-25 16:40 - 00035650 _____ () C:\ComboFix.txt
2015-01-25 16:05 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-25 16:05 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-25 16:05 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-25 16:01 - 2015-01-25 16:40 - 00000000 ____D () C:\Qoobox
2015-01-25 16:00 - 2015-01-25 16:36 - 00000000 ____D () C:\Windows\erdnt
2015-01-25 15:58 - 2015-01-25 15:59 - 05609462 ____R (Swearware) C:\Users\Paul\Desktop\ComboFix.exe
2015-01-25 15:49 - 2015-01-25 15:49 - 00000000 ____D () C:\Users\Paul\Desktop\install-tl-20150124
2015-01-25 15:47 - 2015-01-25 15:48 - 12659782 _____ () C:\Users\Paul\Desktop\install-tl-windows.exe
2015-01-25 15:41 - 2015-01-25 15:45 - 59582507 _____ () C:\Users\Paul\Desktop\texmakerwin32_install.exe
2015-01-25 15:40 - 2015-01-25 15:41 - 14253375 _____ (JabRef Team) C:\Users\Paul\Desktop\JabRef-2.10-setup (1).exe
2015-01-25 15:39 - 2015-01-25 15:42 - 37905256 _____ (Benito van der Zander ) C:\Users\Paul\Desktop\texstudio2.8.8_win_qt5.3.1.exe
2015-01-25 15:36 - 2015-01-25 15:37 - 14253375 _____ (JabRef Team) C:\Users\Paul\Desktop\jabref-2.10-setup.exe
2015-01-25 11:59 - 2015-01-25 12:15 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Paul\Desktop\tdsskiller.exe
2015-01-25 11:02 - 2015-01-25 19:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-25 11:01 - 2015-01-25 19:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 11:01 - 2015-01-25 16:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-25 10:30 - 2015-01-25 11:57 - 00000000 ____D () C:\Users\Paul\Desktop\mbar
2015-01-25 10:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-25 09:29 - 2015-01-25 10:16 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Paul\Desktop\mbar-1.08.3.1004.exe
2015-01-25 09:27 - 2015-01-25 09:27 - 00001268 _____ () C:\Users\Paul\Desktop\Revo Uninstaller.lnk
2015-01-25 09:27 - 2015-01-25 09:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-25 09:01 - 2015-01-25 09:17 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Paul\Desktop\revosetup95.exe
2015-01-24 17:43 - 2015-01-25 20:08 - 00000000 ____D () C:\FRST
2015-01-24 17:41 - 2015-01-24 17:41 - 02129920 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2015-01-23 18:49 - 2015-01-23 18:49 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\xm1
2015-01-23 15:14 - 2015-01-25 15:38 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2015-01-23 14:55 - 2015-01-23 15:11 - 59582507 _____ () C:\Users\Paul\Desktop\texmakerwin32_441install.exe
2015-01-16 18:45 - 2015-01-16 18:45 - 00001606 _____ () C:\Users\Paul\Desktop\cheatengine-x86_64.exe - Verknüpfung.lnk
2015-01-16 18:05 - 2015-01-16 18:05 - 00001352 _____ () C:\Users\Paul\Desktop\isaac-ng.exe - Verknüpfung.lnk
2015-01-16 14:07 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 14:07 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 14:07 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 14:07 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 14:07 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 14:07 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 14:07 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 19:41 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 19:41 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:30 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:30 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 14:30 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 14:22 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:50 - 2015-01-13 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-13 20:42 - 2015-01-13 20:42 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-13 20:42 - 2015-01-13 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\Program Files\iTunes
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-13 20:41 - 2015-01-13 20:41 - 00000000 ____D () C:\Program Files\iPod
2015-01-11 13:48 - 2015-01-11 13:48 - 00000000 ____D () C:\Users\Paul\Desktop\Plugin programmieren
2015-01-10 19:11 - 2015-01-15 14:22 - 00000000 ____D () C:\Users\Paul\Desktop\Musik
2015-01-09 15:57 - 2015-01-09 15:59 - 09052432 _____ (Cheat Engine ) C:\Users\Paul\Desktop\CheatEngine64.exe
2015-01-09 15:07 - 2015-01-09 15:07 - 00000000 ____D () C:\Users\Paul\Desktop\rebirth-r26_b24
2015-01-09 15:06 - 2015-01-09 15:06 - 00163932 _____ () C:\Users\Paul\Desktop\rebirth-r26_b24.zip
2015-01-09 15:04 - 2015-01-09 15:04 - 00000000 ____D () C:\Users\Paul\Desktop\The Binding Of Isaac Rebirth
2014-12-28 16:58 - 2014-12-28 21:15 - 00000000 ____D () C:\Users\Paul\Documents\Die Kunst des Mordens – Der Marionettenspieler DE
2014-12-28 16:58 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-28 16:58 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-28 16:58 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-28 16:58 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-28 16:58 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-28 16:58 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-28 16:58 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-28 16:58 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-28 16:58 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-28 16:58 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-28 16:56 - 2014-12-28 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
2014-12-28 16:51 - 2014-12-28 16:51 - 00000000 ____D () C:\Program Files (x86)\City Interactive
2014-12-26 21:26 - 2014-12-26 21:26 - 00000012 _____ () C:\Users\Paul\Desktop\Zimmermann.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-25 20:06 - 2012-06-22 12:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 20:05 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 20:05 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 20:03 - 2013-12-29 20:42 - 00000000 ____D () C:\Users\Paul\AppData\Local\Purplizer
2015-01-25 20:03 - 2012-02-23 14:52 - 01440208 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 20:02 - 2014-11-04 17:44 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Spotify
2015-01-25 20:01 - 2013-09-20 21:26 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\vlc
2015-01-25 19:59 - 2013-10-31 12:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-25 19:59 - 2012-09-25 12:45 - 00000000 ___RD () C:\Users\Paul\Dropbox
2015-01-25 19:59 - 2012-09-25 12:42 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Dropbox
2015-01-25 19:57 - 2013-12-29 19:36 - 00000000 ____D () C:\Users\Paul\AppData\Local\Overwolf
2015-01-25 19:57 - 2013-10-01 08:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-25 19:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 19:57 - 2009-07-14 05:51 - 00159282 _____ () C:\Windows\setupact.log
2015-01-25 19:56 - 2010-11-21 04:47 - 01302454 _____ () C:\Windows\PFRO.log
2015-01-25 19:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-01-25 19:37 - 2012-03-08 16:39 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
2015-01-25 19:36 - 2012-02-24 14:29 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Skype
2015-01-25 19:20 - 2012-08-27 12:15 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
2015-01-25 19:05 - 2014-09-04 17:59 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\.minecraft
2015-01-25 17:10 - 2012-06-22 12:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 17:10 - 2012-04-06 10:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 17:10 - 2012-02-24 19:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 16:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-25 16:27 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 16:25 - 2009-07-14 03:34 - 85721088 _____ () C:\Windows\system32\config\software.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 23592960 _____ () C:\Windows\system32\config\system.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-01-25 13:20 - 2012-08-27 12:15 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job
2015-01-25 11:31 - 2012-05-13 15:59 - 00000000 ____D () C:\Windows\de
2015-01-24 14:19 - 2013-12-29 19:59 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-24 14:17 - 2013-03-19 20:42 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\TS3Client
2015-01-23 22:36 - 2013-12-07 11:41 - 00000000 ___RD () C:\Users\Paul\Desktop\Programmieren
2015-01-23 14:05 - 2014-11-04 17:48 - 00000000 ____D () C:\Users\Paul\AppData\Local\Spotify
2015-01-18 11:26 - 2012-12-11 20:32 - 00000000 ____D () C:\Users\Paul\Documents\Weihnachten
2015-01-18 11:25 - 2014-12-13 10:16 - 00000000 ____D () C:\Users\Paul\Desktop\Weihnachtsvideo
2015-01-16 15:09 - 2013-08-14 14:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 15:02 - 2012-02-24 08:34 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 13:20 - 2013-05-27 07:33 - 00000000 ____D () C:\Users\Paul\AppData\Local\D04A5107-4C73-43E6-9E6B-93AC6F41156D.aplzod
2015-01-13 20:41 - 2014-09-30 18:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-13 20:41 - 2012-02-23 21:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-12 12:29 - 2014-09-18 17:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-12 12:29 - 2012-02-24 14:29 - 00000000 ____D () C:\ProgramData\Skype
2015-01-09 17:09 - 2014-11-30 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-01-09 17:09 - 2014-11-30 15:45 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 13:58 - 2012-03-28 19:57 - 00000000 ____D () C:\Users\Paul\AppData\Local\CrashDumps
2014-12-29 12:00 - 2013-06-30 08:59 - 00000000 ___RD () C:\Users\Paul\Desktop\Spiele
2014-12-28 16:58 - 2012-02-25 13:44 - 00552957 _____ () C:\Windows\DirectX.log
==================== Files in the root of some directories =======
2014-09-25 08:03 - 2014-09-25 08:03 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2014-09-25 08:03 - 2014-09-25 08:03 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2013-12-03 20:43 - 2013-12-03 21:13 - 0000132 _____ () C:\Users\Paul\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2013-09-16 20:42 - 2014-04-03 13:46 - 0000132 _____ () C:\Users\Paul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-09-29 09:12 - 2012-12-02 10:42 - 0002279 _____ () C:\Users\Paul\AppData\Roaming\SAS7_000.DAT
2013-01-29 13:27 - 2013-01-29 13:27 - 0000600 _____ () C:\Users\Paul\AppData\Roaming\winscp.rnd
2014-08-03 14:49 - 2014-08-03 14:58 - 0001456 _____ () C:\Users\Paul\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2012-02-24 14:16 - 2012-09-25 18:37 - 0007168 _____ () C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-07 11:14 - 2014-04-07 11:14 - 0000040 ___SH () C:\ProgramData\.zreglib
Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoovvmr.dll
C:\Users\Paul\AppData\Local\Temp\Quarantine.exe
C:\Users\Paul\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-25 10:05
==================== End Of Log ============================
|
|
26.01.2015, 09:55
| #12 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus, der das Internet mitnutztESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.01.2015, 20:26
| #13 |
| | Verdacht auf Virus, der das Internet mitnutzt Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5318a20533d03145818d7a92a330bb9f
# engine=22145
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-26 05:01:03
# local_time=2015-01-26 06:01:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1296 16777213 100 100 20784 26367945 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 24216 173921513 0 0
# scanned=600981
# found=47
# cleaned=0
# scan_time=20348
sh=399782A2AB704FCF977DD8C511424301382F4659 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\50onred_ads_only_no_fb_m[1].js"
sh=E6BDC1907B7FE7C78DC0F1AF9FF678F5EB4D8E73 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\arcadi2_sourceID_m[1].js"
sh=8DA432D51B41A6173EB4EF86503ECB6052C9FEB0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\corticas_m[1].js"
sh=8904E5EB2B62F4990C389BF96A83156BC8EF8B78 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\icm_convertmedia_m[1].js"
sh=265DA50E59D0A378137BF371DD90E0784E2E3522 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\luck_m[1].js"
sh=5B3338E8C3C20A95C180626940F7C6BC46D49F5D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\revizer_p_dynamic_b2b_m[1].js"
sh=2536CE239CC1E9DCCB8931BC82F1CF8520F55686 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\revizer_p_m[1].js"
sh=BAD6F905DCD72B7D2A93D06582B026F3CCF3616E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\revizer_ws_dynamic_b2b_m[1].js"
sh=4D3C4E7F62A2D7421D532A6F309D407BE1134FE9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8Z2Q58A\superfish_pricora_m[1].js"
sh=0729BA2080FB482AD0CCFFA9EB2B1BFEBB7DE4F8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\active_sanity[1].js"
sh=F6FA9D82AEFE95E8544F0B7EE8D1784E6A3D02A9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\coolmirage_m[1].js"
sh=414BA1B7AEF9A844B50F88BC0548E60F296EF5F5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\corticas_ru_m[1].js"
sh=431FFC8C5F0160D893723BFF0CCE55742716AE3D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\coupons_intext_ads_5_m[1].js"
sh=A683550DA906D5B94A7903747C190E32971BCF8A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\dealply_m[1].js"
sh=2301B99B2F03CE326D6A6BDC1CF9FF1E3B72E126 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\intext_5_m[1].js"
sh=64E1E6B4EF399CFE19D4D144505F344FF97E8CCB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\intext_fa_m[1].js"
sh=675F44991136237FD89C48DFCB5C60FDED223BD8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\kreapixel_pops_m[1].js"
sh=6BAE4634957305EA02B0FED1E9CDDBE6A14914E0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\noproblemppc_m[1].js"
sh=A62B84877980937B4AEDCA3FFCF3D205B63C335F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q58WFQ2K\superfish_no_search_no_coupons_m[1].js"
sh=17D89CE58F13C889CB70A1343503C1D87CD57AC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\arcadi3_m[1].js"
sh=062C50599A7B0E47E52FCE5016D5EC6EE2AD3A1C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\arcadi_serp_dynamic_id_m[1].js"
sh=075CCE375A95F47C55CE0FF0FFACA5A5156008FF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\bpo_serp_m[1].js"
sh=B652474113207ED7164ECBC8159F543E580D9C2E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\cortica_rollover_m[1].js"
sh=6451ECD5DE96F6A7FE6D3FC34383BEC9562673F9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\getdeal_m[1].js"
sh=76383B8DE33E6BBFB98D545DEA12B018A0A8F2C8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\icm_m[1].js"
sh=F5C88EA43CAB5305B3DD429370A60597BBF3BBEE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\intext_adv_m[1].js"
sh=44CB8D6CFE38D9BD4074DA7CA8FC179DEE6C71BA ft=1 fh=65c0dac34c8582f7 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\MinibarFirefox[1].exe"
sh=E7B15553E491E516840F6BFF4C58AA6AB96DB046 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\retargeting_bi_m[1].js"
sh=F4ED2E70B2B8D0F1C4EA381BC928D4DD0438F0F7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\revizer_p_dynamic_m[1].js"
sh=BFD0F29067CAE71544784708FE5554D6518AD6AD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS2C8H5O\superfish_no_coupons_m[1].js"
sh=D18E5663BD50721E9B9FC6B12FE1F19E9E20F6E9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\arcadi2_m[1].js"
sh=EBC6B605C382391DB57EAF46206ADD0D7CEBF803 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\ciuvo_m[1].js"
sh=340C42F0D5E93EBEA1197BFB0EDD1B9680462756 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\ibario_pops_m[1].js"
sh=894D0F3EAAC59911117C997B029F44332D42491B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\jollywallet_m[1].js"
sh=1EA04BCB00EDDDF6AB0F0CCB4C7A4E71AF052B14 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\monetizationLoader[1].js"
sh=981BAB53F6F158BB5F89B0A202EC0FB975258A4F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\pops_5_m[1].js"
sh=1B82157104A9F645095DF7AE7B5CF872400DF531 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\revizer_ws_dynamic_m[1].js"
sh=B1FD213981E274BCEE2697A82C7E87CA7418C39B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\revizer_ws_m[1].js"
sh=D5212A2476A79B951BD21CF9B9ED07F31C72DF5E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGUYMWCX\similar_web_m[1].js"
sh=8904E5EB2B62F4990C389BF96A83156BC8EF8B78 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Local\Mozilla\Firefox\Profiles\vqr73kky.default\Cache\9\24\FDE86d01"
sh=EC784B6DD2E6920E8C41988B82924554ED24C028 ft=1 fh=9f21317dcc655ca0 vn="Variante von Win32/FirseriaInstaller.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Roaming\Apple Computer\MobileSync\Backup\0a9ea77c06489015f495bfba661a6b18e4939c08\44fc0142b24d654989aad58892a2fbcaeba2ea25"
sh=945C9929A252BDB03888CC2B41A972479EFBE16E ft=1 fh=a9b6edda2b7215d4 vn="Variante von Win32/FirseriaInstaller.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Roaming\Apple Computer\MobileSync\Backup\0a9ea77c06489015f495bfba661a6b18e4939c08\9164c91e51c8ec24b15c34c16ca5d85735a7b46e"
sh=EC784B6DD2E6920E8C41988B82924554ED24C028 ft=1 fh=9f21317dcc655ca0 vn="Variante von Win32/FirseriaInstaller.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\AppData\Roaming\Apple Computer\MobileSync\Backup\0a9ea77c06489015f495bfba661a6b18e4939c08\ab343584c45b9bf60fb9ebbca00d34dc5a11e493"
sh=EC784B6DD2E6920E8C41988B82924554ED24C028 ft=1 fh=9f21317dcc655ca0 vn="Variante von Win32/FirseriaInstaller.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\Desktop\Ordner\Setups\Setup-1.exe"
sh=24DAB9A8F86EFB63C1FDE0615B50E21EE97E074C ft=1 fh=19509806758d8f82 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\Documents\Setups\YTDSetup_3.9.2.exe"
sh=4B115FE2336C2E5D38FD96DD25AC60D53F48E3D7 ft=1 fh=d0b5015bdfbb54dc vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Paul\Downloads\freeyt-dlm_crobo_setup.exe"
sh=EC784B6DD2E6920E8C41988B82924554ED24C028 ft=1 fh=9f21317dcc655ca0 vn="Variante von Win32/FirseriaInstaller.C evtl. unerwünschte Anwendung" ac=I fn="N:\Backup\Ordner\Setups\Setup-1.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.93
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java(TM) 6 Update 31
Java 7 Update 45
Java-Editor 12.6, 2013.12.07
Java version 32-bit out of Date!
Adobe Flash Player 16.0.0.296
Adobe Reader XI
Mozilla Firefox 24.0 Firefox out of Date!
Mozilla Thunderbird 17.0.8 Thunderbird out of Date!
Google Chrome (39.0.2171.99)
Google Chrome (40.0.2214.91)
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 15.0.0 avpui.exe
Kaspersky Lab Kaspersky Internet Security 15.0.0 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Paul (administrator) on PAUL-PC on 26-01-2015 20:23:41
Running from C:\Users\Paul\Desktop
Loaded Profiles: Paul (Available profiles: Paul)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Vimicro Corporation) C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10tray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Google Inc.) C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Paul\AppData\Local\Google\Chrome\Application\40.0.2214.91\nacl64.exe
(Google Inc.) C:\Users\Paul\AppData\Local\Google\Chrome\Application\40.0.2214.91\nacl64.exe
(Google Inc.) C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2010-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
HKLM-x32\...\Run: [VMonitorVMUVC] => C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [143360 2008-08-29] (Vimicro Corporation)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411976 2011-05-20] (H+H Software GmbH)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2010624 2013-07-20] (Dominik Reichl)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-06] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-01-15] (Overwolf LTD)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2014-12-29] (SlySoft, Inc.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\...\Run: [Spotify Web Helper] => C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-16] (Spotify Ltd)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1518553307-3788296194-4095220867-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///D:/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///D:/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///D:/components/wmvhdrating.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Paul\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Paul\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1518553307-3788296194-4095220867-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\vqr73kky.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-08-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-21]
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [Not Found]
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.youtube.com/", "https://soundcloud.com/"
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-08]
CHR Extension: (Adblock Plus) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-31]
CHR Extension: (Google-Suche) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-08]
CHR Extension: (Kaspersky Protection) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-21]
CHR Extension: (HTTP Switchboard) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghdpehejfekicfjcdbfofhcmnjhgaag [2015-01-09]
CHR Extension: (Google Wallet) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Blue Space Sunset Chrome Theme) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog [2013-09-19]
CHR Extension: (Google Mail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-08]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
StartMenuInternet: Google Chrome.77NF3QMOJ2JKXZ5OQSOMNEPPWE - C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Locked "vdrv1000" service was unlocked successfully. <===== ATTENTION
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.15\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] () [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R3 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-02-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-15] (Overwolf LTD)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2011-05-20] (H+H Software GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-02-29] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [227616 2013-12-13] (Dexetek )
S3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [File not signed]
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-02-29] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198784 2009-05-25] (Vimicro Corporation)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-26 12:13 - 2015-01-26 12:14 - 00852504 _____ () C:\Users\Paul\Desktop\SecurityCheck.exe
2015-01-26 12:13 - 2015-01-26 12:13 - 02347384 _____ (ESET) C:\Users\Paul\Desktop\esetsmartinstaller_deu.exe
2015-01-26 12:11 - 2015-01-26 12:11 - 00001161 _____ () C:\Users\Paul\Desktop\PAUL (8GB) (O) 7,44 GB.lnk
2015-01-26 12:10 - 2015-01-26 12:10 - 00001258 _____ () C:\Users\Paul\Desktop\PAULS STICK (H) 38,8 GB.lnk
2015-01-26 11:15 - 2015-01-26 11:15 - 00001172 _____ () C:\Users\Paul\Desktop\LEWIS (D) 0 Bytes.lnk
2015-01-25 20:09 - 2015-01-25 20:10 - 00054311 _____ () C:\Users\Paul\Desktop\Addition.txt
2015-01-25 20:08 - 2015-01-26 20:23 - 00027784 _____ () C:\Users\Paul\Desktop\FRST.txt
2015-01-25 20:08 - 2015-01-25 20:08 - 00039822 _____ () C:\Users\Paul\Desktop\JRT.txt
2015-01-25 20:03 - 2015-01-25 20:03 - 00000000 ____D () C:\Windows\ERUNT
2015-01-25 19:52 - 2015-01-25 19:55 - 00000000 ____D () C:\AdwCleaner
2015-01-25 19:49 - 2015-01-25 19:49 - 00016004 _____ () C:\Users\Paul\Desktop\mbam.txt
2015-01-25 19:16 - 2015-01-25 19:16 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-25 19:16 - 2015-01-25 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-25 19:16 - 2015-01-25 19:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-25 19:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 19:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-25 19:12 - 2015-01-25 19:14 - 01707939 _____ (Thisisu) C:\Users\Paul\Desktop\JRT.exe
2015-01-25 19:11 - 2015-01-25 19:12 - 02194432 _____ () C:\Users\Paul\Desktop\AdwCleaner_4.109.exe
2015-01-25 19:06 - 2015-01-25 19:15 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Paul\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-25 17:34 - 2015-01-25 17:34 - 00003234 _____ () C:\Windows\System32\Tasks\SidebarExecute
2015-01-25 16:40 - 2015-01-25 16:40 - 00035650 _____ () C:\ComboFix.txt
2015-01-25 16:05 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-25 16:05 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-25 16:05 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-25 16:05 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-25 16:01 - 2015-01-25 16:40 - 00000000 ____D () C:\Qoobox
2015-01-25 16:00 - 2015-01-25 16:36 - 00000000 ____D () C:\Windows\erdnt
2015-01-25 15:58 - 2015-01-25 15:59 - 05609462 ____R (Swearware) C:\Users\Paul\Desktop\ComboFix.exe
2015-01-25 15:49 - 2015-01-25 15:49 - 00000000 ____D () C:\Users\Paul\Desktop\install-tl-20150124
2015-01-25 15:47 - 2015-01-25 15:48 - 12659782 _____ () C:\Users\Paul\Desktop\install-tl-windows.exe
2015-01-25 15:41 - 2015-01-25 15:45 - 59582507 _____ () C:\Users\Paul\Desktop\texmakerwin32_install.exe
2015-01-25 15:40 - 2015-01-25 15:41 - 14253375 _____ (JabRef Team) C:\Users\Paul\Desktop\JabRef-2.10-setup (1).exe
2015-01-25 15:39 - 2015-01-25 15:42 - 37905256 _____ (Benito van der Zander ) C:\Users\Paul\Desktop\texstudio2.8.8_win_qt5.3.1.exe
2015-01-25 15:36 - 2015-01-25 15:37 - 14253375 _____ (JabRef Team) C:\Users\Paul\Desktop\jabref-2.10-setup.exe
2015-01-25 11:59 - 2015-01-25 12:15 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Paul\Desktop\tdsskiller.exe
2015-01-25 11:02 - 2015-01-25 19:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-25 11:01 - 2015-01-25 19:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 11:01 - 2015-01-25 16:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-25 10:30 - 2015-01-25 11:57 - 00000000 ____D () C:\Users\Paul\Desktop\mbar
2015-01-25 10:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-25 09:29 - 2015-01-25 10:16 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Paul\Desktop\mbar-1.08.3.1004.exe
2015-01-25 09:27 - 2015-01-25 09:27 - 00001268 _____ () C:\Users\Paul\Desktop\Revo Uninstaller.lnk
2015-01-25 09:27 - 2015-01-25 09:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-25 09:01 - 2015-01-25 09:17 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Paul\Desktop\revosetup95.exe
2015-01-24 17:43 - 2015-01-26 20:23 - 00000000 ____D () C:\FRST
2015-01-24 17:41 - 2015-01-24 17:41 - 02129920 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2015-01-23 18:49 - 2015-01-23 18:49 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\xm1
2015-01-23 15:14 - 2015-01-25 15:38 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2015-01-23 15:14 - 2015-01-23 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2015-01-23 14:55 - 2015-01-23 15:11 - 59582507 _____ () C:\Users\Paul\Desktop\texmakerwin32_441install.exe
2015-01-16 18:45 - 2015-01-16 18:45 - 00001606 _____ () C:\Users\Paul\Desktop\cheatengine-x86_64.exe - Verknüpfung.lnk
2015-01-16 18:05 - 2015-01-16 18:05 - 00001352 _____ () C:\Users\Paul\Desktop\isaac-ng.exe - Verknüpfung.lnk
2015-01-16 14:07 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 14:07 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 14:07 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 14:07 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 14:07 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 14:07 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 14:07 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 19:41 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 19:41 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:30 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:30 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 14:30 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 14:22 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:50 - 2015-01-13 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-13 20:42 - 2015-01-13 20:42 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-13 20:42 - 2015-01-13 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\Program Files\iTunes
2015-01-13 20:41 - 2015-01-13 20:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-13 20:41 - 2015-01-13 20:41 - 00000000 ____D () C:\Program Files\iPod
2015-01-11 13:48 - 2015-01-11 13:48 - 00000000 ____D () C:\Users\Paul\Desktop\Plugin programmieren
2015-01-10 19:11 - 2015-01-15 14:22 - 00000000 ____D () C:\Users\Paul\Desktop\Musik
2015-01-09 15:57 - 2015-01-09 15:59 - 09052432 _____ (Cheat Engine ) C:\Users\Paul\Desktop\CheatEngine64.exe
2015-01-09 15:07 - 2015-01-09 15:07 - 00000000 ____D () C:\Users\Paul\Desktop\rebirth-r26_b24
2015-01-09 15:06 - 2015-01-09 15:06 - 00163932 _____ () C:\Users\Paul\Desktop\rebirth-r26_b24.zip
2015-01-09 15:04 - 2015-01-09 15:04 - 00000000 ____D () C:\Users\Paul\Desktop\The Binding Of Isaac Rebirth
2014-12-28 16:58 - 2014-12-28 21:15 - 00000000 ____D () C:\Users\Paul\Documents\Die Kunst des Mordens – Der Marionettenspieler DE
2014-12-28 16:58 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-12-28 16:58 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-12-28 16:58 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-12-28 16:58 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-12-28 16:58 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-12-28 16:58 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-12-28 16:58 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-12-28 16:58 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-12-28 16:58 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-12-28 16:58 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-12-28 16:58 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-12-28 16:58 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-12-28 16:56 - 2014-12-28 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
2014-12-28 16:51 - 2014-12-28 16:51 - 00000000 ____D () C:\Program Files (x86)\City Interactive
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-26 20:18 - 2014-09-04 17:59 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\.minecraft
2015-01-26 20:16 - 2012-02-23 14:52 - 01490850 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 20:14 - 2013-10-01 08:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-26 20:13 - 2012-03-08 16:39 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
2015-01-26 20:06 - 2012-06-22 12:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-26 19:20 - 2012-08-27 12:15 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000UA.job
2015-01-26 13:20 - 2012-08-27 12:15 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1518553307-3788296194-4095220867-1000Core.job
2015-01-26 12:15 - 2012-09-25 12:45 - 00000000 ___RD () C:\Users\Paul\Dropbox
2015-01-26 12:15 - 2012-09-25 12:42 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Dropbox
2015-01-26 12:14 - 2013-10-31 12:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-26 12:13 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-01-26 12:13 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-01-26 12:13 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-26 12:09 - 2013-12-29 20:42 - 00000000 ____D () C:\Users\Paul\AppData\Local\Purplizer
2015-01-26 11:15 - 2013-12-29 19:36 - 00000000 ____D () C:\Users\Paul\AppData\Local\Overwolf
2015-01-26 11:14 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-26 11:14 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-26 11:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-26 11:07 - 2009-07-14 05:51 - 00159338 _____ () C:\Windows\setupact.log
2015-01-25 22:07 - 2013-09-20 21:26 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\vlc
2015-01-25 20:02 - 2014-11-04 17:44 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Spotify
2015-01-25 19:56 - 2010-11-21 04:47 - 01302454 _____ () C:\Windows\PFRO.log
2015-01-25 19:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-01-25 19:36 - 2012-02-24 14:29 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Skype
2015-01-25 17:10 - 2012-06-22 12:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 17:10 - 2012-04-06 10:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 17:10 - 2012-02-24 19:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 16:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-25 16:27 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 16:25 - 2009-07-14 03:34 - 85721088 _____ () C:\Windows\system32\config\software.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 23592960 _____ () C:\Windows\system32\config\system.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-01-25 16:25 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-01-25 11:31 - 2012-05-13 15:59 - 00000000 ____D () C:\Windows\de
2015-01-24 14:19 - 2013-12-29 19:59 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-24 14:17 - 2013-03-19 20:42 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\TS3Client
2015-01-23 22:36 - 2013-12-07 11:41 - 00000000 ___RD () C:\Users\Paul\Desktop\Programmieren
2015-01-23 14:05 - 2014-11-04 17:48 - 00000000 ____D () C:\Users\Paul\AppData\Local\Spotify
2015-01-18 11:26 - 2012-12-11 20:32 - 00000000 ____D () C:\Users\Paul\Documents\Weihnachten
2015-01-18 11:25 - 2014-12-13 10:16 - 00000000 ____D () C:\Users\Paul\Desktop\Weihnachtsvideo
2015-01-16 15:09 - 2013-08-14 14:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 15:02 - 2012-02-24 08:34 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 13:20 - 2013-05-27 07:33 - 00000000 ____D () C:\Users\Paul\AppData\Local\D04A5107-4C73-43E6-9E6B-93AC6F41156D.aplzod
2015-01-13 20:41 - 2014-09-30 18:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-13 20:41 - 2012-02-23 21:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-12 12:29 - 2014-09-18 17:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-12 12:29 - 2012-02-24 14:29 - 00000000 ____D () C:\ProgramData\Skype
2015-01-09 17:09 - 2014-11-30 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-01-09 17:09 - 2014-11-30 15:45 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 13:58 - 2012-03-28 19:57 - 00000000 ____D () C:\Users\Paul\AppData\Local\CrashDumps
2014-12-29 12:00 - 2013-06-30 08:59 - 00000000 ___RD () C:\Users\Paul\Desktop\Spiele
2014-12-28 16:58 - 2012-02-25 13:44 - 00552957 _____ () C:\Windows\DirectX.log
==================== Files in the root of some directories =======
2014-09-25 08:03 - 2014-09-25 08:03 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2014-09-25 08:03 - 2014-09-25 08:03 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2013-12-03 20:43 - 2013-12-03 21:13 - 0000132 _____ () C:\Users\Paul\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2013-09-16 20:42 - 2014-04-03 13:46 - 0000132 _____ () C:\Users\Paul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-09-29 09:12 - 2012-12-02 10:42 - 0002279 _____ () C:\Users\Paul\AppData\Roaming\SAS7_000.DAT
2013-01-29 13:27 - 2013-01-29 13:27 - 0000600 _____ () C:\Users\Paul\AppData\Roaming\winscp.rnd
2014-08-03 14:49 - 2014-08-03 14:58 - 0001456 _____ () C:\Users\Paul\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2012-02-24 14:16 - 2012-09-25 18:37 - 0007168 _____ () C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-07 11:14 - 2014-04-07 11:14 - 0000040 ___SH () C:\ProgramData\.zreglib
Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps149ew.dll
C:\Users\Paul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsuhzpq.dll
C:\Users\Paul\AppData\Local\Temp\Quarantine.exe
C:\Users\Paul\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-25 10:05
==================== End Of Log ============================
Langsam fühle ich mich schlecht... Wie viel der schon entdeckt hat, das waren insgesamt über 200 schlechte Dateien O.O. Dabei hatte ich Norton, Kaspersky und noch nen AddBlocker (NotScript) ständig am laufen. |
|
27.01.2015, 07:30
| #14 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus, der das Internet mitnutzt Java. Firefox und Thunderbird updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Paul\AppData\Roaming\Apple Computer\MobileSync\Backup\0a9ea77c06489015f495bfba661a6b18e4939c08\44fc0142b24d654989aad58892a2fbcaeba2ea25
C:\Users\Paul\AppData\Roaming\Apple Computer\MobileSync\Backup\0a9ea77c06489015f495bfba661a6b18e4939c08\9164c91e51c8ec24b15c34c16ca5d85735a7b46e
C:\Users\Paul\AppData\Roaming\Apple Computer\MobileSync\Backup\0a9ea77c06489015f495bfba661a6b18e4939c08\ab343584c45b9bf60fb9ebbca00d34dc5a11e493
C:\Users\Paul\Desktop\Ordner\Setups\Setup-1.exe
C:\Users\Paul\Documents\Setups\YTDSetup_3.9.2.exe
C:\Users\Paul\Downloads\freeyt-dlm_crobo_setup.exe
N:\Backup\Ordner\Setups\Setup-1.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.01.2015, 14:08
| #15 |
| | Verdacht auf Virus, der das Internet mitnutzt Tut mir leid, ich habe nach dem Fix von FRST sofort mit den anderen Schritten fortgefahren. Deswegen wurde der Fixlog durch DelFix gelöscht. Ansonsten habe ich alle Tipps befolgt, Ich benutzt den Browser Google Chrome, und für den steht da leider kein NoScript zur Verfügung, hast du da ne Alternative? Ansonsten schreibe ich spätestens morgen, ob alles geklappt hat, da ich heute nicht mehr so viel Zeit habe. Lg Paul |
|
| Themen zu Verdacht auf Virus, der das Internet mitnutzt |
| anleitung, betriebssystem, brauche, daten, dienste, fritz, interne, internet, internetauslastung, lange, morgen, netzwerk, nutzt, prozesse, service, stelle, stick, task-manager, unbekanntes, verdacht, virus, windows, windows 7, wunsch, würde, überprüfen |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
