| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Tastatur geht im Internet Explorer nicht mehr - stark verzögertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.01.2015, 17:44
| #1 |
 |  Tastatur geht im Internet Explorer nicht mehr - stark verzögert Hi, seit 4 Tagen geht meine Tastatur im Internet Explorer nur noch extrem verzögert. Benutze das Windows 7 und habe einen Laptop Dell XPS 15Z (64 bit). Die Tastatur funktioniert in allen anderen Programmen normal. Habe in der Zwischenzeit den Internet Explorer gelöscht und wieder neu installiert, das Problem blieb dasselbe. Daher wurde der IP wieder von mir deinstalliert. Bin nun auf Mozilla Firefox umgestiegen, da die Tastatur hier funktioniert, da trat das nächste Problem auf, werde nun mit Werbung bombardiert. Habe Kaspersky Antivirus und Malwarebytes (Anti-Malware) durchlaufen lassen, die Werbungen kommen trotzdem. Kann mir jemand weiterhelfen? Hinweis - bin kein Profi am Computer - ein richtiger Laie  |
|
29.01.2015, 17:54
| #2 |
| /// the machine /// TB-Ausbilder    | Tastatur geht im Internet Explorer nicht mehr - stark verzögert hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
29.01.2015, 18:30
| #3 |
| | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Danke für deine Hilfe, anbei die Texte:
__________________FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015 Ran by Anwender (administrator) on XPS-15Z on 29-01-2015 18:25:18 Running from C:\Users\Anwender\Desktop\AntiViren Programme Loaded Profiles: UpdatusUser & Anwender (Available profiles: UpdatusUser & Anwender) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe (Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329704 2010-06-09] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-12] (Geek Software GmbH) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2665280796-2803451631-1435696629-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-11] (Google Inc.) HKU\S-1-5-21-2665280796-2803451631-1435696629-1001\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2665280796-2803451631-1435696629-1001\...\MountPoints2: {63ee0d52-5854-11e4-ad5b-806e6f6e6963} - E:\EMP_UDSe.exe /autorun HKU\S-1-5-21-2665280796-2803451631-1435696629-1001\...\MountPoints2: {63ee0d66-5854-11e4-ad5b-88532e703964} - E:\EMP_UDSe.exe /autorun ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2665280796-2803451631-1435696629-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 HKU\S-1-5-21-2665280796-2803451631-1435696629-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ SearchScopes: HKLM -> {A3B97AE0-417F-400D-A92F-AD2B4923467D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2665280796-2803451631-1435696629-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2665280796-2803451631-1435696629-1001 -> {A3B97AE0-417F-400D-A92F-AD2B4923467D} URL = BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-2665280796-2803451631-1435696629-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\35yo8esv.default FF NewTab: about:home FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: HomeTab - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\35yo8esv.default\Extensions\{ce632b94-102d-4e52-ab39-801d5bb106a2} [2014-05-13] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2015-01-27] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-27] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2015-01-27] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll () CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25] CHR Extension: (Google Drive) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-02] CHR Extension: (Kaspersky Protection) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2015-01-27] CHR Extension: (YouTube) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-15] CHR Extension: (Google-Suche) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-15] CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-01-27] CHR Extension: (Google Wallet) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25] CHR Extension: (Google Mail) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-15] CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found] CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2014-05-28] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [Not Found] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO) R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed] S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed] R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed] R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [104424 2010-06-09] (SEIKO EPSON CORPORATION) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] () R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [116736 2011-08-26] () R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13312 2011-08-30] (Cypress Semiconductor, Inc.) R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [69632 2011-08-30] (Cypress Semiconductor, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-28] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-05-28] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-29] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S1 mezgoevq; \??\C:\Windows\system32\drivers\mezgoevq.sys [X] S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X] S3 taphss6; system32\DRIVERS\taphss6.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-29 18:25 - 2015-01-29 18:25 - 00000000 ____D () C:\FRST 2015-01-29 17:14 - 2015-01-29 17:14 - 00000000 _____ () C:\Users\Anwender\defogger_reenable 2015-01-29 16:58 - 2015-01-29 16:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\5AE24B17.sys 2015-01-29 06:42 - 2015-01-29 06:42 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2015-01-29 06:42 - 2015-01-29 06:42 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2015-01-29 06:42 - 2015-01-29 06:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-01-29 06:42 - 2015-01-29 06:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-01-29 06:42 - 2015-01-29 06:42 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-01-29 06:42 - 2015-01-29 06:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-01-29 06:42 - 2015-01-29 06:42 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-01-29 06:42 - 2015-01-29 06:42 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-01-29 06:42 - 2015-01-29 06:42 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-01-29 06:42 - 2015-01-29 06:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-01-29 06:42 - 2015-01-29 06:42 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2015-01-29 06:42 - 2015-01-29 06:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-01-29 06:42 - 2015-01-29 06:42 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-01-29 06:40 - 2015-01-29 06:43 - 00004135 _____ () C:\Windows\IE9_main.log 2015-01-28 21:55 - 2015-01-29 17:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-28 21:54 - 2015-01-28 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-28 21:54 - 2015-01-28 21:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-28 21:54 - 2015-01-28 21:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-01-28 21:54 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-28 21:54 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-28 21:54 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-28 21:48 - 2015-01-28 21:48 - 00000000 ____D () C:\Windows\ERUNT 2015-01-28 21:42 - 2015-01-29 18:25 - 00000000 ____D () C:\Users\Anwender\Desktop\AntiViren Programme 2015-01-28 21:03 - 2015-01-28 21:03 - 00112027 _____ () C:\Users\Anwender\Downloads\Google.htm 2015-01-28 21:03 - 2015-01-28 21:03 - 00000000 ____D () C:\Users\Anwender\Downloads\Google-Dateien 2015-01-28 21:00 - 2015-01-29 16:24 - 00001371 _____ () C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-01-28 20:15 - 2015-01-28 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-28 19:21 - 2015-01-29 16:24 - 00001445 _____ () C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-28 18:38 - 2015-01-28 19:15 - 00018895 _____ () C:\Windows\IE11_main.log 2015-01-28 18:38 - 2015-01-28 18:38 - 02077392 _____ (Microsoft Corporation) C:\Users\Anwender\Downloads\IE11-Windows6.1(1).exe 2015-01-28 17:49 - 2015-01-28 17:49 - 02077392 _____ (Microsoft Corporation) C:\Users\Anwender\Downloads\IE11-Windows6.1.exe 2015-01-28 14:16 - 2015-01-28 14:16 - 00330330 _____ () C:\Users\Anwender\Downloads\Re__Homepage_ATSV_Innsbruck.zip 2015-01-28 05:20 - 2015-01-29 05:30 - 00012506 _____ () C:\Windows\PFRO.log 2015-01-27 19:16 - 2015-01-27 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2015-01-27 19:16 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2015-01-27 19:15 - 2015-01-29 16:36 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-01-27 19:15 - 2015-01-28 22:16 - 00000000 ____D () C:\ProgramData\MFAData 2015-01-27 19:15 - 2015-01-27 19:15 - 00000000 ____D () C:\Windows\ELAMBKUP 2015-01-27 19:15 - 2015-01-27 19:15 - 00000000 ____D () C:\Users\Anwender\AppData\Local\MFAData 2015-01-27 19:15 - 2015-01-27 19:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2015-01-27 19:15 - 2014-05-28 16:38 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2015-01-27 19:15 - 2014-05-28 16:38 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2015-01-27 19:07 - 2015-01-27 19:10 - 159747880 _____ (AVG Technologies) C:\Users\Anwender\Downloads\avg_free_x86_all_2015_5645a8758 (1).exe 2015-01-27 19:05 - 2015-01-27 19:09 - 233068656 _____ () C:\Users\Anwender\Downloads\kav14.0.0.4651de-de.exe 2015-01-27 19:03 - 2015-01-27 19:03 - 00002974 _____ () C:\Windows\System32\Tasks\{16D0D14C-7FF8-4CD8-89CA-11335F876EA5} 2015-01-18 20:00 - 2015-01-29 16:21 - 00001512 _____ () C:\Windows\setupact.log 2015-01-18 20:00 - 2015-01-18 20:00 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-17 10:11 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 14:09 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 14:09 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-14 14:09 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-14 14:09 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-14 14:09 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-14 14:09 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 14:09 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 14:09 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 14:09 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 14:09 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 14:09 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 14:09 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-29 18:22 - 2011-11-08 12:53 - 01158122 _____ () C:\Windows\WindowsUpdate.log 2015-01-29 18:02 - 2014-04-11 10:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-29 17:35 - 2013-09-13 06:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-29 17:14 - 2012-12-12 10:25 - 00000000 ____D () C:\Users\Anwender 2015-01-29 16:30 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-29 16:30 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-29 16:24 - 2014-04-11 10:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-29 16:21 - 2011-11-08 12:50 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-29 16:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-29 16:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-01-28 22:15 - 2012-12-25 14:16 - 00000000 ____D () C:\Program Files (x86)\Programme 2015-01-28 21:44 - 2014-05-13 18:52 - 00000000 ____D () C:\AdwCleaner 2015-01-28 21:32 - 2014-03-04 18:50 - 00000000 ____D () C:\Users\Anwender\Word Autospeicher 2015-01-28 20:58 - 2013-07-30 10:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-28 19:47 - 2012-12-27 14:31 - 00000000 ____D () C:\Users\Anwender\Desktop\Programme 2015-01-28 18:27 - 2011-02-11 18:13 - 00000000 ____D () C:\Windows\panther 2015-01-28 17:36 - 2011-11-08 13:19 - 00000000 ____D () C:\ProgramData\Skype 2015-01-28 17:35 - 2014-10-07 13:39 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-28 17:18 - 2011-02-11 11:22 - 01594892 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-01-28 17:18 - 2010-11-21 07:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2015-01-28 17:18 - 2010-11-21 07:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2015-01-28 17:18 - 2009-07-14 06:13 - 01594892 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-28 14:21 - 2013-03-10 10:13 - 00000072 _____ () C:\Users\Public\LMDebug.log 2015-01-27 19:22 - 2013-11-14 17:48 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\TuneUp Software 2015-01-25 15:35 - 2013-09-13 06:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-25 15:35 - 2012-12-21 06:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-25 15:35 - 2011-11-08 12:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-18 19:05 - 2011-11-08 13:32 - 00000000 ____D () C:\ProgramData\Sonic 2015-01-16 13:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-15 05:33 - 2013-08-07 17:35 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-15 05:28 - 2012-12-19 20:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-31 12:14 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Files in the root of some directories ======= 2012-12-27 14:27 - 2012-12-27 14:27 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\Anwender\AppData\Local\Temp\avgnt.exe C:\Users\Anwender\AppData\Local\Temp\Quarantine.exe C:\Users\Anwender\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-27 22:44 ==================== End Of Log ============================ Addition.txtFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Anwender at 2015-01-29 18:26:28
Running from C:\Users\Anwender\Desktop\AntiViren Programme
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Cypress TrackPad (HKLM\...\{7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1) (Version: 2.3.6.12 - Cypress Semiconductor, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell MusicStage (HKLM-x32\...\{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell System Detect (HKU\S-1-5-21-2665280796-2803451631-1435696629-1001\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
EPSON USB Display (HKLM-x32\...\{7650F538-6274-44EA-8F50-843479073333}) (Version: 1.45.000 - SEIKO EPSON CORPORATION)
eXe -- eLearning XHTML editor (HKLM-x32\...\exe) (Version: - eXe Project)
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEDION GoPal Assistant (HKLM-x32\...\{B42F42E6-E0C3-402D-B71E-B4403F78CD4A}) (Version: 6.3.4.12974 - MEDION)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NVIDIA 3D Vision Treiber 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.30 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
PDF24 Creator 6.9.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
P-HD-V1.4 (HKLM-x32\...\P-HD-V1.4) (Version: 1.34.7.1 - P-HD)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.04 (07.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.03.13 (29.06.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.57.00(05.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.20.00 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Studie zur Verbesserung von HP Officejet Pro 8500 A910 Produkten (HKLM\...\{BCCDE374-C4C8-4099-A514-C73768BA55CC}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0-git-20120125-2155 (HKLM\...\VLC media player) (Version: 2.1.0-git-20120125-2155 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
27-01-2015 19:20:32 Installed AVG 2015
27-01-2015 19:21:46 Installed AVG 2015
28-01-2015 16:13:10 Windows Update
28-01-2015 17:14:12 Windows Update
28-01-2015 17:34:11 Removed Java 7 Update 67
28-01-2015 17:36:19 Removed Skype™ 6.11
28-01-2015 18:26:34 Windows Modules Installer
28-01-2015 18:27:52 Windows Modules Installer
28-01-2015 18:40:34 Windows Modules Installer
28-01-2015 19:09:03 Windows Modules Installer
28-01-2015 20:31:44 Windows Update
28-01-2015 20:50:42 Windows Modules Installer
28-01-2015 21:49:12 Removed AVG 2015
28-01-2015 21:54:07 Removed AVG 2015
28-01-2015 22:26:46 Windows Update
29-01-2015 06:40:00 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {21AF382B-E480-457D-B5F1-192DCBC1D419} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-11] (Google Inc.)
Task: {3EFDE572-EEED-4462-BDF9-F4BD908A1AD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-11] (Google Inc.)
Task: {562345B9-FB78-43F5-A668-26F1F42C783D} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {6192C760-010B-4A4A-B702-33FE9BA8BB41} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {70E05202-E304-4504-8830-6B032A81229C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {82B0830F-BB15-4F6E-AE7D-E76B5B1E8359} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {95C59D08-F510-4E06-B6EC-CEE18ACAF6D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {9BFD7463-1336-4398-88D8-FA50475DB046} - System32\Tasks\{16D0D14C-7FF8-4CD8-89CA-11335F876EA5} => C:\Users\Anwender\Downloads\kav15.0.1.415de_6845.exe
Task: {A588563E-D361-43A9-9642-40072942BAB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {ACECDFD6-67AE-48C3-B9D6-FBCD6A5C2CFD} - \SystemSockets\SystemSockets No Task File <==== ATTENTION
Task: {B2B3BCEB-3F2E-4F0D-9F6A-79D74D1F29DF} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION
Task: {C08FFFD3-BC94-46C2-8BCF-5D61F845FF82} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C1FFC6AF-B071-402D-8700-A74248011E76} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {C28A1510-457B-4A5D-A70B-DEDB869842C0} - System32\Tasks\{9DFB65B4-B9C3-4527-A97B-0D25C5650112} => pcalua.exe -a "C:\Program Files (x86)\P-HD-V1.4\Uninstall.exe" -c /fcp=1
Task: {C866374C-C8F0-403D-A6CE-D4CCE062895E} - System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910 => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {C868E0C7-63F6-461A-B371-503EAAC26878} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-07-28 03:07 - 2011-07-28 03:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-03-10 09:34 - 2012-01-09 12:47 - 00034304 _____ () C:\Windows\System32\sst7clm.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2015-01-28 20:15 - 2015-01-28 20:15 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-25 15:35 - 2015-01-25 15:35 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: CyCpIo => C:\Program Files\Cypress\TrackPad\CyCpIo.exe
MSCONFIG\startupreg: CyHidWin => C:\Program Files\Cypress\TrackPad\CyHidWin.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelPAN => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => C:\Windows\WindowsMobile\wmdc.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2665280796-2803451631-1435696629-500 - Administrator - Disabled)
Anwender (S-1-5-21-2665280796-2803451631-1435696629-1001 - Administrator - Enabled) => C:\Users\Anwender
fbwuser555C (S-1-5-21-2665280796-2803451631-1435696629-1007 - Limited - Enabled)
fbwuser5FC7 (S-1-5-21-2665280796-2803451631-1435696629-1008 - Limited - Enabled)
fbwuser9398 (S-1-5-21-2665280796-2803451631-1435696629-1006 - Limited - Enabled)
Gast (S-1-5-21-2665280796-2803451631-1435696629-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2665280796-2803451631-1435696629-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-2665280796-2803451631-1435696629-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/29/2015 05:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1a3c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/29/2015 04:21:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2015 05:31:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2015 10:26:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2665280796-2803451631-1435696629-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {7f0c95ca-6f2f-4bdb-8059-ad037c31c2b4}
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: XPS-15z)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: XPS-15z)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: XPS-15z)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
for C:\Users\UpdatusUser\ntuser.dat
Error: (01/28/2015 10:17:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2015 09:54:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (01/29/2015 05:57:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kaspersky Anti-Virus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/29/2015 05:33:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (01/29/2015 05:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f22480000003000014251a3c01d03bda5392931eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlleec3cb52-a7d0-11e4-ac53-88532e703964
Error: (01/29/2015 04:21:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2015 05:31:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2015 10:26:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2665280796-2803451631-1435696629-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {7f0c95ca-6f2f-4bdb-8059-ad037c31c2b4}
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: XPS-15z)
Description:
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: XPS-15z)
Description:
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: XPS-15z)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (01/28/2015 10:21:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\UpdatusUser\ntuser.dat
Error: (01/28/2015 10:17:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2015 09:54:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.
System Error:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity Errors:
===================================
Date: 2013-06-07 07:29:38.832
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-07 07:29:38.832
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-07 07:29:38.816
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-07 07:29:38.785
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-07 07:29:38.785
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-07 07:29:38.785
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-05 12:18:00.159
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-05 12:18:00.159
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-05 12:18:00.159
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-05 12:18:00.109
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3990.17 MB
Available physical RAM: 1798.23 MB
Total Pagefile: 7978.52 MB
Available Pagefile: 5110.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:233.43 GB) (Free:171.22 GB) NTFS
Drive d: (Privat) (Fixed) (Total:212.7 GB) (Free:58.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=212.7 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
30.01.2015, 07:18
| #4 |
| /// the machine /// TB-Ausbilder | Tastatur geht im Internet Explorer nicht mehr - stark verzögert hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2015, 10:59
| #5 |
| | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Lieber Schrauber, habe alles runter geladen, bei Antirookit kam folgende Meldung This version of Malwarebytes Anti-Rookit requires you to completley exit the Malwarebytes Anti-Malware application to continue. Das andere probiere ich noch aus. Danke vorerst einmal. Kaspersky hat nichts gefunden Code:
ATTFilter 10:53:17.0265 0x19b8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:53:25.0147 0x19b8 ============================================================
10:53:25.0147 0x19b8 Current date / time: 2015/01/30 10:53:25.0147
10:53:25.0147 0x19b8 SystemInfo:
10:53:25.0147 0x19b8
10:53:25.0147 0x19b8 OS Version: 6.1.7601 ServicePack: 1.0
10:53:25.0147 0x19b8 Product type: Workstation
10:53:25.0147 0x19b8 ComputerName: XPS-15Z
10:53:25.0147 0x19b8 UserName: Anwender
10:53:25.0147 0x19b8 Windows directory: C:\Windows
10:53:25.0147 0x19b8 System windows directory: C:\Windows
10:53:25.0147 0x19b8 Running under WOW64
10:53:25.0147 0x19b8 Processor architecture: Intel x64
10:53:25.0147 0x19b8 Number of processors: 4
10:53:25.0147 0x19b8 Page size: 0x1000
10:53:25.0147 0x19b8 Boot type: Normal boot
10:53:25.0147 0x19b8 ============================================================
10:53:27.0047 0x19b8 KLMD registered as C:\Windows\system32\drivers\61998931.sys
10:53:28.0077 0x19b8 System UUID: {78922793-05FD-9E69-C89D-A7B823FCB01D}
10:53:29.0127 0x19b8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:53:29.0127 0x19b8 ============================================================
10:53:29.0127 0x19b8 \Device\Harddisk0\DR0:
10:53:29.0127 0x19b8 MBR partitions:
10:53:29.0127 0x19b8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
10:53:29.0127 0x19b8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x1D2DA030
10:53:29.0147 0x19b8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FA1F000, BlocksNum 0x1A966800
10:53:29.0147 0x19b8 ============================================================
10:53:29.0187 0x19b8 C: <-> \Device\Harddisk0\DR0\Partition2
10:53:29.0227 0x19b8 D: <-> \Device\Harddisk0\DR0\Partition3
10:53:29.0227 0x19b8 ============================================================
10:53:29.0227 0x19b8 Initialize success
10:53:29.0227 0x19b8 ============================================================
10:53:31.0558 0x17b4 ============================================================
10:53:31.0558 0x17b4 Scan started
10:53:31.0558 0x17b4 Mode: Manual;
10:53:31.0558 0x17b4 ============================================================
10:53:31.0558 0x17b4 KSN ping started
10:53:34.0118 0x17b4 KSN ping finished: true
10:53:35.0468 0x17b4 ================ Scan system memory ========================
10:53:35.0468 0x17b4 System memory - ok
10:53:35.0468 0x17b4 ================ Scan services =============================
10:53:35.0658 0x17b4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:53:35.0708 0x17b4 1394ohci - ok
10:53:35.0778 0x17b4 [ E0065CBF1A25C015C218457D2CD522B9, 610E90D70FAF624664C5111030C85CF27703DED031CB7293334EB4D67D0274C9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
10:53:35.0798 0x17b4 Acceler - ok
10:53:35.0848 0x17b4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:53:35.0848 0x17b4 ACPI - ok
10:53:35.0878 0x17b4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:53:35.0878 0x17b4 AcpiPmi - ok
10:53:35.0968 0x17b4 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:53:35.0968 0x17b4 AdobeARMservice - ok
10:53:36.0098 0x17b4 [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:36.0118 0x17b4 AdobeFlashPlayerUpdateSvc - ok
10:53:36.0168 0x17b4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:53:36.0228 0x17b4 adp94xx - ok
10:53:36.0248 0x17b4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:53:36.0268 0x17b4 adpahci - ok
10:53:36.0288 0x17b4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:53:36.0298 0x17b4 adpu320 - ok
10:53:36.0328 0x17b4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:53:36.0338 0x17b4 AeLookupSvc - ok
10:53:36.0408 0x17b4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:53:36.0468 0x17b4 AFD - ok
10:53:36.0498 0x17b4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:53:36.0498 0x17b4 agp440 - ok
10:53:36.0508 0x17b4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:53:36.0518 0x17b4 ALG - ok
10:53:36.0548 0x17b4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:53:36.0558 0x17b4 aliide - ok
10:53:36.0578 0x17b4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:53:36.0588 0x17b4 amdide - ok
10:53:36.0608 0x17b4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:53:36.0638 0x17b4 AmdK8 - ok
10:53:36.0648 0x17b4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:53:36.0658 0x17b4 AmdPPM - ok
10:53:36.0678 0x17b4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:53:36.0698 0x17b4 amdsata - ok
10:53:36.0718 0x17b4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:53:36.0728 0x17b4 amdsbs - ok
10:53:36.0738 0x17b4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:53:36.0738 0x17b4 amdxata - ok
10:53:36.0798 0x17b4 [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
10:53:36.0848 0x17b4 AMPPAL - ok
10:53:36.0878 0x17b4 [ 7D9E301AB3247765702D0B65E2E47E50, 110F1D9A01F1DB36815B4CBF04E540958B760AC46955F7712D03F958F78734D0 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
10:53:36.0878 0x17b4 AMPPALP - ok
10:53:36.0978 0x17b4 [ 864C632B999BE1237A3DC46736E71F27, 3F84570BCE814C4AA456712D945122613B0FBF5D912B076BEA0446B957645CFC ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
10:53:36.0998 0x17b4 AMPPALR3 - ok
10:53:37.0118 0x17b4 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:53:37.0178 0x17b4 AntiVirSchedulerService - ok
10:53:37.0238 0x17b4 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:53:37.0248 0x17b4 AntiVirService - ok
10:53:37.0298 0x17b4 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
10:53:37.0318 0x17b4 AppID - ok
10:53:37.0348 0x17b4 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:53:37.0348 0x17b4 AppIDSvc - ok
10:53:37.0388 0x17b4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:53:37.0398 0x17b4 Appinfo - ok
10:53:37.0478 0x17b4 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:53:37.0478 0x17b4 Apple Mobile Device - ok
10:53:37.0508 0x17b4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:53:37.0518 0x17b4 arc - ok
10:53:37.0548 0x17b4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:53:37.0558 0x17b4 arcsas - ok
10:53:37.0658 0x17b4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:53:37.0718 0x17b4 aspnet_state - ok
10:53:37.0758 0x17b4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:53:37.0768 0x17b4 AsyncMac - ok
10:53:37.0828 0x17b4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:53:37.0838 0x17b4 atapi - ok
10:53:37.0908 0x17b4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:53:37.0918 0x17b4 AudioEndpointBuilder - ok
10:53:38.0018 0x17b4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:53:38.0028 0x17b4 AudioSrv - ok
10:53:38.0088 0x17b4 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:53:38.0148 0x17b4 avgntflt - ok
10:53:38.0178 0x17b4 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:53:38.0218 0x17b4 avipbb - ok
10:53:38.0298 0x17b4 [ 523EBA6B6124EC416FF35A37BB47C30A, D2C545BB78E91ECCD3FFACFB524D03DFD5E277871A2500164F3602445A8A86FA ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
10:53:38.0308 0x17b4 Avira.OE.ServiceHost - ok
10:53:38.0328 0x17b4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:53:38.0338 0x17b4 avkmgr - ok
10:53:38.0488 0x17b4 [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
10:53:38.0498 0x17b4 AVP - ok
10:53:38.0549 0x17b4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:53:38.0569 0x17b4 AxInstSV - ok
10:53:38.0639 0x17b4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:53:38.0709 0x17b4 b06bdrv - ok
10:53:38.0739 0x17b4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:53:38.0769 0x17b4 b57nd60a - ok
10:53:38.0829 0x17b4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:53:38.0859 0x17b4 BDESVC - ok
10:53:38.0879 0x17b4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:53:38.0889 0x17b4 Beep - ok
10:53:38.0929 0x17b4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:53:38.0949 0x17b4 BFE - ok
10:53:38.0979 0x17b4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:53:38.0999 0x17b4 BITS - ok
10:53:39.0009 0x17b4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:53:39.0009 0x17b4 blbdrive - ok
10:53:39.0109 0x17b4 [ 5FF7B9916A10E8E69E7C0D16F0B4787A, BD4DCCFF789A1899A7A97BCDEB0EF4A448AB2E49FD586742DDBA33905A6D1875 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
10:53:39.0129 0x17b4 Bluetooth Device Monitor - ok
10:53:39.0209 0x17b4 [ E43D73CAF1023976EFBA1D0F0E69E271, 65E721A6FBB5A4E652E34241E7C9A921A9BB76D6C68F20F4BFAC03BC7F87AEF8 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
10:53:39.0719 0x17b4 Bluetooth Media Service - ok
10:53:39.0759 0x17b4 [ 20427929646784A482DF34EF8C4FED23, CC57C0ECDA99630F2315C2450EE2CB5A3525A2F825E5344988841710A4DD2BB2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
10:53:39.0779 0x17b4 Bluetooth OBEX Service - ok
10:53:39.0839 0x17b4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:53:39.0849 0x17b4 Bonjour Service - ok
10:53:39.0889 0x17b4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:53:39.0909 0x17b4 bowser - ok
10:53:39.0929 0x17b4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:53:39.0939 0x17b4 BrFiltLo - ok
10:53:39.0959 0x17b4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:53:39.0969 0x17b4 BrFiltUp - ok
10:53:39.0999 0x17b4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:53:40.0039 0x17b4 Browser - ok
10:53:40.0049 0x17b4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:53:40.0069 0x17b4 Brserid - ok
10:53:40.0099 0x17b4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:53:40.0099 0x17b4 BrSerWdm - ok
10:53:40.0119 0x17b4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:53:40.0119 0x17b4 BrUsbMdm - ok
10:53:40.0139 0x17b4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:53:40.0139 0x17b4 BrUsbSer - ok
10:53:40.0179 0x17b4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:53:40.0189 0x17b4 BthEnum - ok
10:53:40.0199 0x17b4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:53:40.0199 0x17b4 BTHMODEM - ok
10:53:40.0219 0x17b4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:53:40.0219 0x17b4 BthPan - ok
10:53:40.0289 0x17b4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:53:40.0319 0x17b4 BTHPORT - ok
10:53:40.0389 0x17b4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:53:40.0439 0x17b4 bthserv - ok
10:53:40.0469 0x17b4 [ 9E2AF97302B9F4BF97E952A865EB31AE, 2DE38CF8A24CC1E31604EF870704DE342D800762A2ECCF3E4AF0B183C1408456 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
10:53:40.0469 0x17b4 BTHSSecurityMgr - ok
10:53:40.0479 0x17b4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:53:40.0489 0x17b4 BTHUSB - ok
10:53:40.0519 0x17b4 [ 274E47BD9C1367BDBFA9DF10C2E6C544, 196D7274AE0A461F58E8D18866DFC5C5ED35740EFEE34C348A7B9B225E4ED438 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
10:53:40.0539 0x17b4 btmaudio - ok
10:53:40.0569 0x17b4 [ 75EAB5AAF6E9F83739249CE60B4B9C39, 7D6B4CFEC26C1403558153A2484A07C41CB61E6BBEA41A3D5FDDE0FFBD1C75EC ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
10:53:40.0579 0x17b4 btmaux - ok
10:53:40.0599 0x17b4 [ 0B1CC2221DC5990E4557A78CE9AFAD4F, 1E261B27A84CD029C5FE8AB1AA5598BA89CAA8484045C6733E9C667339147296 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
10:53:40.0609 0x17b4 btmhsf - ok
10:53:40.0629 0x17b4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:53:40.0639 0x17b4 cdfs - ok
10:53:40.0669 0x17b4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:53:40.0699 0x17b4 cdrom - ok
10:53:40.0739 0x17b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:53:40.0749 0x17b4 CertPropSvc - ok
10:53:40.0769 0x17b4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:53:40.0779 0x17b4 circlass - ok
10:53:40.0799 0x17b4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:53:40.0809 0x17b4 CLFS - ok
10:53:40.0889 0x17b4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:40.0919 0x17b4 clr_optimization_v2.0.50727_32 - ok
10:53:40.0989 0x17b4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:53:41.0019 0x17b4 clr_optimization_v2.0.50727_64 - ok
10:53:41.0089 0x17b4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:53:41.0209 0x17b4 clr_optimization_v4.0.30319_32 - ok
10:53:41.0229 0x17b4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:53:41.0249 0x17b4 clr_optimization_v4.0.30319_64 - ok
10:53:41.0259 0x17b4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:53:41.0269 0x17b4 CmBatt - ok
10:53:41.0299 0x17b4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:53:41.0309 0x17b4 cmdide - ok
10:53:41.0359 0x17b4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:53:41.0379 0x17b4 CNG - ok
10:53:41.0419 0x17b4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:53:41.0429 0x17b4 Compbatt - ok
10:53:41.0459 0x17b4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:53:41.0469 0x17b4 CompositeBus - ok
10:53:41.0479 0x17b4 COMSysApp - ok
10:53:41.0489 0x17b4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:53:41.0499 0x17b4 crcdisk - ok
10:53:41.0529 0x17b4 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:53:41.0549 0x17b4 CryptSvc - ok
10:53:41.0579 0x17b4 [ BC3D4F90978CD7C8EABD1BAF3BF7873A, 5978139650FC51BE0CAB12061702C7BC7BEDF6E7C3A047FF0A6328AA674E4226 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:53:41.0589 0x17b4 CtClsFlt - ok
10:53:41.0629 0x17b4 [ B5BE55C8CB05318FD6F8939638F7A88E, 81B63093FACAD3789E266A44F18843D36FBE19485B8CFB4F94633693BCB75E59 ] cyhid C:\Windows\system32\DRIVERS\cyhid.sys
10:53:41.0649 0x17b4 cyhid - ok
10:53:41.0689 0x17b4 [ FA49C16DB0FF33B05FA4532D1C553D9B, B33F62E4F214385AE009588E6363E8B762851351FF6182CD8146D051910FF536 ] cykbfltrService C:\Windows\system32\DRIVERS\cykbfltr.sys
10:53:41.0699 0x17b4 cykbfltrService - ok
10:53:41.0719 0x17b4 [ 5ABB2F91BF503F7D1918D430F7799EA0, 3C12940FD37117D2706425744613933FC9891177D2BB2AF89BC0E36497E062BD ] cymfltrService C:\Windows\system32\DRIVERS\cymfltr.sys
10:53:41.0739 0x17b4 cymfltrService - ok
10:53:41.0799 0x17b4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:53:41.0819 0x17b4 DcomLaunch - ok
10:53:41.0909 0x17b4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:53:41.0959 0x17b4 defragsvc - ok
10:53:41.0979 0x17b4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:53:41.0999 0x17b4 DfsC - ok
10:53:42.0029 0x17b4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:53:42.0029 0x17b4 Dhcp - ok
10:53:42.0039 0x17b4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:53:42.0049 0x17b4 discache - ok
10:53:42.0059 0x17b4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:53:42.0069 0x17b4 Disk - ok
10:53:42.0089 0x17b4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:53:42.0099 0x17b4 Dnscache - ok
10:53:42.0119 0x17b4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:53:42.0169 0x17b4 dot3svc - ok
10:53:42.0179 0x17b4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:53:42.0179 0x17b4 DPS - ok
10:53:42.0209 0x17b4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:53:42.0209 0x17b4 drmkaud - ok
10:53:42.0289 0x17b4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:53:42.0329 0x17b4 DXGKrnl - ok
10:53:42.0349 0x17b4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:53:42.0349 0x17b4 EapHost - ok
10:53:42.0479 0x17b4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:53:42.0599 0x17b4 ebdrv - ok
10:53:42.0629 0x17b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
10:53:42.0639 0x17b4 EFS - ok
10:53:42.0709 0x17b4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:53:42.0799 0x17b4 ehRecvr - ok
10:53:42.0809 0x17b4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:53:42.0819 0x17b4 ehSched - ok
10:53:42.0849 0x17b4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:53:42.0889 0x17b4 elxstor - ok
10:53:42.0949 0x17b4 [ 0794D2FA7C69C4ACF3AD3439B6FC8745, 1A5C070F54117FC18ABA98DD734CD0FB650802C264CDA0A1912AF015DBC34D91 ] EMP_UDSA C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
10:53:42.0949 0x17b4 EMP_UDSA - ok
10:53:42.0969 0x17b4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:53:42.0979 0x17b4 ErrDev - ok
10:53:43.0029 0x17b4 esgiguard - ok
10:53:43.0079 0x17b4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:53:43.0099 0x17b4 EventSystem - ok
10:53:43.0199 0x17b4 [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:53:43.0229 0x17b4 EvtEng - ok
10:53:43.0249 0x17b4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:53:43.0259 0x17b4 exfat - ok
10:53:43.0269 0x17b4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:53:43.0279 0x17b4 fastfat - ok
10:53:43.0309 0x17b4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:53:43.0319 0x17b4 Fax - ok
10:53:43.0349 0x17b4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:53:43.0349 0x17b4 fdc - ok
10:53:43.0359 0x17b4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:53:43.0369 0x17b4 fdPHost - ok
10:53:43.0389 0x17b4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:53:43.0399 0x17b4 FDResPub - ok
10:53:43.0419 0x17b4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:53:43.0429 0x17b4 FileInfo - ok
10:53:43.0449 0x17b4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:53:43.0449 0x17b4 Filetrace - ok
10:53:43.0469 0x17b4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:53:43.0469 0x17b4 flpydisk - ok
10:53:43.0499 0x17b4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:53:43.0509 0x17b4 FltMgr - ok
10:53:43.0589 0x17b4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:53:43.0659 0x17b4 FontCache - ok
10:53:43.0709 0x17b4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:53:43.0739 0x17b4 FontCache3.0.0.0 - ok
10:53:43.0759 0x17b4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:53:43.0779 0x17b4 FsDepends - ok
10:53:43.0799 0x17b4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:53:43.0809 0x17b4 Fs_Rec - ok
10:53:43.0829 0x17b4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:53:43.0869 0x17b4 fvevol - ok
10:53:43.0889 0x17b4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:53:43.0889 0x17b4 gagp30kx - ok
10:53:43.0929 0x17b4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:53:43.0939 0x17b4 GEARAspiWDM - ok
10:53:43.0999 0x17b4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:53:44.0039 0x17b4 gpsvc - ok
10:53:44.0129 0x17b4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:44.0139 0x17b4 gupdate - ok
10:53:44.0149 0x17b4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:44.0149 0x17b4 gupdatem - ok
10:53:44.0199 0x17b4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:53:44.0259 0x17b4 gusvc - ok
10:53:44.0309 0x17b4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:53:44.0319 0x17b4 hcw85cir - ok
10:53:44.0379 0x17b4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:53:44.0419 0x17b4 HdAudAddService - ok
10:53:44.0459 0x17b4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:53:44.0469 0x17b4 HDAudBus - ok
10:53:44.0489 0x17b4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:53:44.0499 0x17b4 HidBatt - ok
10:53:44.0529 0x17b4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:53:44.0539 0x17b4 HidBth - ok
10:53:44.0549 0x17b4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:53:44.0559 0x17b4 HidIr - ok
10:53:44.0569 0x17b4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:53:44.0619 0x17b4 hidserv - ok
10:53:44.0669 0x17b4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:53:44.0689 0x17b4 HidUsb - ok
10:53:44.0739 0x17b4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:53:44.0749 0x17b4 hkmsvc - ok
10:53:44.0779 0x17b4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:53:44.0799 0x17b4 HomeGroupListener - ok
10:53:44.0819 0x17b4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:53:44.0819 0x17b4 HomeGroupProvider - ok
10:53:44.0829 0x17b4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:53:44.0839 0x17b4 HpSAMD - ok
10:53:44.0869 0x17b4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:53:44.0919 0x17b4 HTTP - ok
10:53:44.0939 0x17b4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:53:44.0939 0x17b4 hwpolicy - ok
10:53:44.0949 0x17b4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:53:44.0959 0x17b4 i8042prt - ok
10:53:44.0989 0x17b4 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:53:44.0999 0x17b4 iaStor - ok
10:53:45.0039 0x17b4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:53:45.0059 0x17b4 iaStorV - ok
10:53:45.0079 0x17b4 [ 8A4EC1C3F10385181B1066120C610AE5, C0DCD4A6A1128F630B8F6F54D9AA10E5104636A46D98543C3D7320E1DA397EBC ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:53:45.0079 0x17b4 iBtFltCoex - ok
10:53:45.0139 0x17b4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:53:45.0189 0x17b4 idsvc - ok
10:53:45.0529 0x17b4 [ 0BD58366C86EF9DDC4F61AFED0CADA99, 2C4ADD577872DF0E9DE7664FA4293B8E335E18055E346B5BF644544840E420EF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:53:45.0950 0x17b4 igfx - ok
10:53:45.0980 0x17b4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:53:45.0980 0x17b4 iirsp - ok
10:53:46.0050 0x17b4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:53:46.0080 0x17b4 IKEEXT - ok
10:53:46.0100 0x17b4 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys
10:53:46.0110 0x17b4 Impcd - ok
10:53:46.0130 0x17b4 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
10:53:46.0140 0x17b4 intaud_WaveExtensible - ok
10:53:46.0160 0x17b4 IntcAzAudAddService - ok
10:53:46.0190 0x17b4 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:53:46.0210 0x17b4 IntcDAud - ok
10:53:46.0240 0x17b4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:53:46.0260 0x17b4 intelide - ok
10:53:46.0290 0x17b4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:53:46.0290 0x17b4 intelppm - ok
10:53:46.0320 0x17b4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:53:46.0340 0x17b4 IPBusEnum - ok
10:53:46.0350 0x17b4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:53:46.0360 0x17b4 IpFilterDriver - ok
10:53:46.0390 0x17b4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:53:46.0460 0x17b4 iphlpsvc - ok
10:53:46.0470 0x17b4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:53:46.0480 0x17b4 IPMIDRV - ok
10:53:46.0500 0x17b4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:53:46.0500 0x17b4 IPNAT - ok
10:53:46.0580 0x17b4 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:53:46.0590 0x17b4 iPod Service - ok
10:53:46.0590 0x17b4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:53:46.0600 0x17b4 IRENUM - ok
10:53:46.0610 0x17b4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:53:46.0620 0x17b4 isapnp - ok
10:53:46.0660 0x17b4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:53:46.0680 0x17b4 iScsiPrt - ok
10:53:46.0710 0x17b4 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
10:53:46.0720 0x17b4 iwdbus - ok
10:53:46.0770 0x17b4 [ 43F319DE026E04B9CF9219A14BF24FE8, 7DBB28CBDE53126AA28FF89535D92130294536F5348E0EC853892A507AEE2A13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
10:53:46.0790 0x17b4 JMCR - ok
10:53:46.0820 0x17b4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:53:46.0840 0x17b4 kbdclass - ok
10:53:46.0890 0x17b4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:53:46.0910 0x17b4 kbdhid - ok
10:53:46.0930 0x17b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
10:53:46.0940 0x17b4 KeyIso - ok
10:53:47.0000 0x17b4 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
10:53:47.0000 0x17b4 kl1 - ok
10:53:47.0030 0x17b4 [ D0C3AEF67932D2A80736FBCB956C017D, 166C2FD5F1B6FFE7A71CD821DFDD02B68D25CBF0D44BD6F2522C65CF1DEB363C ] klflt C:\Windows\system32\DRIVERS\klflt.sys
10:53:47.0030 0x17b4 klflt - ok
10:53:47.0110 0x17b4 [ 41DF293A7F0418F5DDED9F0297DC68F3, 25DE4BB7F2D915FCF576ABD46EEDC5574B694A2D1E5CB7AB565792C7BB57C76B ] KLIF C:\Windows\system32\DRIVERS\klif.sys
10:53:47.0130 0x17b4 KLIF - ok
10:53:47.0140 0x17b4 [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
10:53:47.0140 0x17b4 KLIM6 - ok
10:53:47.0140 0x17b4 [ 8DA5BC75C3E8A995335642F26CAEA54B, 3995AAB499A37077AA4FB372E75CD9259BA3EA7020B961CF482AC948D2D47AB4 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
10:53:47.0140 0x17b4 klkbdflt - ok
10:53:47.0150 0x17b4 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
10:53:47.0160 0x17b4 klmouflt - ok
10:53:47.0160 0x17b4 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
10:53:47.0160 0x17b4 klpd - ok
10:53:47.0180 0x17b4 [ 4828B3D2BC89B05E07101C6E60CE0A6A, C2D40EA03A526286AEDF27DE80CB0576EB59EB7581C9E9ECFCB867349593D7CE ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
10:53:47.0190 0x17b4 kltdi - ok
10:53:47.0210 0x17b4 [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\Windows\system32\DRIVERS\kneps.sys
10:53:47.0230 0x17b4 kneps - ok
10:53:47.0260 0x17b4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:53:47.0260 0x17b4 KSecDD - ok
10:53:47.0290 0x17b4 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:53:47.0320 0x17b4 KSecPkg - ok
10:53:47.0330 0x17b4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:53:47.0340 0x17b4 ksthunk - ok
10:53:47.0380 0x17b4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:53:47.0430 0x17b4 KtmRm - ok
10:53:47.0450 0x17b4 [ 0219F13AB1664005ADCBA884C0EB975E, 421AE9F44DEED8EF03AE8F824E796BA393BCF802BB2014D8DF242DB5CF3CB967 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
10:53:47.0450 0x17b4 L1C - ok
10:53:47.0490 0x17b4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:53:47.0540 0x17b4 LanmanServer - ok
10:53:47.0550 0x17b4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:53:47.0550 0x17b4 LanmanWorkstation - ok
10:53:47.0581 0x17b4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:53:47.0591 0x17b4 lltdio - ok
10:53:47.0611 0x17b4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:53:47.0661 0x17b4 lltdsvc - ok
10:53:47.0661 0x17b4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:53:47.0671 0x17b4 lmhosts - ok
10:53:47.0731 0x17b4 [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:53:47.0751 0x17b4 LMS - ok
10:53:47.0771 0x17b4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:53:47.0781 0x17b4 LSI_FC - ok
10:53:47.0791 0x17b4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:53:47.0801 0x17b4 LSI_SAS - ok
10:53:47.0811 0x17b4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:53:47.0821 0x17b4 LSI_SAS2 - ok
10:53:47.0831 0x17b4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:53:47.0851 0x17b4 LSI_SCSI - ok
10:53:47.0871 0x17b4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:53:47.0881 0x17b4 luafv - ok
10:53:47.0921 0x17b4 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:53:47.0941 0x17b4 MBAMProtector - ok
10:53:48.0061 0x17b4 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
10:53:48.0091 0x17b4 MBAMScheduler - ok
10:53:48.0141 0x17b4 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:53:48.0161 0x17b4 MBAMService - ok
10:53:48.0211 0x17b4 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:53:48.0241 0x17b4 MBAMSwissArmy - ok
10:53:48.0271 0x17b4 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:53:48.0281 0x17b4 MBAMWebAccessControl - ok
10:53:48.0301 0x17b4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:53:48.0331 0x17b4 Mcx2Svc - ok
10:53:48.0351 0x17b4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:53:48.0351 0x17b4 megasas - ok
10:53:48.0371 0x17b4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:53:48.0411 0x17b4 MegaSR - ok
10:53:48.0441 0x17b4 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:53:48.0461 0x17b4 MEIx64 - ok
10:53:48.0501 0x17b4 mezgoevq - ok
10:53:48.0521 0x17b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:53:48.0531 0x17b4 MMCSS - ok
10:53:48.0531 0x17b4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:53:48.0541 0x17b4 Modem - ok
10:53:48.0561 0x17b4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:53:48.0561 0x17b4 monitor - ok
10:53:48.0591 0x17b4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:53:48.0611 0x17b4 mouclass - ok
10:53:48.0631 0x17b4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:53:48.0651 0x17b4 mouhid - ok
10:53:48.0671 0x17b4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:53:48.0681 0x17b4 mountmgr - ok
10:53:48.0741 0x17b4 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:53:48.0781 0x17b4 MozillaMaintenance - ok
10:53:48.0861 0x17b4 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:53:48.0921 0x17b4 MpFilter - ok
10:53:48.0951 0x17b4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:53:48.0961 0x17b4 mpio - ok
10:53:49.0001 0x17b4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:53:49.0021 0x17b4 mpsdrv - ok
10:53:49.0051 0x17b4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:53:49.0071 0x17b4 MpsSvc - ok
10:53:49.0091 0x17b4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:53:49.0111 0x17b4 MRxDAV - ok
10:53:49.0141 0x17b4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:53:49.0151 0x17b4 mrxsmb - ok
10:53:49.0201 0x17b4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:53:49.0261 0x17b4 mrxsmb10 - ok
10:53:49.0291 0x17b4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:53:49.0301 0x17b4 mrxsmb20 - ok
10:53:49.0331 0x17b4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:53:49.0341 0x17b4 msahci - ok
10:53:49.0411 0x17b4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:53:49.0441 0x17b4 msdsm - ok
10:53:49.0481 0x17b4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:53:49.0511 0x17b4 MSDTC - ok
10:53:49.0561 0x17b4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:53:49.0571 0x17b4 Msfs - ok
10:53:49.0621 0x17b4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:53:49.0631 0x17b4 mshidkmdf - ok
10:53:49.0651 0x17b4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:53:49.0661 0x17b4 msisadrv - ok
10:53:49.0691 0x17b4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:53:49.0701 0x17b4 MSiSCSI - ok
10:53:49.0711 0x17b4 msiserver - ok
10:53:49.0731 0x17b4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:53:49.0731 0x17b4 MSKSSRV - ok
10:53:49.0821 0x17b4 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:53:49.0821 0x17b4 MsMpSvc - ok
10:53:49.0841 0x17b4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:53:49.0851 0x17b4 MSPCLOCK - ok
10:53:49.0861 0x17b4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:53:49.0871 0x17b4 MSPQM - ok
10:53:49.0891 0x17b4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:53:49.0911 0x17b4 MsRPC - ok
10:53:49.0921 0x17b4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:53:49.0921 0x17b4 mssmbios - ok
10:53:49.0921 0x17b4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:53:49.0931 0x17b4 MSTEE - ok
10:53:49.0931 0x17b4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:53:49.0941 0x17b4 MTConfig - ok
10:53:49.0951 0x17b4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:53:49.0961 0x17b4 Mup - ok
10:53:49.0981 0x17b4 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0, 07D8F8605DD8FCBB3404E3A35274C87E9EC78E402C11C3E809CB44C0EB516434 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:53:50.0021 0x17b4 MyWiFiDHCPDNS - ok
10:53:50.0041 0x17b4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:53:50.0061 0x17b4 napagent - ok
10:53:50.0101 0x17b4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:53:50.0121 0x17b4 NativeWifiP - ok
10:53:50.0181 0x17b4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:53:50.0221 0x17b4 NDIS - ok
10:53:50.0231 0x17b4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:53:50.0241 0x17b4 NdisCap - ok
10:53:50.0261 0x17b4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:53:50.0261 0x17b4 NdisTapi - ok
10:53:50.0291 0x17b4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:53:50.0301 0x17b4 Ndisuio - ok
10:53:50.0331 0x17b4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:53:50.0341 0x17b4 NdisWan - ok
10:53:50.0351 0x17b4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:53:50.0351 0x17b4 NDProxy - ok
10:53:50.0361 0x17b4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:53:50.0361 0x17b4 NetBIOS - ok
10:53:50.0381 0x17b4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:53:50.0391 0x17b4 NetBT - ok
10:53:50.0411 0x17b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
10:53:50.0411 0x17b4 Netlogon - ok
10:53:50.0441 0x17b4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:53:50.0481 0x17b4 Netman - ok
10:53:50.0521 0x17b4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:50.0571 0x17b4 NetMsmqActivator - ok
10:53:50.0591 0x17b4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:50.0601 0x17b4 NetPipeActivator - ok
10:53:50.0621 0x17b4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:53:50.0641 0x17b4 netprofm - ok
10:53:50.0641 0x17b4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:50.0651 0x17b4 NetTcpActivator - ok
10:53:50.0651 0x17b4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:50.0651 0x17b4 NetTcpPortSharing - ok
10:53:50.0901 0x17b4 [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
10:53:51.0201 0x17b4 NETwNs64 - ok
10:53:51.0221 0x17b4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:53:51.0231 0x17b4 nfrd960 - ok
10:53:51.0291 0x17b4 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:53:51.0311 0x17b4 NisDrv - ok
10:53:51.0371 0x17b4 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
10:53:51.0381 0x17b4 NisSrv - ok
10:53:51.0411 0x17b4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:53:51.0431 0x17b4 NlaSvc - ok
10:53:51.0441 0x17b4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:53:51.0451 0x17b4 Npfs - ok
10:53:51.0471 0x17b4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:53:51.0481 0x17b4 nsi - ok
10:53:51.0501 0x17b4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:53:51.0511 0x17b4 nsiproxy - ok
10:53:51.0602 0x17b4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:53:51.0722 0x17b4 Ntfs - ok
10:53:51.0742 0x17b4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:53:51.0742 0x17b4 Null - ok
10:53:51.0782 0x17b4 [ A7127E86F9FFE2A53E271B56B2C4CEDF, 9C8D60290B66976BBC6E6FE0C2B8EBBCF65B019C95116565CA75098E9F66C05D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:53:51.0802 0x17b4 nusb3hub - ok
10:53:51.0822 0x17b4 [ 49BBEC6F48D5F9284B03ABF3A959B19B, 688AFDFA9E2F0AB3BDE22EC55C70FD592AA0236557DA9310E1557C083307CEC5 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:53:51.0842 0x17b4 nusb3xhc - ok
10:53:51.0892 0x17b4 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:53:51.0932 0x17b4 NVHDA - ok
10:53:52.0292 0x17b4 [ 573B0941A37AEBEE96085D56A103F57B, F9A0B59F7C3B3217461F656B8AEE447C80F614E2571A603E55FDFDCB2B767751 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:53:52.0742 0x17b4 nvlddmkm - ok
10:53:52.0772 0x17b4 [ 43AF7EBEAC2AB623468E32CADDCB61A4, 19206A2785181E9524CC19F3A376FE6427968B86493E5836C8F0E5C4457881C4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
10:53:52.0792 0x17b4 nvpciflt - ok
10:53:52.0822 0x17b4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:53:52.0832 0x17b4 nvraid - ok
10:53:52.0842 0x17b4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:53:52.0852 0x17b4 nvstor - ok
10:53:52.0902 0x17b4 [ C500760572C6059918FB0C960967695B, 89C4DCD2A03A75F5BFFCA39DB29D89A81E66A82F3B13FFE01D5D789A1D9172D3 ] NVSvc C:\Windows\system32\nvvsvc.exe
10:53:52.0922 0x17b4 NVSvc - ok
10:53:53.0042 0x17b4 [ F28169A7ADF7B41809CF92D369E744F0, 56972899A6FEBF7E9265A5307C7F54C8AD35ABCC9DB745FE0624B8EA759EDC2A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:53:53.0072 0x17b4 nvUpdatusService - ok
10:53:53.0102 0x17b4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:53:53.0112 0x17b4 nv_agp - ok
10:53:53.0122 0x17b4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:53:53.0132 0x17b4 ohci1394 - ok
10:53:53.0192 0x17b4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:53:53.0232 0x17b4 ose - ok
10:53:53.0412 0x17b4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:53:53.0642 0x17b4 osppsvc - ok
10:53:53.0672 0x17b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:53:53.0682 0x17b4 p2pimsvc - ok
10:53:53.0702 0x17b4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:53:53.0722 0x17b4 p2psvc - ok
10:53:53.0742 0x17b4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
10:53:53.0752 0x17b4 Parport - ok
10:53:53.0772 0x17b4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:53:53.0782 0x17b4 partmgr - ok
10:53:53.0812 0x17b4 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:53:53.0822 0x17b4 PcaSvc - ok
10:53:53.0892 0x17b4 [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms
10:53:53.0922 0x17b4 PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok
10:53:53.0942 0x17b4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:53:53.0952 0x17b4 pci - ok
10:53:53.0982 0x17b4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:53:53.0992 0x17b4 pciide - ok
10:53:54.0012 0x17b4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:53:54.0022 0x17b4 pcmcia - ok
10:53:54.0042 0x17b4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:53:54.0042 0x17b4 pcw - ok
10:53:54.0082 0x17b4 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:53:54.0112 0x17b4 PEAUTH - ok
10:53:54.0192 0x17b4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:53:54.0202 0x17b4 PerfHost - ok
10:53:54.0302 0x17b4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:53:54.0442 0x17b4 pla - ok
10:53:54.0482 0x17b4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:53:54.0492 0x17b4 PlugPlay - ok
10:53:54.0502 0x17b4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:53:54.0512 0x17b4 PNRPAutoReg - ok
10:53:54.0522 0x17b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:53:54.0532 0x17b4 PNRPsvc - ok
10:53:54.0572 0x17b4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:53:54.0623 0x17b4 PolicyAgent - ok
10:53:54.0643 0x17b4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:53:54.0643 0x17b4 Power - ok
10:53:54.0673 0x17b4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:53:54.0693 0x17b4 PptpMiniport - ok
10:53:54.0723 0x17b4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:53:54.0733 0x17b4 Processor - ok
10:53:54.0773 0x17b4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:53:54.0783 0x17b4 ProfSvc - ok
10:53:54.0813 0x17b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:53:54.0813 0x17b4 ProtectedStorage - ok
10:53:54.0843 0x17b4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:53:54.0863 0x17b4 Psched - ok
10:53:54.0883 0x17b4 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:53:54.0893 0x17b4 PxHlpa64 - ok
10:53:54.0963 0x17b4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:53:55.0053 0x17b4 ql2300 - ok
10:53:55.0073 0x17b4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:53:55.0083 0x17b4 ql40xx - ok
10:53:55.0103 0x17b4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:53:55.0213 0x17b4 QWAVE - ok
10:53:55.0233 0x17b4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:53:55.0233 0x17b4 QWAVEdrv - ok
10:53:55.0323 0x17b4 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
10:53:55.0353 0x17b4 RapiMgr - ok
10:53:55.0373 0x17b4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:53:55.0373 0x17b4 RasAcd - ok
10:53:55.0393 0x17b4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:53:55.0413 0x17b4 RasAgileVpn - ok
10:53:55.0433 0x17b4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:53:55.0443 0x17b4 RasAuto - ok
10:53:55.0453 0x17b4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:53:55.0463 0x17b4 Rasl2tp - ok
10:53:55.0473 0x17b4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:53:55.0503 0x17b4 RasMan - ok
10:53:55.0513 0x17b4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:53:55.0523 0x17b4 RasPppoe - ok
10:53:55.0533 0x17b4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:53:55.0543 0x17b4 RasSstp - ok
10:53:55.0553 0x17b4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:53:55.0573 0x17b4 rdbss - ok
10:53:55.0573 0x17b4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:53:55.0583 0x17b4 rdpbus - ok
10:53:55.0593 0x17b4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:53:55.0603 0x17b4 RDPCDD - ok
10:53:55.0613 0x17b4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:53:55.0613 0x17b4 RDPENCDD - ok
10:53:55.0623 0x17b4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:53:55.0633 0x17b4 RDPREFMP - ok
10:53:55.0653 0x17b4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:53:55.0663 0x17b4 RDPWD - ok
10:53:55.0683 0x17b4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:53:55.0693 0x17b4 rdyboost - ok
10:53:55.0763 0x17b4 [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:53:55.0783 0x17b4 RegSrvc - ok
10:53:55.0803 0x17b4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:53:55.0813 0x17b4 RemoteAccess - ok
10:53:55.0823 0x17b4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:53:55.0833 0x17b4 RemoteRegistry - ok
10:53:55.0843 0x17b4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:53:55.0853 0x17b4 RFCOMM - ok
10:53:55.0943 0x17b4 [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
10:53:56.0023 0x17b4 RoxMediaDB12OEM - ok
10:53:56.0053 0x17b4 [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
10:53:56.0073 0x17b4 RoxWatch12 - ok
10:53:56.0093 0x17b4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:53:56.0103 0x17b4 RpcEptMapper - ok
10:53:56.0113 0x17b4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:53:56.0113 0x17b4 RpcLocator - ok
10:53:56.0153 0x17b4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:53:56.0163 0x17b4 RpcSs - ok
10:53:56.0173 0x17b4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:53:56.0183 0x17b4 rspndr - ok
10:53:56.0193 0x17b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
10:53:56.0193 0x17b4 SamSs - ok
10:53:56.0203 0x17b4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:53:56.0213 0x17b4 sbp2port - ok
10:53:56.0243 0x17b4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:53:56.0293 0x17b4 SCardSvr - ok
10:53:56.0303 0x17b4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:53:56.0313 0x17b4 scfilter - ok
10:53:56.0353 0x17b4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:53:56.0433 0x17b4 Schedule - ok
10:53:56.0463 0x17b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:53:56.0463 0x17b4 SCPolicySvc - ok
10:53:56.0483 0x17b4 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:53:56.0493 0x17b4 sdbus - ok
10:53:56.0503 0x17b4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:53:56.0513 0x17b4 SDRSVC - ok
10:53:56.0523 0x17b4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:53:56.0533 0x17b4 secdrv - ok
10:53:56.0533 0x17b4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:53:56.0543 0x17b4 seclogon - ok
10:53:56.0553 0x17b4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:53:56.0553 0x17b4 SENS - ok
10:53:56.0573 0x17b4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:53:56.0583 0x17b4 SensrSvc - ok
10:53:56.0593 0x17b4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:53:56.0593 0x17b4 Serenum - ok
10:53:56.0613 0x17b4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
10:53:56.0623 0x17b4 Serial - ok
10:53:56.0643 0x17b4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:53:56.0653 0x17b4 sermouse - ok
10:53:56.0663 0x17b4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:53:56.0673 0x17b4 SessionEnv - ok
10:53:56.0693 0x17b4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
10:53:56.0703 0x17b4 sffdisk - ok
10:53:56.0723 0x17b4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:53:56.0723 0x17b4 sffp_mmc - ok
10:53:56.0743 0x17b4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
10:53:56.0743 0x17b4 sffp_sd - ok
10:53:56.0753 0x17b4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:53:56.0753 0x17b4 sfloppy - ok
10:53:56.0783 0x17b4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:53:56.0813 0x17b4 SharedAccess - ok
10:53:56.0843 0x17b4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:53:56.0843 0x17b4 ShellHWDetection - ok
10:53:56.0863 0x17b4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:53:56.0873 0x17b4 SiSRaid2 - ok
10:53:56.0883 0x17b4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:53:56.0893 0x17b4 SiSRaid4 - ok
10:53:56.0913 0x17b4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:53:56.0923 0x17b4 Smb - ok
10:53:56.0953 0x17b4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:53:56.0953 0x17b4 SNMPTRAP - ok
10:53:56.0973 0x17b4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:53:56.0983 0x17b4 spldr - ok
10:53:57.0023 0x17b4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:53:57.0033 0x17b4 Spooler - ok
10:53:57.0153 0x17b4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:53:57.0243 0x17b4 sppsvc - ok
10:53:57.0273 0x17b4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:53:57.0283 0x17b4 sppuinotify - ok
10:53:57.0293 0x17b4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:53:57.0323 0x17b4 srv - ok
10:53:57.0333 0x17b4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:53:57.0363 0x17b4 srv2 - ok
10:53:57.0383 0x17b4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:53:57.0393 0x17b4 srvnet - ok
10:53:57.0413 0x17b4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:53:57.0413 0x17b4 SSDPSRV - ok
10:53:57.0453 0x17b4 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
10:53:57.0453 0x17b4 SSPORT - ok
10:53:57.0463 0x17b4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:53:57.0463 0x17b4 SstpSvc - ok
10:53:57.0483 0x17b4 [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
10:53:57.0493 0x17b4 stdcfltn - ok
10:53:57.0553 0x17b4 [ 0683504BBB3FFC0A73D9D217B63DD0E0, 1E96C8363A702E4E833128CC88BEF639F85BA96E7393B5A41D4BE1744EA34DB5 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:53:57.0553 0x17b4 Stereo Service - ok
10:53:57.0573 0x17b4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:53:57.0573 0x17b4 stexstor - ok
10:53:57.0603 0x17b4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
10:53:57.0613 0x17b4 StillCam - ok
10:53:57.0653 0x17b4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:53:57.0663 0x17b4 stisvc - ok
10:53:57.0693 0x17b4 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
10:53:57.0823 0x17b4 stllssvr - ok
10:53:57.0843 0x17b4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:53:57.0853 0x17b4 swenum - ok
10:53:57.0893 0x17b4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:53:57.0973 0x17b4 swprv - ok
10:53:58.0053 0x17b4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:53:58.0103 0x17b4 SysMain - ok
10:53:58.0123 0x17b4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:53:58.0123 0x17b4 TabletInputService - ok
10:53:58.0143 0x17b4 taphss6 - ok
10:53:58.0173 0x17b4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:53:58.0203 0x17b4 TapiSrv - ok
10:53:58.0213 0x17b4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:53:58.0223 0x17b4 TBS - ok
10:53:58.0303 0x17b4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:53:58.0443 0x17b4 Tcpip - ok
10:53:58.0503 0x17b4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:53:58.0533 0x17b4 TCPIP6 - ok
10:53:58.0553 0x17b4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:53:58.0553 0x17b4 tcpipreg - ok
10:53:58.0563 0x17b4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:53:58.0573 0x17b4 TDPIPE - ok
10:53:58.0593 0x17b4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:53:58.0593 0x17b4 TDTCP - ok
10:53:58.0634 0x17b4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:53:58.0644 0x17b4 tdx - ok
10:53:58.0684 0x17b4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:53:58.0694 0x17b4 TermDD - ok
10:53:58.0784 0x17b4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:53:58.0804 0x17b4 TermService - ok
10:53:58.0824 0x17b4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:53:58.0834 0x17b4 Themes - ok
10:53:58.0854 0x17b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:53:58.0864 0x17b4 THREADORDER - ok
10:53:58.0894 0x17b4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:53:58.0904 0x17b4 TrkWks - ok
10:53:58.0934 0x17b4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:53:58.0944 0x17b4 TrustedInstaller - ok
10:53:58.0974 0x17b4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:53:58.0984 0x17b4 tssecsrv - ok
10:53:59.0014 0x17b4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:53:59.0034 0x17b4 TsUsbFlt - ok
10:53:59.0044 0x17b4 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:53:59.0054 0x17b4 TsUsbGD - ok
10:53:59.0074 0x17b4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:53:59.0094 0x17b4 tunnel - ok
10:53:59.0144 0x17b4 [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
10:53:59.0184 0x17b4 TurboB - ok
10:53:59.0224 0x17b4 [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:53:59.0304 0x17b4 TurboBoost - ok
10:53:59.0324 0x17b4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:53:59.0344 0x17b4 uagp35 - ok
10:53:59.0374 0x17b4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:53:59.0384 0x17b4 udfs - ok
10:53:59.0404 0x17b4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:53:59.0404 0x17b4 UI0Detect - ok
10:53:59.0424 0x17b4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:53:59.0434 0x17b4 uliagpkx - ok
10:53:59.0444 0x17b4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:53:59.0464 0x17b4 umbus - ok
10:53:59.0484 0x17b4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:53:59.0494 0x17b4 UmPass - ok
10:53:59.0634 0x17b4 [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:53:59.0674 0x17b4 UNS - ok
10:53:59.0694 0x17b4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:53:59.0704 0x17b4 upnphost - ok
10:53:59.0734 0x17b4 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:53:59.0734 0x17b4 USBAAPL64 - ok
10:53:59.0764 0x17b4 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:53:59.0784 0x17b4 usbccgp - ok
10:53:59.0824 0x17b4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:53:59.0834 0x17b4 usbcir - ok
10:53:59.0854 0x17b4 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:53:59.0874 0x17b4 usbehci - ok
10:53:59.0934 0x17b4 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:53:59.0984 0x17b4 usbhub - ok
10:54:00.0004 0x17b4 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:54:00.0014 0x17b4 usbohci - ok
10:54:00.0034 0x17b4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:54:00.0044 0x17b4 usbprint - ok
10:54:00.0084 0x17b4 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:54:00.0094 0x17b4 usbscan - ok
10:54:00.0114 0x17b4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:54:00.0124 0x17b4 USBSTOR - ok
10:54:00.0124 0x17b4 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:54:00.0134 0x17b4 usbuhci - ok
10:54:00.0164 0x17b4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:54:00.0174 0x17b4 usbvideo - ok
10:54:00.0194 0x17b4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:54:00.0204 0x17b4 UxSms - ok
10:54:00.0204 0x17b4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
10:54:00.0214 0x17b4 VaultSvc - ok
10:54:00.0234 0x17b4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:54:00.0244 0x17b4 vdrvroot - ok
10:54:00.0284 0x17b4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:54:00.0344 0x17b4 vds - ok
10:54:00.0364 0x17b4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:54:00.0364 0x17b4 vga - ok
10:54:00.0384 0x17b4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:54:00.0384 0x17b4 VgaSave - ok
10:54:00.0404 0x17b4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:54:00.0414 0x17b4 vhdmp - ok
10:54:00.0444 0x17b4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:54:00.0454 0x17b4 viaide - ok
10:54:00.0474 0x17b4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:54:00.0484 0x17b4 volmgr - ok
10:54:00.0494 0x17b4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:54:00.0514 0x17b4 volmgrx - ok
10:54:00.0534 0x17b4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:54:00.0544 0x17b4 volsnap - ok
10:54:00.0564 0x17b4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:54:00.0574 0x17b4 vsmraid - ok
10:54:00.0624 0x17b4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:54:00.0724 0x17b4 VSS - ok
10:54:00.0744 0x17b4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:54:00.0754 0x17b4 vwifibus - ok
10:54:00.0774 0x17b4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:54:00.0794 0x17b4 vwififlt - ok
10:54:00.0834 0x17b4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:54:00.0844 0x17b4 vwifimp - ok
10:54:00.0864 0x17b4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:54:00.0874 0x17b4 W32Time - ok
10:54:00.0894 0x17b4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:54:00.0904 0x17b4 WacomPen - ok
10:54:00.0924 0x17b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:54:00.0934 0x17b4 WANARP - ok
10:54:00.0944 0x17b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:54:00.0944 0x17b4 Wanarpv6 - ok
10:54:01.0024 0x17b4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:54:01.0084 0x17b4 WatAdminSvc - ok
10:54:01.0134 0x17b4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:54:01.0234 0x17b4 wbengine - ok
10:54:01.0264 0x17b4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:54:01.0284 0x17b4 WbioSrvc - ok
10:54:01.0334 0x17b4 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
10:54:01.0344 0x17b4 WcesComm - ok
10:54:01.0364 0x17b4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:54:01.0394 0x17b4 wcncsvc - ok
10:54:01.0414 0x17b4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:54:01.0424 0x17b4 WcsPlugInService - ok
10:54:01.0434 0x17b4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:54:01.0444 0x17b4 Wd - ok
10:54:01.0494 0x17b4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:54:01.0554 0x17b4 Wdf01000 - ok
10:54:01.0574 0x17b4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:54:01.0584 0x17b4 WdiServiceHost - ok
10:54:01.0584 0x17b4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:54:01.0594 0x17b4 WdiSystemHost - ok
10:54:01.0614 0x17b4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:54:01.0634 0x17b4 WebClient - ok
10:54:01.0644 0x17b4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:54:01.0664 0x17b4 Wecsvc - ok
10:54:01.0674 0x17b4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:54:01.0684 0x17b4 wercplsupport - ok
10:54:01.0694 0x17b4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:54:01.0704 0x17b4 WerSvc - ok
10:54:01.0724 0x17b4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:54:01.0734 0x17b4 WfpLwf - ok
10:54:01.0774 0x17b4 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:54:01.0794 0x17b4 WimFltr - ok
10:54:01.0804 0x17b4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:54:01.0814 0x17b4 WIMMount - ok
10:54:01.0834 0x17b4 WinDefend - ok
10:54:01.0854 0x17b4 WinHttpAutoProxySvc - ok
10:54:01.0914 0x17b4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:54:01.0954 0x17b4 Winmgmt - ok
10:54:02.0044 0x17b4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:54:02.0174 0x17b4 WinRM - ok
10:54:02.0214 0x17b4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:54:02.0234 0x17b4 WinUsb - ok
10:54:02.0304 0x17b4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:54:02.0344 0x17b4 Wlansvc - ok
10:54:02.0384 0x17b4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:54:02.0384 0x17b4 wlcrasvc - ok
10:54:02.0524 0x17b4 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:54:02.0564 0x17b4 wlidsvc - ok
10:54:02.0584 0x17b4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:54:02.0584 0x17b4 WmiAcpi - ok
10:54:02.0604 0x17b4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:54:02.0614 0x17b4 wmiApSrv - ok
10:54:02.0624 0x17b4 WMPNetworkSvc - ok
10:54:02.0654 0x17b4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:54:02.0664 0x17b4 WPCSvc - ok
10:54:02.0674 0x17b4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:54:02.0674 0x17b4 WPDBusEnum - ok
10:54:02.0694 0x17b4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:54:02.0704 0x17b4 ws2ifsl - ok
10:54:02.0714 0x17b4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:54:02.0714 0x17b4 wscsvc - ok
10:54:02.0744 0x17b4 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:54:02.0754 0x17b4 WSDPrintDevice - ok
10:54:02.0804 0x17b4 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
10:54:02.0804 0x17b4 WSDScan - ok
10:54:02.0804 0x17b4 WSearch - ok
10:54:02.0934 0x17b4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
10:54:03.0024 0x17b4 wuauserv - ok
10:54:03.0064 0x17b4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:54:03.0084 0x17b4 WudfPf - ok
10:54:03.0124 0x17b4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:54:03.0164 0x17b4 WUDFRd - ok
10:54:03.0194 0x17b4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:54:03.0204 0x17b4 wudfsvc - ok
10:54:03.0264 0x17b4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:54:03.0294 0x17b4 WwanSvc - ok
10:54:03.0326 0x17b4 ================ Scan global ===============================
10:54:03.0344 0x17b4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:54:03.0385 0x17b4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:54:03.0410 0x17b4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:54:03.0438 0x17b4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:54:03.0466 0x17b4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:54:03.0474 0x17b4 [ Global ] - ok
10:54:03.0475 0x17b4 ================ Scan MBR ==================================
10:54:03.0486 0x17b4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:54:03.0772 0x17b4 \Device\Harddisk0\DR0 - ok
10:54:03.0778 0x17b4 ================ Scan VBR ==================================
10:54:03.0789 0x17b4 [ 6BB320BAC29D58C72D481460AACBA129 ] \Device\Harddisk0\DR0\Partition1
10:54:03.0793 0x17b4 \Device\Harddisk0\DR0\Partition1 - ok
10:54:03.0797 0x17b4 [ 5C37483ADF46B72D0155A65D79A4A3D6 ] \Device\Harddisk0\DR0\Partition2
10:54:03.0798 0x17b4 \Device\Harddisk0\DR0\Partition2 - ok
10:54:03.0815 0x17b4 [ 7D2FDD2D5F6E92CE625ED13DA635ED94 ] \Device\Harddisk0\DR0\Partition3
10:54:03.0816 0x17b4 \Device\Harddisk0\DR0\Partition3 - ok
10:54:03.0816 0x17b4 ================ Scan generic autorun ======================
10:54:03.0932 0x17b4 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:54:03.0962 0x17b4 MSC - ok
10:54:04.0249 0x17b4 [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
10:54:04.0260 0x17b4 avgnt - ok
10:54:04.0325 0x17b4 [ E782C99ED0176334F169C2C7C2A6D1DA, 004C8192284FEC6809522F48275BE4450B8D7F9E7410AA541EEF477DFABB9615 ] C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe
10:54:04.0371 0x17b4 EPSON_UD_START - ok
10:54:04.0420 0x17b4 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:54:04.0423 0x17b4 iTunesHelper - ok
10:54:04.0474 0x17b4 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:54:04.0818 0x17b4 QuickTime Task - ok
10:54:04.0872 0x17b4 [ 4DDC9B851FFCA263272B1BFF99B53C82, F2B28072C639A29CB40863EFBD5790422CC1A043E700558E9E6A2302B8A670FB ] C:\Program Files (x86)\PDF24\pdf24.exe
10:54:04.0878 0x17b4 PDFPrint - ok
10:54:04.0966 0x17b4 [ 22283306E9A33D4EB10F8B6C7499C30E, F527A3ED9816EE5C5A191A26A7D29A2CAFAB7DA3BAA3295FE0E8A2D44F0F5F45 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
10:54:04.0969 0x17b4 Avira Systray - ok
10:54:05.0044 0x17b4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:54:05.0143 0x17b4 Sidebar - ok
10:54:05.0167 0x17b4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:54:05.0176 0x17b4 mctadmin - ok
10:54:05.0204 0x17b4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:54:05.0224 0x17b4 Sidebar - ok
10:54:05.0229 0x17b4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:54:05.0232 0x17b4 mctadmin - ok
10:54:05.0265 0x17b4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:54:05.0287 0x17b4 Sidebar - ok
10:54:05.0293 0x17b4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:54:05.0296 0x17b4 mctadmin - ok
10:54:05.0343 0x17b4 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
10:54:05.0344 0x17b4 swg - ok
10:54:05.0346 0x17b4 Waiting for KSN requests completion. In queue: 147
10:54:06.0346 0x17b4 Waiting for KSN requests completion. In queue: 147
10:54:07.0347 0x17b4 Waiting for KSN requests completion. In queue: 147
10:54:08.0465 0x17b4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
10:54:08.0470 0x17b4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:54:08.0562 0x17b4 AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
10:54:08.0587 0x17b4 Win FW state via NFP2: enabled
10:54:11.0048 0x17b4 ============================================================
10:54:11.0048 0x17b4 Scan finished
10:54:11.0048 0x17b4 ============================================================
10:54:11.0060 0x1084 Detected object count: 0
10:54:11.0060 0x1084 Actual detected object count: 0
|
|
30.01.2015, 12:22
| #6 |
| /// the machine /// TB-Ausbilder | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Dann mach einfach nen Scan mit deinem MBAM 2.0, aktiviere aber die Rootkitsuche.
__________________ --> Tastatur geht im Internet Explorer nicht mehr - stark verzögert |
|
30.01.2015, 13:24
| #7 |
| | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Lieber Schrauber, hab das MBAM durchgeführt, anbei das Restultat Protection, 30.01.2015 05:59:44, SYSTEM, XPS-15Z, Protection, Malware Protection, Starting, Protection, 30.01.2015 05:59:44, SYSTEM, XPS-15Z, Protection, Malware Protection, Started, Protection, 30.01.2015 05:59:44, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 30.01.2015 06:01:36, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, Update, 30.01.2015 06:58:13, SYSTEM, XPS-15Z, Scheduler, Malware Database, 2015.1.29.8, 2015.1.30.1, Protection, 30.01.2015 06:58:13, SYSTEM, XPS-15Z, Protection, Refresh, Starting, Protection, 30.01.2015 06:58:13, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopping, Protection, 30.01.2015 06:58:13, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopped, Protection, 30.01.2015 06:58:37, SYSTEM, XPS-15Z, Protection, Refresh, Success, Protection, 30.01.2015 06:58:37, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 30.01.2015 06:58:37, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, Protection, 30.01.2015 10:23:05, SYSTEM, XPS-15Z, Protection, Malware Protection, Starting, Protection, 30.01.2015 10:23:05, SYSTEM, XPS-15Z, Protection, Malware Protection, Started, Protection, 30.01.2015 10:23:05, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 30.01.2015 10:24:37, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, Update, 30.01.2015 10:58:13, SYSTEM, XPS-15Z, Scheduler, Malware Database, 2015.1.30.1, 2015.1.30.3, Protection, 30.01.2015 10:58:13, SYSTEM, XPS-15Z, Protection, Refresh, Starting, Protection, 30.01.2015 10:58:13, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopping, Protection, 30.01.2015 10:58:14, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopped, Protection, 30.01.2015 10:58:39, SYSTEM, XPS-15Z, Protection, Refresh, Success, Protection, 30.01.2015 10:58:39, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 30.01.2015 10:58:39, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, Update, 30.01.2015 12:55:05, SYSTEM, XPS-15Z, Scheduler, Malware Database, 2015.1.30.3, 2015.1.30.4, Protection, 30.01.2015 12:55:05, SYSTEM, XPS-15Z, Protection, Refresh, Starting, Protection, 30.01.2015 12:55:05, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopping, Protection, 30.01.2015 12:55:05, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopped, Protection, 30.01.2015 12:55:11, SYSTEM, XPS-15Z, Protection, Refresh, Success, Protection, 30.01.2015 12:55:11, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 30.01.2015 12:55:11, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, Scan, 30.01.2015 13:18:19, SYSTEM, XPS-15Z, Manual, Start: % 1 "% 2", Dauer: % 1 min 20 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, (end) |
|
30.01.2015, 17:04
| #8 |
| /// the machine /// TB-Ausbilder | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Das ist das falsche Log. Hier mal ne Anleitung zu MBAM: Downloade Dir bitte  Malwarebytes Anti-Malware
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2015, 18:35
| #9 |
| | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Hi, ich hoffe nun das Richtige gemacht zu haben Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 30.01.2015 Suchlauf-Zeit: 18:32:14 Logdatei: Anti malware.txt Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2015.01.30.06 Rootkit Datenbank: v2015.01.14.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Anwender Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 415336 Verstrichene Zeit: 23 Min, 58 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) |
|
31.01.2015, 11:33
| #10 |
| /// the machine /// TB-Ausbilder | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Bitte mal ne externe Tastatur anklemmen und testen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.02.2015, 07:58
| #11 |
| | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Hi Schrauber, externe Tastatur macht dieselben Probleme beim Internet Explorer. Außerdem werde ich immer noch mit Werbung zugemüllt glg karin |
|
02.02.2015, 17:34
| #12 |
| /// the machine /// TB-Ausbilder | Tastatur geht im Internet Explorer nicht mehr - stark verzögert hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.02.2015, 09:23
| #13 |
| | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Hi Schrauber, konnte dir Combofix nur so übermitteln, ich hoffe das genügt dir auch. Aus irgendeinem Grund konnte ich es nicht speichern. Die Werbung bekam ich jetzt selber weg, war HOMETAB lg karin CODE][/CODE] Combofix Logfile: Code:
ATTFilter ComboFix 15-02-02.01 - Anwender 03.02.2015 8:40.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3990.1664 [GMT 1:00]
ausgeführt von:: c:\users\Anwender\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Anti-Virus *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-01-03 bis 2015-02-03 ))))))))))))))))))))))))))))))
.
.
2015-02-03 07:50 . 2015-02-03 07:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-02-03 07:50 . 2015-02-03 07:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-03 05:37 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{025C0598-2D6B-4B5E-A57C-84E30F8BB085}\mpengine.dll
2015-02-02 14:08 . 2015-02-02 14:08 129752 ----a-w- c:\windows\system32\drivers\57902FF8.sys
2015-02-02 06:07 . 2014-11-22 02:26 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-02-01 17:55 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-01 11:05 . 2015-02-01 11:05 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-02-01 11:05 . 2015-02-01 11:05 815280 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2015-02-01 11:05 . 2015-02-01 11:05 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-02-01 11:05 . 2015-02-01 11:05 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-02-01 11:05 . 2015-02-01 11:05 235176 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2015-02-01 11:05 . 2015-02-01 11:05 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-02-01 11:05 . 2015-02-01 11:05 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2015-02-01 11:05 . 2015-02-01 11:05 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-02-01 05:49 . 2015-02-01 05:49 129752 ----a-w- c:\windows\system32\drivers\4F536358.sys
2015-01-31 17:58 . 2015-01-31 17:58 129752 ----a-w- c:\windows\system32\drivers\3E2A432A.sys
2015-01-30 09:58 . 2015-01-30 09:58 129752 ----a-w- c:\windows\system32\drivers\394705AA.sys
2015-01-29 17:25 . 2015-01-29 17:28 -------- d-----w- C:\FRST
2015-01-29 15:58 . 2015-01-29 15:58 129752 ----a-w- c:\windows\system32\drivers\5AE24B17.sys
2015-01-29 15:20 . 2015-01-29 15:20 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2015-01-29 15:20 . 2015-01-29 15:20 -------- d-----w- c:\windows\system32\wbem\en-US
2015-01-28 20:54 . 2015-01-28 20:54 -------- d-----w- c:\programdata\Malwarebytes
2015-01-28 20:48 . 2015-01-28 20:48 -------- d-----w- c:\windows\ERUNT
2015-01-28 19:52 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2015-01-28 19:52 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2015-01-27 18:16 . 2013-05-06 08:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2015-01-27 18:15 . 2015-01-28 21:16 -------- d-----w- c:\programdata\MFAData
2015-01-27 18:15 . 2015-01-27 18:15 -------- d-----w- c:\users\Anwender\AppData\Local\MFAData
2015-01-27 18:15 . 2015-01-27 18:15 -------- d-----w- c:\windows\ELAMBKUP
2015-01-27 18:15 . 2015-02-03 07:30 -------- d-----w- c:\programdata\Kaspersky Lab
2015-01-27 18:15 . 2015-01-27 18:15 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2015-01-27 18:15 . 2014-05-28 15:38 625248 ----a-w- c:\windows\system32\drivers\klif.sys
2015-01-27 18:15 . 2014-05-28 15:38 115296 ----a-w- c:\windows\system32\drivers\klflt.sys
2015-01-22 14:59 . 2014-09-17 16:46 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C60007BE-6DA0-49F4-9561-3D265A351E1C}\gapaengine.dll
2015-01-17 09:11 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-14 13:09 . 2014-12-11 17:47 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-14 13:09 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-01-14 13:09 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-14 13:09 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-01-14 13:09 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2015-01-14 13:09 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-14 13:09 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-14 13:09 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-14 13:09 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
2015-01-14 13:09 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-01-14 13:09 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
2015-01-14 13:09 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-25 14:35 . 2012-12-21 05:55 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-25 14:35 . 2011-11-08 11:54 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-15 04:28 . 2012-12-19 19:09 113365784 ----a-w- c:\windows\system32\MRT.exe
2014-12-31 11:14 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-15 16:27 . 2014-10-07 12:39 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-04 02:50 . 2014-12-10 13:39 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-10 13:39 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-10 13:39 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-10 13:39 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-10 13:39 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-10 13:39 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-10 13:39 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-10 13:39 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-11 03:09 . 2014-12-10 13:39 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 05:18 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 05:18 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 13:39 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 05:18 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 05:18 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-10 13:39 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-10 13:35 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-10 13:35 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-04-11 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-09 702768]
"EPSON_UD_START"="c:\program files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe" [2010-06-09 329704]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-11-12 193568]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-12-31 126712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 mezgoevq;mezgoevq;c:\windows\system32\drivers\mezgoevq.sys;c:\windows\SYSNATIVE\drivers\mezgoevq.sys [x]
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0;PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\my dell\pcdsrvc_x64.pkms;c:\program files\my dell\pcdsrvc_x64.pkms [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 EMP_UDSA;EMP_UDSA;c:\program files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe;c:\program files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 cyhid;Cypress Input Device;c:\windows\system32\DRIVERS\cyhid.sys;c:\windows\SYSNATIVE\DRIVERS\cyhid.sys [x]
S3 cykbfltrService;Cypress Keyboard Filter Driver;c:\windows\system32\DRIVERS\cykbfltr.sys;c:\windows\SYSNATIVE\DRIVERS\cykbfltr.sys [x]
S3 cymfltrService;Cypress Trackpad Filter Driver;c:\windows\system32\DRIVERS\cymfltr.sys;c:\windows\SYSNATIVE\DRIVERS\cymfltr.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-27 06:02 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 14:35]
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-11 09:28]
.
2015-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-11 09:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-01-27 169768]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
mSearch Bar = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\35yo8esv.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-P-HD-V1.4 - c:\program files (x86)\P-HD-V1.4\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{D3412D80-CF3B4A27-06020200}_0]
"ImagePath"="\??\c:\program files\my dell\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-02-03 08:53:20
ComboFix-quarantined-files.txt 2015-02-03 07:53
.
Vor Suchlauf: 14 Verzeichnis(se), 183.152.447.488 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 182.801.494.016 Bytes frei
.
- - End Of File - - 68113CA329296AC1FAEE7AE106055572
|
|
03.02.2015, 12:01
| #14 |
| /// the machine /// TB-Ausbilder | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.02.2015, 21:17
| #15 |
| | Tastatur geht im Internet Explorer nicht mehr - stark verzögert Hi, das wäre das erste, hoffe auch das richtige Malwarebytes Anti-Malware www.malwarebytes.org Protection, 03.02.2015 16:43:10, SYSTEM, XPS-15Z, Protection, Malware Protection, Starting, Protection, 03.02.2015 16:43:10, SYSTEM, XPS-15Z, Protection, Malware Protection, Started, Protection, 03.02.2015 16:43:10, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 03.02.2015 16:43:10, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, Update, 03.02.2015 16:43:16, SYSTEM, XPS-15Z, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, Update, 03.02.2015 16:43:16, SYSTEM, XPS-15Z, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1, Update, 03.02.2015 16:43:26, SYSTEM, XPS-15Z, Manual, Malware Database, 2014.11.20.6, 2015.2.3.5, Protection, 03.02.2015 16:43:26, SYSTEM, XPS-15Z, Protection, Refresh, Starting, Protection, 03.02.2015 16:43:26, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopping, Protection, 03.02.2015 16:43:26, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Stopped, Protection, 03.02.2015 16:43:31, SYSTEM, XPS-15Z, Protection, Refresh, Success, Protection, 03.02.2015 16:43:31, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 03.02.2015 16:43:31, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, Scan, 03.02.2015 16:54:55, SYSTEM, XPS-15Z, Manual, Start: % 1 "% 2", Dauer: % 1 min 11 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, Protection, 03.02.2015 17:05:31, SYSTEM, XPS-15Z, Protection, Malware Protection, Starting, Protection, 03.02.2015 17:05:31, SYSTEM, XPS-15Z, Protection, Malware Protection, Started, Protection, 03.02.2015 17:05:31, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Starting, Protection, 03.02.2015 17:07:11, SYSTEM, XPS-15Z, Protection, Malicious Website Protection, Started, (end) hi, hier der zweite Teil AdwCleaner Logfile:Code:
ATTFilter # AdwCleaner v4.109 - Bericht erstellt am 03/02/2015 um 20:45:09
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-02-03.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Anwender - XPS-15Z
# Gestartet von : C:\Users\Anwender\Desktop\AdwCleaner_4.109.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0.1 (x86 de)
-\\ Google Chrome v40.0.2214.93
*************************
AdwCleaner[R0].txt - [23304 octets] - [13/05/2014 18:52:35]
AdwCleaner[R1].txt - [9953 octets] - [28/01/2015 21:40:53]
AdwCleaner[R2].txt - [1063 octets] - [03/02/2015 17:17:44]
AdwCleaner[R3].txt - [1124 octets] - [03/02/2015 20:41:28]
AdwCleaner[S0].txt - [19414 octets] - [13/05/2014 18:54:44]
AdwCleaner[S1].txt - [9763 octets] - [28/01/2015 21:44:22]
AdwCleaner[S2].txt - [1046 octets] - [03/02/2015 20:45:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1106 octets] ##########
Nun der 3. Teil Junkware Removal Tool (JRT) by Thisisu Version: 6.4.2 (02.02.2015:1) OS: Windows 7 Home Premium x64 Ran by Anwender on 03.02.2015 at 20:55:29,95 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Anwender\AppData\Roaming\mozilla\firefox\profiles\35yo8esv.default\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 03.02.2015 at 21:03:42,05 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
| Themen zu Tastatur geht im Internet Explorer nicht mehr - stark verzögert |
| anderen, anti-malware, antivirus, computer, explorer, firefox, funktioniert, gelöscht, installiert, internet, internet explorer, kaspersky, laptop, malwarebytes, mozilla, neu, nicht mehr, problem, profi, programme, stark, tastatur, werbung, windows, windows 7 |
WARNUNG an die MITLESER: 
Linear-Darstellung
