| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner/Viren Infizierung per Post von der TelekomWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.01.2015, 16:11
| #1 |
 |  Trojaner/Viren Infizierung per Post von der Telekom Hallo, ich bin neu hier und suche, wie alle Hilfe. Heute kam per Post in Brief der Telekom, das mind. 1 Rechner im Haus mit Trojaner oder Viren verseucht sei. Ich hab nicht wirklich Ahnung wie oder nach was ich da schauen muss, um herauszufinden was denn nun mit dem Rechner los ist. Ich würde mich über Hilfe riesig freuen. Vorallem- schön langsam und auch für mich verständlich  Danke schön mal.... |
|
31.01.2015, 16:26
| #2 |
| /// the machine /// TB-Ausbilder    |  Trojaner/Viren Infizierung per Post von der Telekom hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
31.01.2015, 18:01
| #3 |
| | Trojaner/Viren Infizierung per Post von der Telekom ich hoffe das ist jetzt richtig
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015 01
Ran by Sandra Weilnau (administrator) on SANDRAWEILNAU on 31-01-2015 16:59:28
Running from C:\Users\Sandra Weilnau\Downloads
Loaded Profiles: Sandra Weilnau (Available profiles: Sandra Weilnau)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\MountPoints2: {ab52bafd-f0c5-11e3-a4bd-a4f630a77dd2} - J:\pushinst.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-16] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
CHR HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402425029&from=cor&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402425029&from=cor&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402425029&from=cor&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MF707B0DB-9F72-4FB3-8B5C-BD827F6FEB9B&SearchSource=58&CUI=&UM=5&UP=SP376388CC-D9D6-4AC3-983D-A34E65E9E38A&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Toolbar: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-338094041-3377201104-4203914905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sandra Weilnau\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\searchplugins\V9.xml
Chrome:
=======
CHR Profile: C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google Search) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Security Protection) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-01-01]
CHR Extension: (Gmail) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Sandra Weilnau\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-15] (Elex do Brasil Participações Ltda)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SupraSavingsService64; C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [469504 2014-12-31] (SysTool PasSame LIMITED) [File not signed]
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
S2 Update EnterDigital; "C:\Program Files (x86)\EnterDigital\updateEnterDigital.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-15] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-03] (Elex do Brasil Participações Ltda)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 16:59 - 2015-01-31 17:00 - 00016748 _____ () C:\Users\Sandra Weilnau\Downloads\FRST.txt
2015-01-31 16:59 - 2015-01-31 16:59 - 00000000 ____D () C:\FRST
2015-01-31 16:58 - 2015-01-31 16:58 - 02130944 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64(1).exe
2015-01-31 16:57 - 2015-01-31 16:57 - 02130944 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64.exe
2015-01-27 10:13 - 2015-01-27 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-18 17:12 - 2015-01-31 16:48 - 00004138 _____ () C:\Windows\setupact.log
2015-01-18 17:12 - 2015-01-18 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 17:11 - 2015-01-18 17:11 - 00000350 _____ () C:\Windows\PFRO.log
2015-01-18 14:25 - 2015-01-18 14:25 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-01-18 14:24 - 2015-01-18 14:25 - 00000000 ____D () C:\Program Files (x86)\Safari
2015-01-18 14:23 - 2015-01-18 14:23 - 38494576 _____ (Apple Inc.) C:\Users\Sandra Weilnau\Downloads\SafariSetup.exe
2015-01-18 14:22 - 2015-01-18 14:22 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Macromedia
2015-01-18 14:21 - 2015-01-18 14:21 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-01-18 14:21 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Mozilla
2015-01-18 14:20 - 2015-01-27 14:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 14:20 - 2015-01-18 14:20 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-18 13:55 - 2015-01-18 13:54 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-18 13:54 - 2015-01-18 13:54 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-18 13:53 - 2015-01-18 13:53 - 00638376 _____ (Oracle Corporation) C:\Users\Sandra Weilnau\Downloads\jre-8u25-windows-i586-iftw (1).exe
2015-01-18 13:52 - 2015-01-18 13:52 - 00638376 _____ (Oracle Corporation) C:\Users\Sandra Weilnau\Downloads\jre-8u25-windows-i586-iftw.exe
2015-01-18 11:07 - 2015-01-18 11:07 - 00849032 _____ () C:\Users\Sandra Weilnau\Downloads\Player Setup.exe
2015-01-16 12:25 - 2015-01-16 12:25 - 00000000 ____D () C:\Windows\system32\log
2015-01-16 12:25 - 2015-01-16 12:25 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Elex-tech
2015-01-16 12:25 - 2015-01-16 12:25 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2015-01-16 12:25 - 2015-01-15 07:51 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-01-16 12:25 - 2015-01-03 09:57 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-01-14 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:19 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:19 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:19 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:19 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 15:19 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-01 20:26 - 2015-01-31 16:51 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2015-01-01 20:26 - 2015-01-16 11:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\WinZipper
2015-01-01 20:26 - 2015-01-01 20:26 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-01 20:26 - 2015-01-01 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 17:00 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-31 17:00 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-31 16:59 - 2014-06-10 18:16 - 02057924 _____ () C:\Windows\WindowsUpdate.log
2015-01-31 16:48 - 2014-06-12 08:18 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-31 16:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 14:23 - 2014-06-12 08:18 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 14:22 - 2014-11-02 14:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 10:48 - 2014-06-27 15:45 - 00000000 ____D () C:\Program Files\SupraSavings
2015-01-27 12:25 - 2014-09-02 08:53 - 00000242 _____ () C:\Users\Sandra Weilnau\BullseyeCoverageError.txt
2015-01-26 10:22 - 2014-11-02 14:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 10:22 - 2014-06-10 19:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 10:22 - 2014-06-10 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 20:20 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Apple Computer
2015-01-18 20:30 - 2014-06-11 04:10 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 20:30 - 2014-06-11 04:10 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 20:30 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-18 14:25 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Apple Computer
2015-01-18 14:11 - 2014-06-12 08:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-18 13:58 - 2014-11-02 14:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-18 13:55 - 2014-11-02 14:31 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-14 17:26 - 2014-06-13 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:21 - 2014-06-13 18:27 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 19:54 - 2014-06-17 08:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\vlc
2015-01-09 11:15 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-08 20:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-01 20:26 - 2014-06-10 19:30 - 00000000 ____D () C:\ProgramData\WPM
2015-01-01 20:26 - 2014-06-10 18:44 - 00001647 _____ () C:\Users\Sandra Weilnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Some content of TEMP:
====================
C:\Users\Sandra Weilnau\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-27 09:53
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-01-2015 01
Ran by Sandra Weilnau at 2015-01-31 17:00:32
Running from C:\Users\Sandra Weilnau\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Unity Web Player (HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.83 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-01-2015 13:45:27 Windows Update
18-01-2015 14:24:06 Installed Safari
21-01-2015 21:35:17 Windows Update
26-01-2015 09:09:59 Windows Update
29-01-2015 10:36:51 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-06-10 19:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03471EC2-D1EF-4912-A06D-6E3527413301} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {27386192-1739-401F-BFBE-719394FC1EF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4F9168FA-DF64-4BDB-9DC2-F5CD7214BAD8} - System32\Tasks\{0BFD0BD1-B78A-48FB-BDB0-1D19DAEB6821} => pcalua.exe -a C:\Users\SANDRA~1\AppData\Local\Temp\{D132361B-7D51-4CA2-B31D-695926883B08}\InstallFlashPlayer.exe -d C:\Users\SANDRA~1\AppData\Local\Temp\IDC2.tmp -c -iv 6
Task: {582986BC-7704-4E3D-8A47-FEFDAF58E4B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {C6EF8342-447B-4602-9D82-E368285BE08E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE6C9AD6-19A0-4D00-AB3E-11F9E9E1A157} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5780DA4-9CC0-479A-89CC-2C0A6264611F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F4CE997F-9700-4C42-BE97-8726373DF709} - System32\Tasks\{39E7ABE2-4635-4A33-A61A-5561D6505943} => pcalua.exe -a "C:\Users\Sandra Weilnau\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-25 18:58 - 2014-06-25 18:58 - 00172544 _____ () C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
2014-06-12 20:05 - 2014-06-12 20:05 - 00110080 _____ () C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\nfapi.dll
2014-06-12 20:05 - 2014-06-12 20:05 - 00456192 _____ () C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\ProtocolFilters.dll
2015-01-16 12:25 - 2015-01-15 07:43 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2015-01-01 20:26 - 2014-12-31 05:34 - 00612528 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2015-01-16 12:25 - 2015-01-15 07:43 - 00185656 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-27 10:13 - 2015-01-27 10:14 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-26 10:22 - 2015-01-26 10:22 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-338094041-3377201104-4203914905-500 - Administrator - Disabled)
Gast (S-1-5-21-338094041-3377201104-4203914905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-338094041-3377201104-4203914905-1002 - Limited - Enabled)
Sandra Weilnau (S-1-5-21-338094041-3377201104-4203914905-1000 - Administrator - Enabled) => C:\Users\Sandra Weilnau
==================== Faulty Device Manager Devices =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10357593
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10357593
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10356595
Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10356595
Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10355596
Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10355596
Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/29/2015 03:24:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10354582
System errors:
=============
Error: (01/31/2015 04:49:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update EnterDigital" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/31/2015 04:48:19 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (01/31/2015 04:48:19 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/30/2015 02:19:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update EnterDigital" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/30/2015 02:18:59 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (01/30/2015 02:18:59 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/30/2015 11:09:44 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (01/30/2015 09:36:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update EnterDigital" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/30/2015 09:36:22 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (01/30/2015 09:36:22 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Microsoft Office Sessions:
=========================
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10357593
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10357593
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10356595
Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10356595
Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10355596
Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10355596
Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/29/2015 03:24:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10354582
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 260 Processor
Percentage of memory in use: 57%
Total physical RAM: 3839.18 MB
Available physical RAM: 1614.23 MB
Total Pagefile: 7676.54 MB
Available Pagefile: 5184.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:86.1 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.08 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 02C0D7BF)
Partition 1: (Active) - (Size=84 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
31.01.2015, 23:18
| #4 |
| /// the machine /// TB-Ausbilder | Trojaner/Viren Infizierung per Post von der Telekom Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.02.2015, 10:58
| #5 |
| | Trojaner/Viren Infizierung per Post von der Telekom Malwarebytes Anti-Rootkit BETA 1.08.3.1004 Malwarebytes | Free Anti-Malware & Internet Security Software Database version: main: v2015.02.01.01 rootkit: v2015.01.14.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17501 Sandra Weilnau :: SANDRAWEILNAU [administrator] 01.02.2015 09:37:43 mbar-log-2015-02-01 (09-37-43).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 334468 Time elapsed: 13 minute(s), 4 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Ich hab den Log von TDSS aber der ist ja so riesig das ich das bestimmt auf 5 mal teilen muss Code:
ATTFilter 10:03:00.0475 0x1364 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:03:31.0357 0x1364 ============================================================
10:03:31.0358 0x1364 Current date / time: 2015/02/01 10:03:31.0357
10:03:31.0358 0x1364 SystemInfo:
10:03:31.0358 0x1364
10:03:31.0358 0x1364 OS Version: 6.1.7601 ServicePack: 1.0
10:03:31.0358 0x1364 Product type: Workstation
10:03:31.0358 0x1364 ComputerName: SANDRAWEILNAU
10:03:31.0358 0x1364 UserName: Sandra Weilnau
10:03:31.0358 0x1364 Windows directory: C:\Windows
10:03:31.0358 0x1364 System windows directory: C:\Windows
10:03:31.0358 0x1364 Running under WOW64
10:03:31.0358 0x1364 Processor architecture: Intel x64
10:03:31.0358 0x1364 Number of processors: 2
10:03:31.0358 0x1364 Page size: 0x1000
10:03:31.0358 0x1364 Boot type: Normal boot
10:03:31.0358 0x1364 ============================================================
10:03:32.0189 0x1364 KLMD registered as C:\Windows\system32\drivers\76823833.sys
10:03:32.0690 0x1364 System UUID: {02FA8625-3663-D95B-3AF6-FDF3999C9616}
10:03:33.0336 0x1364 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:03:33.0375 0x1364 ============================================================
10:03:33.0376 0x1364 \Device\Harddisk0\DR0:
10:03:33.0382 0x1364 MBR partitions:
10:03:33.0382 0x1364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2A000
10:03:33.0382 0x1364 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
10:03:33.0382 0x1364 ============================================================
10:03:33.0409 0x1364 C: <-> \Device\Harddisk0\DR0\Partition2
10:03:33.0426 0x1364 E: <-> \Device\Harddisk0\DR0\Partition1
10:03:33.0427 0x1364 ============================================================
10:03:33.0427 0x1364 Initialize success
10:03:33.0427 0x1364 ============================================================
10:03:54.0305 0x1534 ============================================================
10:03:54.0305 0x1534 Scan started
10:03:54.0305 0x1534 Mode: Manual;
10:03:54.0305 0x1534 ============================================================
10:03:54.0305 0x1534 KSN ping started
10:03:59.0861 0x1534 KSN ping finished: true
10:04:00.0789 0x1534 ================ Scan system memory ========================
10:04:00.0790 0x1534 System memory - ok
Code:
ATTFilter 10:04:00.0791 0x1534 ================ Scan services =============================
10:04:00.0946 0x1534 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:04:00.0953 0x1534 1394ohci - ok
10:04:01.0038 0x1534 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:04:01.0049 0x1534 ACPI - ok
10:04:01.0107 0x1534 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:04:01.0108 0x1534 AcpiPmi - ok
10:04:01.0257 0x1534 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:04:01.0260 0x1534 AdobeARMservice - ok
10:04:01.0427 0x1534 [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:04:01.0434 0x1534 AdobeFlashPlayerUpdateSvc - ok
10:04:01.0510 0x1534 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:04:01.0527 0x1534 adp94xx - ok
10:04:01.0560 0x1534 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:04:01.0569 0x1534 adpahci - ok
10:04:01.0587 0x1534 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:04:01.0592 0x1534 adpu320 - ok
10:04:01.0647 0x1534 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:04:01.0654 0x1534 AeLookupSvc - ok
10:04:01.0722 0x1534 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:04:01.0740 0x1534 AFD - ok
10:04:01.0802 0x1534 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:04:01.0805 0x1534 agp440 - ok
10:04:01.0823 0x1534 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:04:01.0827 0x1534 ALG - ok
10:04:01.0885 0x1534 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:04:01.0886 0x1534 aliide - ok
10:04:01.0911 0x1534 [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:04:01.0916 0x1534 AMD External Events Utility - ok
10:04:01.0963 0x1534 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:04:01.0965 0x1534 amdide - ok
10:04:02.0023 0x1534 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:04:02.0026 0x1534 AmdK8 - ok
10:04:02.0056 0x1534 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:04:02.0058 0x1534 AmdPPM - ok
10:04:02.0110 0x1534 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:04:02.0114 0x1534 amdsata - ok
10:04:02.0135 0x1534 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:04:02.0140 0x1534 amdsbs - ok
10:04:02.0157 0x1534 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:04:02.0159 0x1534 amdxata - ok
10:04:02.0218 0x1534 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:04:02.0222 0x1534 AppID - ok
10:04:02.0271 0x1534 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:04:02.0285 0x1534 AppIDSvc - ok
10:04:02.0344 0x1534 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:04:02.0346 0x1534 Appinfo - ok
10:04:02.0510 0x1534 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:04:02.0516 0x1534 Apple Mobile Device - ok
10:04:02.0579 0x1534 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:04:02.0584 0x1534 arc - ok
10:04:02.0610 0x1534 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:04:02.0614 0x1534 arcsas - ok
10:04:02.0766 0x1534 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:04:02.0769 0x1534 aspnet_state - ok
10:04:02.0801 0x1534 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:04:02.0804 0x1534 AsyncMac - ok
10:04:02.0850 0x1534 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:04:02.0851 0x1534 atapi - ok
10:04:03.0040 0x1534 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:04:03.0194 0x1534 atikmdag - ok
10:04:03.0301 0x1534 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:04:03.0321 0x1534 AudioEndpointBuilder - ok
10:04:03.0340 0x1534 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:04:03.0351 0x1534 AudioSrv - ok
10:04:03.0393 0x1534 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
10:04:03.0395 0x1534 avmeject - ok
10:04:03.0456 0x1534 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:04:03.0459 0x1534 AxInstSV - ok
10:04:03.0527 0x1534 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:04:03.0537 0x1534 b06bdrv - ok
10:04:03.0581 0x1534 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:04:03.0588 0x1534 b57nd60a - ok
10:04:03.0660 0x1534 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:04:03.0664 0x1534 BDESVC - ok
10:04:03.0711 0x1534 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:04:03.0712 0x1534 Beep - ok
10:04:03.0833 0x1534 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:04:03.0856 0x1534 BFE - ok
10:04:03.0890 0x1534 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:04:03.0909 0x1534 BITS - ok
Code:
ATTFilter 10:04:03.0929 0x1534 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:04:03.0931 0x1534 blbdrive - ok
10:04:04.0041 0x1534 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:04:04.0053 0x1534 Bonjour Service - ok
10:04:04.0103 0x1534 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:04:04.0106 0x1534 bowser - ok
10:04:04.0137 0x1534 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:04:04.0139 0x1534 BrFiltLo - ok
10:04:04.0155 0x1534 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:04:04.0157 0x1534 BrFiltUp - ok
10:04:04.0208 0x1534 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:04:04.0212 0x1534 Browser - ok
10:04:04.0236 0x1534 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:04:04.0243 0x1534 Brserid - ok
10:04:04.0257 0x1534 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:04:04.0259 0x1534 BrSerWdm - ok
10:04:04.0269 0x1534 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:04:04.0271 0x1534 BrUsbMdm - ok
10:04:04.0285 0x1534 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:04:04.0287 0x1534 BrUsbSer - ok
10:04:04.0313 0x1534 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:04:04.0315 0x1534 BTHMODEM - ok
10:04:04.0384 0x1534 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:04:04.0387 0x1534 bthserv - ok
10:04:04.0413 0x1534 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:04:04.0416 0x1534 cdfs - ok
10:04:04.0492 0x1534 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:04:04.0503 0x1534 cdrom - ok
10:04:04.0581 0x1534 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:04:04.0585 0x1534 CertPropSvc - ok
10:04:04.0640 0x1534 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:04:04.0645 0x1534 circlass - ok
10:04:04.0683 0x1534 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:04:04.0696 0x1534 CLFS - ok
10:04:04.0776 0x1534 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:04.0782 0x1534 clr_optimization_v2.0.50727_32 - ok
10:04:04.0854 0x1534 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:04:04.0863 0x1534 clr_optimization_v2.0.50727_64 - ok
10:04:04.0968 0x1534 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:04.0971 0x1534 clr_optimization_v4.0.30319_32 - ok
10:04:05.0002 0x1534 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:04:05.0005 0x1534 clr_optimization_v4.0.30319_64 - ok
10:04:05.0056 0x1534 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:04:05.0058 0x1534 CmBatt - ok
10:04:05.0074 0x1534 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:04:05.0076 0x1534 cmdide - ok
10:04:05.0143 0x1534 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:04:05.0153 0x1534 CNG - ok
10:04:05.0168 0x1534 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:04:05.0170 0x1534 Compbatt - ok
10:04:05.0226 0x1534 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:04:05.0230 0x1534 CompositeBus - ok
10:04:05.0245 0x1534 COMSysApp - ok
10:04:05.0261 0x1534 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:04:05.0262 0x1534 crcdisk - ok
10:04:05.0328 0x1534 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:04:05.0333 0x1534 CryptSvc - ok
10:04:05.0402 0x1534 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:04:05.0414 0x1534 DcomLaunch - ok
10:04:05.0481 0x1534 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:04:05.0488 0x1534 defragsvc - ok
10:04:05.0549 0x1534 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:04:05.0560 0x1534 DfsC - ok
10:04:05.0592 0x1534 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:04:05.0601 0x1534 Dhcp - ok
10:04:05.0615 0x1534 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:04:05.0617 0x1534 discache - ok
10:04:05.0643 0x1534 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:04:05.0647 0x1534 Disk - ok
10:04:05.0703 0x1534 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:04:05.0708 0x1534 Dnscache - ok
10:04:05.0775 0x1534 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:04:05.0784 0x1534 dot3svc - ok
10:04:05.0859 0x1534 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:04:05.0865 0x1534 DPS - ok
10:04:05.0921 0x1534 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:04:05.0923 0x1534 drmkaud - ok
10:04:05.0984 0x1534 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:04:06.0006 0x1534 DXGKrnl - ok
10:04:06.0073 0x1534 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:04:06.0080 0x1534 EapHost - ok
10:04:06.0230 0x1534 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:04:06.0315 0x1534 ebdrv - ok
10:04:06.0370 0x1534 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
10:04:06.0372 0x1534 EFS - ok
10:04:06.0475 0x1534 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:04:06.0498 0x1534 ehRecvr - ok
10:04:06.0566 0x1534 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:04:06.0577 0x1534 ehSched - ok
10:04:06.0664 0x1534 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:04:06.0676 0x1534 elxstor - ok
10:04:06.0727 0x1534 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:04:06.0728 0x1534 ErrDev - ok
10:04:06.0792 0x1534 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:04:06.0801 0x1534 EventSystem - ok
10:04:06.0825 0x1534 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:04:06.0830 0x1534 exfat - ok
10:04:06.0856 0x1534 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:04:06.0861 0x1534 fastfat - ok
10:04:06.0926 0x1534 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:04:06.0942 0x1534 Fax - ok
10:04:06.0955 0x1534 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:04:06.0958 0x1534 fdc - ok
10:04:06.0975 0x1534 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:04:06.0977 0x1534 fdPHost - ok
10:04:06.0991 0x1534 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:04:06.0994 0x1534 FDResPub - ok
10:04:07.0004 0x1534 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:04:07.0007 0x1534 FileInfo - ok
10:04:07.0020 0x1534 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:04:07.0023 0x1534 Filetrace - ok
10:04:07.0044 0x1534 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:04:07.0046 0x1534 flpydisk - ok
10:04:07.0115 0x1534 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:04:07.0123 0x1534 FltMgr - ok
10:04:07.0229 0x1534 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:04:07.0281 0x1534 FontCache - ok
10:04:07.0422 0x1534 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:04:07.0431 0x1534 FontCache3.0.0.0 - ok
10:04:07.0491 0x1534 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:04:07.0494 0x1534 FsDepends - ok
10:04:07.0551 0x1534 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:04:07.0553 0x1534 Fs_Rec - ok
10:04:07.0620 0x1534 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:04:07.0630 0x1534 fvevol - ok
10:04:07.0672 0x1534 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
10:04:07.0695 0x1534 fwlanusb5 - ok
10:04:07.0722 0x1534 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:04:07.0725 0x1534 gagp30kx - ok
10:04:07.0792 0x1534 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:04:07.0796 0x1534 GEARAspiWDM - ok
10:04:07.0874 0x1534 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:04:07.0894 0x1534 gpsvc - ok
10:04:07.0924 0x1534 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:04:07.0927 0x1534 hcw85cir - ok
10:04:08.0011 0x1534 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:04:08.0020 0x1534 HdAudAddService - ok
10:04:08.0101 0x1534 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:04:08.0105 0x1534 HDAudBus - ok
10:04:08.0123 0x1534 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:04:08.0125 0x1534 HidBatt - ok
10:04:08.0146 0x1534 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:04:08.0152 0x1534 HidBth - ok
10:04:08.0163 0x1534 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:04:08.0166 0x1534 HidIr - ok
10:04:08.0218 0x1534 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:04:08.0222 0x1534 hidserv - ok
10:04:08.0283 0x1534 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:04:08.0294 0x1534 HidUsb - ok
10:04:08.0359 0x1534 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:04:08.0370 0x1534 hkmsvc - ok
10:04:08.0433 0x1534 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:04:08.0440 0x1534 HomeGroupListener - ok
10:04:08.0500 0x1534 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:04:08.0506 0x1534 HomeGroupProvider - ok
10:04:08.0579 0x1534 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:04:08.0584 0x1534 HpSAMD - ok
10:04:08.0656 0x1534 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:04:08.0674 0x1534 HTTP - ok
Code:
ATTFilter [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:04:08.0693 0x1534 hwpolicy - ok
10:04:08.0758 0x1534 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:04:08.0763 0x1534 i8042prt - ok
10:04:08.0826 0x1534 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:04:08.0836 0x1534 iaStorV - ok
10:04:08.0920 0x1534 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:04:08.0940 0x1534 idsvc - ok
10:04:08.0990 0x1534 IEEtwCollectorService - ok
10:04:09.0030 0x1534 IePluginServices - ok
10:04:09.0076 0x1534 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:04:09.0079 0x1534 iirsp - ok
10:04:09.0154 0x1534 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:04:09.0173 0x1534 IKEEXT - ok
10:04:09.0220 0x1534 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:04:09.0222 0x1534 intelide - ok
10:04:09.0249 0x1534 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:04:09.0253 0x1534 intelppm - ok
10:04:09.0300 0x1534 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:04:09.0303 0x1534 IPBusEnum - ok
10:04:09.0348 0x1534 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:04:09.0352 0x1534 IpFilterDriver - ok
10:04:09.0413 0x1534 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:04:09.0428 0x1534 iphlpsvc - ok
10:04:09.0487 0x1534 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:04:09.0492 0x1534 IPMIDRV - ok
10:04:09.0517 0x1534 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:04:09.0522 0x1534 IPNAT - ok
10:04:09.0624 0x1534 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:04:09.0643 0x1534 iPod Service - ok
10:04:09.0670 0x1534 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:04:09.0673 0x1534 IRENUM - ok
10:04:09.0890 0x1534 [ 433A1606FCC62A99E6848929198A78B1, 76DF83A5F85917BA244674A6234BECF3F9C6FE44C6F8A0B82F08616517C93922 ] iSafeKrnl C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
10:04:09.0896 0x1534 iSafeKrnl - ok
10:04:09.0956 0x1534 [ AA0E848E069F99936966E03E2C01733F, 5B8F796231C3CF4D0C2D7FC5084F1D27F19D78B6EE9181BB8315D9F8C58B3A6E ] iSafeKrnlBoot C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys
10:04:09.0958 0x1534 iSafeKrnlBoot - ok
10:04:09.0981 0x1534 [ 95178BB4E3AC2FDE16AFF7A3E4355498, 53544CC3B4E7F5F779BF8F2D77C84836AA66D678DB918456EE3EE277F109B044 ] iSafeKrnlKit C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
10:04:09.0985 0x1534 iSafeKrnlKit - ok
10:04:10.0026 0x1534 [ 13CB0B41E703E9FBE6386D4549291F83, 313B671DFC4A0C006CA6289E5399C740DF6DAC12204E6FAEDBE4D5219CD12D09 ] iSafeKrnlMon C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
10:04:10.0028 0x1534 iSafeKrnlMon - ok
10:04:10.0055 0x1534 [ 5260DF59CE11CEE7173CE864C122D9EE, DA8F0C1AE7EC5784B6E40BEB17F77A3FA401A20B94F42206F7AF4C518EF1A6DD ] iSafeKrnlR3 C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
10:04:10.0058 0x1534 iSafeKrnlR3 - ok
10:04:10.0074 0x1534 [ 8EE84CC87D67CE4DE7AF907CCA559F52, F9E93CA39F300A585A47BB9A2C916772947A0A8289A3A18AB1B2A7D9BE7615BF ] iSafeNetFilter C:\Windows\system32\DRIVERS\iSafeNetFilter.sys
10:04:10.0076 0x1534 iSafeNetFilter - ok
10:04:10.0093 0x1534 [ 1EC45DC4F84777759EB6620325FCAD89, F354DDDC9B6E84F95016D1648FA4E16BC93600BFFDEB37EACE1B0DFA3DE645A3 ] iSafeService C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
10:04:10.0095 0x1534 iSafeService - ok
10:04:10.0143 0x1534 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:04:10.0145 0x1534 isapnp - ok
10:04:10.0211 0x1534 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:04:10.0218 0x1534 iScsiPrt - ok
10:04:10.0257 0x1534 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:04:10.0264 0x1534 kbdclass - ok
10:04:10.0328 0x1534 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:04:10.0334 0x1534 kbdhid - ok
10:04:10.0349 0x1534 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
10:04:10.0351 0x1534 KeyIso - ok
10:04:10.0399 0x1534 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:04:10.0419 0x1534 KSecDD - ok
10:04:10.0473 0x1534 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:04:10.0485 0x1534 KSecPkg - ok
10:04:10.0575 0x1534 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:04:10.0577 0x1534 ksthunk - ok
10:04:10.0657 0x1534 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:04:10.0669 0x1534 KtmRm - ok
10:04:10.0736 0x1534 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:04:10.0744 0x1534 LanmanServer - ok
10:04:10.0794 0x1534 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:04:10.0799 0x1534 LanmanWorkstation - ok
10:04:10.0888 0x1534 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:04:10.0891 0x1534 lltdio - ok
10:04:10.0950 0x1534 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:04:10.0957 0x1534 lltdsvc - ok
10:04:10.0966 0x1534 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:04:10.0969 0x1534 lmhosts - ok
10:04:11.0000 0x1534 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:04:11.0004 0x1534 LSI_FC - ok
10:04:11.0024 0x1534 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:04:11.0040 0x1534 LSI_SAS - ok
10:04:11.0076 0x1534 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:04:11.0092 0x1534 LSI_SAS2 - ok
10:04:11.0107 0x1534 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:04:11.0111 0x1534 LSI_SCSI - ok
10:04:11.0140 0x1534 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:04:11.0144 0x1534 luafv - ok
10:04:11.0199 0x1534 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:04:11.0205 0x1534 Mcx2Svc - ok
10:04:11.0226 0x1534 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:04:11.0229 0x1534 megasas - ok
10:04:11.0256 0x1534 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:04:11.0274 0x1534 MegaSR - ok
10:04:11.0356 0x1534 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:04:11.0359 0x1534 MMCSS - ok
10:04:11.0398 0x1534 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:04:11.0401 0x1534 Modem - ok
10:04:11.0467 0x1534 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:04:11.0484 0x1534 monitor - ok
10:04:11.0507 0x1534 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:04:11.0512 0x1534 mouclass - ok
10:04:11.0548 0x1534 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:04:11.0554 0x1534 mouhid - ok
10:04:11.0604 0x1534 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:04:11.0612 0x1534 mountmgr - ok
10:04:11.0725 0x1534 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:04:11.0728 0x1534 MozillaMaintenance - ok
10:04:11.0815 0x1534 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:04:11.0821 0x1534 MpFilter - ok
10:04:11.0881 0x1534 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:04:11.0885 0x1534 mpio - ok
10:04:11.0963 0x1534 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:04:11.0970 0x1534 mpsdrv - ok
10:04:12.0050 0x1534 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:04:12.0073 0x1534 MpsSvc - ok
10:04:12.0124 0x1534 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:04:12.0129 0x1534 MRxDAV - ok
10:04:12.0188 0x1534 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:04:12.0193 0x1534 mrxsmb - ok
10:04:12.0213 0x1534 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:04:12.0220 0x1534 mrxsmb10 - ok
10:04:12.0275 0x1534 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:04:12.0280 0x1534 mrxsmb20 - ok
10:04:12.0335 0x1534 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:04:12.0337 0x1534 msahci - ok
10:04:12.0413 0x1534 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:04:12.0418 0x1534 msdsm - ok
10:04:12.0480 0x1534 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:04:12.0484 0x1534 MSDTC - ok
10:04:12.0532 0x1534 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:04:12.0534 0x1534 Msfs - ok
10:04:12.0554 0x1534 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:04:12.0556 0x1534 mshidkmdf - ok
10:04:12.0621 0x1534 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:04:12.0625 0x1534 msisadrv - ok
10:04:12.0694 0x1534 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:04:12.0700 0x1534 MSiSCSI - ok
10:04:12.0705 0x1534 msiserver - ok
10:04:12.0731 0x1534 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:04:12.0733 0x1534 MSKSSRV - ok
10:04:12.0853 0x1534 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:04:12.0854 0x1534 MsMpSvc - ok
10:04:12.0878 0x1534 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:04:12.0882 0x1534 MSPCLOCK - ok
10:04:12.0897 0x1534 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:04:12.0901 0x1534 MSPQM - ok
10:04:12.0979 0x1534 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:04:12.0991 0x1534 MsRPC - ok
10:04:13.0044 0x1534 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:04:13.0051 0x1534 mssmbios - ok
10:04:13.0083 0x1534 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:04:13.0086 0x1534 MSTEE - ok
10:04:13.0096 0x1534 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:04:13.0098 0x1534 MTConfig - ok
10:04:13.0119 0x1534 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:04:13.0122 0x1534 Mup - ok
10:04:13.0186 0x1534 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:04:13.0197 0x1534 napagent - ok
10:04:13.0235 0x1534 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:04:13.0242 0x1534 NativeWifiP - ok
10:04:13.0349 0x1534 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:04:13.0372 0x1534 NDIS - ok
10:04:13.0383 0x1534 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:04:13.0386 0x1534 NdisCap - ok
10:04:13.0413 0x1534 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:04:13.0415 0x1534 NdisTapi - ok
10:04:13.0463 0x1534 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:04:13.0466 0x1534 Ndisuio - ok
10:04:13.0518 0x1534 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:04:13.0523 0x1534 NdisWan - ok
10:04:13.0574 0x1534 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:04:13.0577 0x1534 NDProxy - ok
10:04:13.0582 0x1534 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:04:13.0584 0x1534 NetBIOS - ok
10:04:13.0640 0x1534 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:04:13.0646 0x1534 NetBT - ok
10:04:13.0681 0x1534 [ 9E34BF0784E087F7366DBD2BDA01C8EB, 299B4D9DFFC409FDC8AB8678190164E286D16A93F8FEBCE1DA649D2F748A0D1D ] netfilter64 C:\Windows\system32\drivers\netfilter64.sys
10:04:13.0684 0x1534 netfilter64 - ok
10:04:13.0696 0x1534 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
10:04:13.0697 0x1534 Netlogon - ok
10:04:13.0755 0x1534 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:04:13.0764 0x1534 Netman - ok
10:04:13.0812 0x1534 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0816 0x1534 NetMsmqActivator - ok
10:04:13.0822 0x1534 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0825 0x1534 NetPipeActivator - ok
10:04:13.0846 0x1534 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:04:13.0857 0x1534 netprofm - ok
10:04:13.0865 0x1534 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0868 0x1534 NetTcpActivator - ok
10:04:13.0874 0x1534 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0877 0x1534 NetTcpPortSharing - ok
10:04:13.0924 0x1534 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:04:13.0927 0x1534 nfrd960 - ok
10:04:14.0010 0x1534 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:04:14.0020 0x1534 NisDrv - ok
10:04:14.0080 0x1534 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:04:14.0090 0x1534 NisSrv - ok
10:04:14.0138 0x1534 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:04:14.0146 0x1534 NlaSvc - ok
10:04:14.0161 0x1534 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:04:14.0164 0x1534 Npfs - ok
10:04:14.0215 0x1534 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:04:14.0219 0x1534 nsi - ok
10:04:14.0247 0x1534 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:04:14.0250 0x1534 nsiproxy - ok
10:04:14.0387 0x1534 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:04:14.0447 0x1534 Ntfs - ok
10:04:14.0482 0x1534 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:04:14.0483 0x1534 Null - ok
10:04:14.0502 0x1534 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:04:14.0506 0x1534 nvraid - ok
10:04:14.0555 0x1534 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:04:14.0562 0x1534 nvstor - ok
10:04:14.0616 0x1534 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:04:14.0620 0x1534 nv_agp - ok
10:04:14.0663 0x1534 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:04:14.0666 0x1534 ohci1394 - ok
10:04:14.0719 0x1534 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:04:14.0727 0x1534 p2pimsvc - ok
10:04:14.0746 0x1534 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:04:14.0757 0x1534 p2psvc - ok
10:04:14.0781 0x1534 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:04:14.0785 0x1534 Parport - ok
10:04:14.0833 0x1534 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:04:14.0836 0x1534 partmgr - ok
10:04:14.0849 0x1534 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:04:14.0854 0x1534 PcaSvc - ok
10:04:14.0869 0x1534 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:04:14.0874 0x1534 pci - ok
10:04:14.0928 0x1534 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:04:14.0930 0x1534 pciide - ok
10:04:14.0956 0x1534 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:04:14.0961 0x1534 pcmcia - ok
10:04:14.0979 0x1534 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:04:14.0981 0x1534 pcw - ok
10:04:15.0010 0x1534 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:04:15.0025 0x1534 PEAUTH - ok
10:04:15.0109 0x1534 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:04:15.0111 0x1534 PerfHost - ok
10:04:15.0202 0x1534 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:04:15.0244 0x1534 pla - ok
10:04:15.0321 0x1534 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:04:15.0331 0x1534 PlugPlay - ok
10:04:15.0382 0x1534 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:04:15.0386 0x1534 PNRPAutoReg - ok
10:04:15.0410 0x1534 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:04:15.0416 0x1534 PNRPsvc - ok
10:04:15.0475 0x1534 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:04:15.0486 0x1534 PolicyAgent - ok
|
|
01.02.2015, 11:01
| #6 |
| | Trojaner/Viren Infizierung per Post von der TelekomCode:
ATTFilter 10:04:15.0548 0x1534 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:04:15.0571 0x1534 Power - ok
10:04:15.0634 0x1534 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:04:15.0639 0x1534 PptpMiniport - ok
10:04:15.0689 0x1534 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:04:15.0692 0x1534 Processor - ok
10:04:15.0761 0x1534 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:04:15.0767 0x1534 ProfSvc - ok
10:04:15.0777 0x1534 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:04:15.0778 0x1534 ProtectedStorage - ok
10:04:15.0832 0x1534 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:04:15.0836 0x1534 Psched - ok
10:04:15.0894 0x1534 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:04:15.0943 0x1534 ql2300 - ok
10:04:15.0958 0x1534 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:04:15.0962 0x1534 ql40xx - ok
10:04:16.0025 0x1534 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:04:16.0040 0x1534 QWAVE - ok
10:04:16.0060 0x1534 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:04:16.0063 0x1534 QWAVEdrv - ok
10:04:16.0079 0x1534 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:04:16.0081 0x1534 RasAcd - ok
10:04:16.0103 0x1534 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:04:16.0106 0x1534 RasAgileVpn - ok
10:04:16.0115 0x1534 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:04:16.0120 0x1534 RasAuto - ok
10:04:16.0173 0x1534 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:04:16.0177 0x1534 Rasl2tp - ok
10:04:16.0194 0x1534 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:04:16.0205 0x1534 RasMan - ok
10:04:16.0220 0x1534 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:04:16.0224 0x1534 RasPppoe - ok
10:04:16.0239 0x1534 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:04:16.0242 0x1534 RasSstp - ok
10:04:16.0298 0x1534 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:04:16.0306 0x1534 rdbss - ok
10:04:16.0326 0x1534 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:04:16.0327 0x1534 rdpbus - ok
10:04:16.0343 0x1534 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:04:16.0345 0x1534 RDPCDD - ok
10:04:16.0369 0x1534 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:04:16.0371 0x1534 RDPENCDD - ok
10:04:16.0387 0x1534 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:04:16.0389 0x1534 RDPREFMP - ok
10:04:16.0493 0x1534 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:04:16.0495 0x1534 RdpVideoMiniport - ok
10:04:16.0549 0x1534 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:04:16.0555 0x1534 RDPWD - ok
10:04:16.0614 0x1534 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:04:16.0619 0x1534 rdyboost - ok
10:04:16.0662 0x1534 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:04:16.0666 0x1534 RemoteAccess - ok
10:04:16.0719 0x1534 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:04:16.0724 0x1534 RemoteRegistry - ok
10:04:16.0740 0x1534 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:04:16.0743 0x1534 RpcEptMapper - ok
10:04:16.0795 0x1534 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:04:16.0797 0x1534 RpcLocator - ok
10:04:16.0881 0x1534 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:04:16.0898 0x1534 RpcSs - ok
10:04:16.0958 0x1534 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:04:16.0962 0x1534 rspndr - ok
10:04:17.0021 0x1534 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:04:17.0034 0x1534 RTL8167 - ok
10:04:17.0042 0x1534 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
10:04:17.0043 0x1534 SamSs - ok
10:04:17.0089 0x1534 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:04:17.0092 0x1534 sbp2port - ok
10:04:17.0148 0x1534 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:04:17.0166 0x1534 SCardSvr - ok
10:04:17.0215 0x1534 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:04:17.0217 0x1534 scfilter - ok
10:04:17.0296 0x1534 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:04:17.0331 0x1534 Schedule - ok
10:04:17.0383 0x1534 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:04:17.0385 0x1534 SCPolicySvc - ok
10:04:17.0438 0x1534 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:04:17.0444 0x1534 SDRSVC - ok
10:04:17.0501 0x1534 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:04:17.0503 0x1534 secdrv - ok
10:04:17.0516 0x1534 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:04:17.0519 0x1534 seclogon - ok
10:04:17.0533 0x1534 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:04:17.0536 0x1534 SENS - ok
10:04:17.0554 0x1534 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:04:17.0560 0x1534 SensrSvc - ok
10:04:17.0569 0x1534 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:04:17.0572 0x1534 Serenum - ok
10:04:17.0590 0x1534 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:04:17.0594 0x1534 Serial - ok
10:04:17.0644 0x1534 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:04:17.0646 0x1534 sermouse - ok
10:04:17.0712 0x1534 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:04:17.0716 0x1534 SessionEnv - ok
10:04:17.0762 0x1534 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:04:17.0764 0x1534 sffdisk - ok
10:04:17.0813 0x1534 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:04:17.0817 0x1534 sffp_mmc - ok
10:04:17.0876 0x1534 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:04:17.0878 0x1534 sffp_sd - ok
10:04:17.0895 0x1534 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:04:17.0897 0x1534 sfloppy - ok
10:04:17.0955 0x1534 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:04:17.0965 0x1534 SharedAccess - ok
10:04:18.0017 0x1534 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:04:18.0026 0x1534 ShellHWDetection - ok
10:04:18.0046 0x1534 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:04:18.0048 0x1534 SiSRaid2 - ok
10:04:18.0064 0x1534 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:04:18.0067 0x1534 SiSRaid4 - ok
10:04:18.0092 0x1534 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:04:18.0096 0x1534 Smb - ok
10:04:18.0165 0x1534 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:04:18.0167 0x1534 SNMPTRAP - ok
10:04:18.0175 0x1534 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:04:18.0177 0x1534 spldr - ok
10:04:18.0237 0x1534 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:04:18.0249 0x1534 Spooler - ok
10:04:18.0412 0x1534 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:04:18.0501 0x1534 sppsvc - ok
10:04:18.0519 0x1534 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:04:18.0523 0x1534 sppuinotify - ok
10:04:18.0581 0x1534 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:04:18.0591 0x1534 srv - ok
10:04:18.0651 0x1534 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:04:18.0660 0x1534 srv2 - ok
10:04:18.0714 0x1534 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:04:18.0718 0x1534 srvnet - ok
10:04:18.0732 0x1534 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:04:18.0738 0x1534 SSDPSRV - ok
10:04:18.0750 0x1534 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:04:18.0754 0x1534 SstpSvc - ok
10:04:18.0803 0x1534 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:04:18.0849 0x1534 stexstor - ok
10:04:18.0945 0x1534 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:04:18.0966 0x1534 stisvc - ok
10:04:19.0002 0x1534 [ 1A6636D0E7E38CEB2B6B2E00AC17A4AF, 6649E824E6C0CD3FAC84BB395A340170807068A290E6F2A1CE84CB803FD684C9 ] SupraSavingsService64 C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
10:04:19.0006 0x1534 SupraSavingsService64 - ok
10:04:19.0052 0x1534 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:04:19.0053 0x1534 swenum - ok
10:04:19.0133 0x1534 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:04:19.0152 0x1534 swprv - ok
10:04:19.0249 0x1534 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:04:19.0300 0x1534 SysMain - ok
10:04:19.0353 0x1534 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:04:19.0356 0x1534 TabletInputService - ok
10:04:19.0378 0x1534 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:04:19.0386 0x1534 TapiSrv - ok
10:04:19.0399 0x1534 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:04:19.0403 0x1534 TBS - ok
10:04:19.0494 0x1534 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:04:19.0545 0x1534 Tcpip - ok
10:04:19.0618 0x1534 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:04:19.0652 0x1534 TCPIP6 - ok
10:04:19.0706 0x1534 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:04:19.0712 0x1534 tcpipreg - ok
10:04:19.0772 0x1534 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:04:19.0774 0x1534 TDPIPE - ok
10:04:19.0797 0x1534 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:04:19.0799 0x1534 TDTCP - ok
10:04:19.0873 0x1534 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:04:19.0879 0x1534 tdx - ok
10:04:19.0932 0x1534 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:04:19.0936 0x1534 TermDD - ok
10:04:20.0003 0x1534 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:04:20.0019 0x1534 TermService - ok
10:04:20.0062 0x1534 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:04:20.0065 0x1534 Themes - ok
10:04:20.0114 0x1534 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:04:20.0116 0x1534 THREADORDER - ok
10:04:20.0136 0x1534 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:04:20.0140 0x1534 TrkWks - ok
10:04:20.0212 0x1534 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:04:20.0216 0x1534 TrustedInstaller - ok
10:04:20.0264 0x1534 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:04:20.0266 0x1534 tssecsrv - ok
10:04:20.0329 0x1534 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:04:20.0332 0x1534 TsUsbFlt - ok
10:04:20.0401 0x1534 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:04:20.0405 0x1534 tunnel - ok
10:04:20.0459 0x1534 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:04:20.0467 0x1534 uagp35 - ok
10:04:20.0500 0x1534 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:04:20.0510 0x1534 udfs - ok
10:04:20.0565 0x1534 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:04:20.0569 0x1534 UI0Detect - ok
10:04:20.0584 0x1534 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:04:20.0588 0x1534 uliagpkx - ok
10:04:20.0648 0x1534 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:04:20.0651 0x1534 umbus - ok
10:04:20.0668 0x1534 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:04:20.0670 0x1534 UmPass - ok
10:04:20.0708 0x1534 Update EnterDigital - ok
10:04:20.0728 0x1534 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:04:20.0738 0x1534 upnphost - ok
10:04:20.0789 0x1534 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:04:20.0792 0x1534 USBAAPL64 - ok
10:04:20.0855 0x1534 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:04:20.0864 0x1534 usbccgp - ok
10:04:20.0908 0x1534 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:04:20.0914 0x1534 usbcir - ok
10:04:20.0935 0x1534 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:04:20.0939 0x1534 usbehci - ok
10:04:20.0957 0x1534 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:04:20.0966 0x1534 usbhub - ok
10:04:20.0981 0x1534 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:04:20.0984 0x1534 usbohci - ok
10:04:21.0038 0x1534 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:04:21.0042 0x1534 usbprint - ok
10:04:21.0103 0x1534 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:04:21.0106 0x1534 USBSTOR - ok
10:04:21.0161 0x1534 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:04:21.0165 0x1534 usbuhci - ok
10:04:21.0214 0x1534 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:04:21.0219 0x1534 UxSms - ok
10:04:21.0238 0x1534 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
10:04:21.0240 0x1534 VaultSvc - ok
10:04:21.0249 0x1534 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:04:21.0251 0x1534 vdrvroot - ok
10:04:21.0308 0x1534 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:04:21.0321 0x1534 vds - ok
10:04:21.0369 0x1534 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:04:21.0371 0x1534 vga - ok
10:04:21.0384 0x1534 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:04:21.0386 0x1534 VgaSave - ok
10:04:21.0439 0x1534 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:04:21.0444 0x1534 vhdmp - ok
10:04:21.0492 0x1534 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:04:21.0495 0x1534 viaide - ok
10:04:21.0504 0x1534 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:04:21.0507 0x1534 volmgr - ok
10:04:21.0579 0x1534 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:04:21.0593 0x1534 volmgrx - ok
10:04:21.0651 0x1534 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:04:21.0660 0x1534 volsnap - ok
10:04:21.0689 0x1534 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:04:21.0693 0x1534 vsmraid - ok
10:04:21.0782 0x1534 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:04:21.0823 0x1534 VSS - ok
10:04:21.0835 0x1534 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:04:21.0837 0x1534 vwifibus - ok
10:04:21.0860 0x1534 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:04:21.0863 0x1534 vwififlt - ok
10:04:21.0943 0x1534 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:04:21.0960 0x1534 W32Time - ok
10:04:21.0981 0x1534 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:04:21.0983 0x1534 WacomPen - ok
10:04:22.0049 0x1534 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:04:22.0053 0x1534 WANARP - ok
10:04:22.0058 0x1534 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:04:22.0060 0x1534 Wanarpv6 - ok
10:04:22.0136 0x1534 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:04:22.0179 0x1534 wbengine - ok
10:04:22.0192 0x1534 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:04:22.0198 0x1534 WbioSrvc - ok
10:04:22.0250 0x1534 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:04:22.0259 0x1534 wcncsvc - ok
10:04:22.0278 0x1534 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:04:22.0282 0x1534 WcsPlugInService - ok
10:04:22.0325 0x1534 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:04:22.0327 0x1534 Wd - ok
10:04:22.0388 0x1534 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:04:22.0406 0x1534 Wdf01000 - ok
10:04:22.0423 0x1534 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:04:22.0427 0x1534 WdiServiceHost - ok
10:04:22.0433 0x1534 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:04:22.0436 0x1534 WdiSystemHost - ok
10:04:22.0492 0x1534 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:04:22.0499 0x1534 WebClient - ok
10:04:22.0514 0x1534 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:04:22.0521 0x1534 Wecsvc - ok
10:04:22.0536 0x1534 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:04:22.0540 0x1534 wercplsupport - ok
10:04:22.0559 0x1534 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:04:22.0578 0x1534 WerSvc - ok
10:04:22.0646 0x1534 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:04:22.0649 0x1534 WfpLwf - ok
10:04:22.0688 0x1534 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:04:22.0690 0x1534 WIMMount - ok
10:04:22.0751 0x1534 WinDefend - ok
10:04:22.0797 0x1534 WindowsMangerProtect - ok
10:04:22.0801 0x1534 WinHttpAutoProxySvc - ok
10:04:22.0875 0x1534 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:04:22.0881 0x1534 Winmgmt - ok
10:04:23.0000 0x1534 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:04:23.0055 0x1534 WinRM - ok
10:04:23.0133 0x1534 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:04:23.0135 0x1534 WinUsb - ok
10:04:23.0201 0x1534 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:04:23.0222 0x1534 Wlansvc - ok
10:04:23.0331 0x1534 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:04:23.0370 0x1534 wlidsvc - ok
10:04:23.0433 0x1534 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:04:23.0435 0x1534 WmiAcpi - ok
10:04:23.0499 0x1534 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:04:23.0504 0x1534 wmiApSrv - ok
10:04:23.0521 0x1534 WMPNetworkSvc - ok
10:04:23.0573 0x1534 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:04:23.0578 0x1534 WPCSvc - ok
10:04:23.0639 0x1534 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:04:23.0645 0x1534 WPDBusEnum - ok
10:04:23.0703 0x1534 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:04:23.0707 0x1534 ws2ifsl - ok
10:04:23.0740 0x1534 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:04:23.0744 0x1534 wscsvc - ok
10:04:23.0749 0x1534 WSearch - ok
10:04:23.0911 0x1534 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
10:04:23.0980 0x1534 wuauserv - ok
10:04:24.0039 0x1534 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:04:24.0043 0x1534 WudfPf - ok
10:04:24.0057 0x1534 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:04:24.0062 0x1534 WUDFRd - ok
10:04:24.0113 0x1534 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:04:24.0117 0x1534 wudfsvc - ok
10:04:24.0171 0x1534 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:04:24.0178 0x1534 WwanSvc - ok
10:04:24.0199 0x1534 ================ Scan global ===============================
10:04:24.0227 0x1534 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:04:24.0289 0x1534 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:04:24.0302 0x1534 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:04:24.0349 0x1534 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:04:24.0403 0x1534 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:04:24.0411 0x1534 [ Global ] - ok
10:04:24.0412 0x1534 ================ Scan MBR ==================================
10:04:24.0417 0x1534 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:04:24.0549 0x1534 \Device\Harddisk0\DR0 - ok
10:04:24.0552 0x1534 ================ Scan VBR ==================================
10:04:24.0553 0x1534 [ 165AFBE9DB6734817E9C60ECB340A5CA ] \Device\Harddisk0\DR0\Partition1
10:04:24.0554 0x1534 \Device\Harddisk0\DR0\Partition1 - ok
10:04:24.0562 0x1534 [ F2393307D2C6853D77840921D21F94C8 ] \Device\Harddisk0\DR0\Partition2
10:04:24.0563 0x1534 \Device\Harddisk0\DR0\Partition2 - ok
10:04:24.0567 0x1534 ================ Scan generic autorun ======================
10:04:24.0681 0x1534 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:04:24.0704 0x1534 MSC - ok
10:04:24.0749 0x1534 [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
10:04:24.0768 0x1534 AVMWlanClient - ok
10:04:24.0835 0x1534 [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:04:24.0843 0x1534 SunJavaUpdateSched - ok
10:04:24.0948 0x1534 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:04:24.0952 0x1534 iTunesHelper - ok
10:04:25.0023 0x1534 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:04:25.0032 0x1534 QuickTime Task - ok
10:04:25.0117 0x1534 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:04:25.0149 0x1534 Sidebar - ok
10:04:25.0198 0x1534 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:04:25.0202 0x1534 mctadmin - ok
10:04:25.0250 0x1534 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:04:25.0268 0x1534 Sidebar - ok
10:04:25.0276 0x1534 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:04:25.0278 0x1534 mctadmin - ok
10:04:25.0279 0x1534 Waiting for KSN requests completion. In queue: 322
10:04:26.0279 0x1534 Waiting for KSN requests completion. In queue: 322
10:04:27.0279 0x1534 Waiting for KSN requests completion. In queue: 289
10:04:28.0279 0x1534 Waiting for KSN requests completion. In queue: 289
10:04:29.0279 0x1534 Waiting for KSN requests completion. In queue: 28
10:04:30.0279 0x1534 Waiting for KSN requests completion. In queue: 28
10:04:31.0279 0x1534 Waiting for KSN requests completion. In queue: 28
10:04:32.0279 0x1534 Waiting for KSN requests completion. In queue: 28
10:04:33.0299 0x1534 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:04:33.0338 0x1534 Win FW state via NFP2: enabled
10:04:35.0743 0x1534 ============================================================
10:04:35.0743 0x1534 Scan finished
10:04:35.0743 0x1534 ============================================================
10:04:35.0767 0x16c0 Detected object count: 0
10:04:35.0767 0x16c0 Actual detected object count: 0
10:04:49.0299 0x11b8 ============================================================
10:04:49.0299 0x11b8 Scan started
10:04:49.0299 0x11b8 Mode: Manual;
10:04:49.0299 0x11b8 ============================================================
10:04:49.0299 0x11b8 KSN ping started
10:04:51.0670 0x11b8 KSN ping finished: true
10:04:52.0670 0x11b8 ================ Scan system memory ========================
10:04:52.0670 0x11b8 System memory - ok
10:04:52.0670 0x11b8 ================ Scan services =============================
10:04:52.0810 0x11b8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:04:52.0820 0x11b8 1394ohci - ok
10:04:52.0900 0x11b8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:04:52.0910 0x11b8 ACPI - ok
10:04:52.0970 0x11b8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:04:52.0970 0x11b8 AcpiPmi - ok
10:04:53.0100 0x11b8 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:04:53.0100 0x11b8 AdobeARMservice - ok
10:04:53.0240 0x11b8 [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:04:53.0250 0x11b8 AdobeFlashPlayerUpdateSvc - ok
10:04:53.0330 0x11b8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:04:53.0340 0x11b8 adp94xx - ok
10:04:53.0370 0x11b8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:04:53.0370 0x11b8 adpahci - ok
10:04:53.0400 0x11b8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:04:53.0400 0x11b8 adpu320 - ok
10:04:53.0440 0x11b8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:04:53.0450 0x11b8 AeLookupSvc - ok
10:04:53.0510 0x11b8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:04:53.0520 0x11b8 AFD - ok
10:04:53.0570 0x11b8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:04:53.0570 0x11b8 agp440 - ok
10:04:53.0580 0x11b8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:04:53.0580 0x11b8 ALG - ok
10:04:53.0630 0x11b8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:04:53.0630 0x11b8 aliide - ok
10:04:53.0650 0x11b8 [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:04:53.0660 0x11b8 AMD External Events Utility - ok
10:04:53.0710 0x11b8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:04:53.0710 0x11b8 amdide - ok
10:04:53.0770 0x11b8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:04:53.0770 0x11b8 AmdK8 - ok
10:04:53.0780 0x11b8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:04:53.0780 0x11b8 AmdPPM - ok
10:04:53.0840 0x11b8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:04:53.0840 0x11b8 amdsata - ok
10:04:53.0860 0x11b8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:04:53.0860 0x11b8 amdsbs - ok
10:04:53.0880 0x11b8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:04:53.0880 0x11b8 amdxata - ok
10:04:53.0940 0x11b8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:04:53.0940 0x11b8 AppID - ok
10:04:54.0000 0x11b8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:04:54.0000 0x11b8 AppIDSvc - ok
10:04:54.0050 0x11b8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:04:54.0060 0x11b8 Appinfo - ok
10:04:54.0200 0x11b8 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:04:54.0210 0x11b8 Apple Mobile Device - ok
10:04:54.0270 0x11b8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:04:54.0280 0x11b8 arc - ok
10:04:54.0300 0x11b8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:04:54.0310 0x11b8 arcsas - ok
10:04:54.0450 0x11b8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:04:54.0450 0x11b8 aspnet_state - ok
10:04:54.0460 0x11b8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:04:54.0460 0x11b8 AsyncMac - ok
10:04:54.0510 0x11b8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:04:54.0510 0x11b8 atapi - ok
10:04:54.0690 0x11b8 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:04:54.0790 0x11b8 atikmdag - ok
10:04:54.0890 0x11b8 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:04:54.0913 0x11b8 AudioEndpointBuilder - ok
10:04:54.0932 0x11b8 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:04:54.0942 0x11b8 AudioSrv - ok
10:04:54.0972 0x11b8 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
10:04:54.0972 0x11b8 avmeject - ok
10:04:55.0022 0x11b8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:04:55.0022 0x11b8 AxInstSV - ok
10:04:55.0082 0x11b8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:04:55.0092 0x11b8 b06bdrv - ok
10:04:55.0128 0x11b8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:04:55.0133 0x11b8 b57nd60a - ok
10:04:55.0184 0x11b8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:04:55.0184 0x11b8 BDESVC - ok
10:04:55.0194 0x11b8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:04:55.0194 0x11b8 Beep - ok
10:04:55.0264 0x11b8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:04:55.0274 0x11b8 BFE - ok
10:04:55.0304 0x11b8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:04:55.0324 0x11b8 BITS - ok
10:04:55.0334 0x11b8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:04:55.0334 0x11b8 blbdrive - ok
10:04:55.0414 0x11b8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:04:55.0424 0x11b8 Bonjour Service - ok
10:04:55.0474 0x11b8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:04:55.0484 0x11b8 bowser - ok
10:04:55.0524 0x11b8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:04:55.0524 0x11b8 BrFiltLo - ok
10:04:55.0544 0x11b8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:04:55.0544 0x11b8 BrFiltUp - ok
10:04:55.0594 0x11b8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:04:55.0594 0x11b8 Browser - ok
10:04:55.0624 0x11b8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:04:55.0624 0x11b8 Brserid - ok
10:04:55.0644 0x11b8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:04:55.0644 0x11b8 BrSerWdm - ok
10:04:55.0654 0x11b8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:04:55.0654 0x11b8 BrUsbMdm - ok
10:04:55.0674 0x11b8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:04:55.0674 0x11b8 BrUsbSer - ok
10:04:55.0684 0x11b8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:04:55.0694 0x11b8 BTHMODEM - ok
10:04:55.0744 0x11b8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:04:55.0754 0x11b8 bthserv - ok
10:04:55.0784 0x11b8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:04:55.0794 0x11b8 cdfs - ok
10:04:55.0844 0x11b8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:04:55.0844 0x11b8 cdrom - ok
10:04:55.0894 0x11b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:04:55.0904 0x11b8 CertPropSvc - ok
10:04:55.0914 0x11b8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:04:55.0914 0x11b8 circlass - ok
10:04:55.0934 0x11b8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:04:55.0944 0x11b8 CLFS - ok
10:04:56.0024 0x11b8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:56.0024 0x11b8 clr_optimization_v2.0.50727_32 - ok
10:04:56.0084 0x11b8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:04:56.0084 0x11b8 clr_optimization_v2.0.50727_64 - ok
10:04:56.0164 0x11b8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:56.0174 0x11b8 clr_optimization_v4.0.30319_32 - ok
10:04:56.0184 0x11b8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:04:56.0194 0x11b8 clr_optimization_v4.0.30319_64 - ok
10:04:56.0244 0x11b8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:04:56.0244 0x11b8 CmBatt - ok
10:04:56.0264 0x11b8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:04:56.0264 0x11b8 cmdide - ok
10:04:56.0354 0x11b8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:04:56.0364 0x11b8 CNG - ok
10:04:56.0384 0x11b8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:04:56.0384 0x11b8 Compbatt - ok
10:04:56.0434 0x11b8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:04:56.0434 0x11b8 CompositeBus - ok
10:04:56.0444 0x11b8 COMSysApp - ok
10:04:56.0464 0x11b8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:04:56.0464 0x11b8 crcdisk - ok
10:04:56.0514 0x11b8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:04:56.0514 0x11b8 CryptSvc - ok
10:04:56.0584 0x11b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:04:56.0594 0x11b8 DcomLaunch - ok
10:04:56.0654 0x11b8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:04:56.0664 0x11b8 defragsvc - ok
10:04:56.0725 0x11b8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:04:56.0727 0x11b8 DfsC - ok
10:04:56.0770 0x11b8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:04:56.0777 0x11b8 Dhcp - ok
10:04:56.0820 0x11b8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:04:56.0823 0x11b8 discache - ok
10:04:56.0882 0x11b8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:04:56.0884 0x11b8 Disk - ok
10:04:56.0942 0x11b8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:04:56.0946 0x11b8 Dnscache - ok
10:04:57.0002 0x11b8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:04:57.0007 0x11b8 dot3svc - ok
10:04:57.0075 0x11b8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:04:57.0079 0x11b8 DPS - ok
10:04:57.0126 0x11b8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:04:57.0126 0x11b8 drmkaud - ok
10:04:57.0182 0x11b8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:04:57.0200 0x11b8 DXGKrnl - ok
10:04:57.0256 0x11b8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:04:57.0264 0x11b8 EapHost - ok
10:04:57.0449 0x11b8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:04:57.0538 0x11b8 ebdrv - ok
10:04:57.0594 0x11b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
10:04:57.0596 0x11b8 EFS - ok
10:04:57.0930 0x11b8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:04:57.0951 0x11b8 ehRecvr - ok
10:04:58.0041 0x11b8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:04:58.0046 0x11b8 ehSched - ok
10:04:58.0156 0x11b8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:04:58.0170 0x11b8 elxstor - ok
10:04:58.0240 0x11b8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:04:58.0241 0x11b8 ErrDev - ok
10:04:58.0361 0x11b8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:04:58.0368 0x11b8 EventSystem - ok
10:04:58.0469 0x11b8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:04:58.0489 0x11b8 exfat - ok
10:04:58.0524 0x11b8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:04:58.0529 0x11b8 fastfat - ok
10:04:58.0641 0x11b8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:04:58.0653 0x11b8 Fax - ok
10:04:58.0668 0x11b8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:04:58.0669 0x11b8 fdc - ok
10:04:58.0722 0x11b8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:04:58.0723 0x11b8 fdPHost - ok
10:04:58.0737 0x11b8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:04:58.0739 0x11b8 FDResPub - ok
10:04:58.0751 0x11b8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:04:58.0752 0x11b8 FileInfo - ok
10:04:58.0767 0x11b8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:04:58.0768 0x11b8 Filetrace - ok
10:04:58.0783 0x11b8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:04:58.0784 0x11b8 flpydisk - ok
10:04:58.0857 0x11b8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:04:58.0862 0x11b8 FltMgr - ok
10:04:59.0095 0x11b8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:04:59.0120 0x11b8 FontCache - ok
10:04:59.0227 0x11b8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:04:59.0228 0x11b8 FontCache3.0.0.0 - ok
10:04:59.0296 0x11b8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:04:59.0297 0x11b8 FsDepends - ok
10:04:59.0380 0x11b8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:04:59.0381 0x11b8 Fs_Rec - ok
10:04:59.0449 0x11b8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:04:59.0454 0x11b8 fvevol - ok
10:04:59.0562 0x11b8 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
10:04:59.0580 0x11b8 fwlanusb5 - ok
10:04:59.0652 0x11b8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:04:59.0654 0x11b8 gagp30kx - ok
10:04:59.0735 0x11b8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:04:59.0735 0x11b8 GEARAspiWDM - ok
10:04:59.0815 0x11b8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:04:59.0829 0x11b8 gpsvc - ok
10:04:59.0853 0x11b8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:04:59.0854 0x11b8 hcw85cir - ok
10:04:59.0938 0x11b8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:04:59.0945 0x11b8 HdAudAddService - ok
10:04:59.0997 0x11b8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:04:59.0999 0x11b8 HDAudBus - ok
10:05:00.0019 0x11b8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:05:00.0020 0x11b8 HidBatt - ok
10:05:00.0054 0x11b8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:05:00.0056 0x11b8 HidBth - ok
10:05:00.0101 0x11b8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:05:00.0102 0x11b8 HidIr - ok
10:05:00.0180 0x11b8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:05:00.0182 0x11b8 hidserv - ok
10:05:00.0237 0x11b8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:05:00.0238 0x11b8 HidUsb - ok
10:05:00.0305 0x11b8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:05:00.0307 0x11b8 hkmsvc - ok
10:05:00.0390 0x11b8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:05:00.0394 0x11b8 HomeGroupListener - ok
10:05:00.0486 0x11b8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:05:00.0493 0x11b8 HomeGroupProvider - ok
10:05:00.0575 0x11b8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:05:00.0581 0x11b8 HpSAMD - ok
10:05:00.0750 0x11b8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:05:00.0766 0x11b8 HTTP - ok
10:05:00.0831 0x11b8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:05:00.0832 0x11b8 hwpolicy - ok
10:05:00.0900 0x11b8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:05:00.0903 0x11b8 i8042prt - ok
10:05:01.0018 0x11b8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:05:01.0026 0x11b8 iaStorV - ok
10:05:01.0245 0x11b8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:05:01.0267 0x11b8 idsvc - ok
10:05:01.0286 0x11b8 IEEtwCollectorService - ok
10:05:01.0353 0x11b8 IePluginServices - ok
10:05:01.0430 0x11b8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:05:01.0431 0x11b8 iirsp - ok
10:05:01.0562 0x11b8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:05:01.0577 0x11b8 IKEEXT - ok
10:05:01.0624 0x11b8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:05:01.0624 0x11b8 intelide - ok
10:05:01.0645 0x11b8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:05:01.0646 0x11b8 intelppm - ok
10:05:01.0717 0x11b8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:05:01.0720 0x11b8 IPBusEnum - ok
10:05:01.0778 0x11b8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:05:01.0779 0x11b8 IpFilterDriver - ok
10:05:01.0907 0x11b8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:05:01.0929 0x11b8 iphlpsvc - ok
10:05:02.0028 0x11b8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:05:02.0029 0x11b8 IPMIDRV - ok
10:05:02.0079 0x11b8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:05:02.0081 0x11b8 IPNAT - ok
10:05:02.0253 0x11b8 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:05:02.0264 0x11b8 iPod Service - ok
10:05:02.0282 0x11b8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:05:02.0283 0x11b8 IRENUM - ok
10:05:02.0508 0x11b8 [ 433A1606FCC62A99E6848929198A78B1, 76DF83A5F85917BA244674A6234BECF3F9C6FE44C6F8A0B82F08616517C93922 ] iSafeKrnl C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
10:05:02.0513 0x11b8 iSafeKrnl - ok
10:05:02.0577 0x11b8 [ AA0E848E069F99936966E03E2C01733F, 5B8F796231C3CF4D0C2D7FC5084F1D27F19D78B6EE9181BB8315D9F8C58B3A6E ] iSafeKrnlBoot C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys
10:05:02.0579 0x11b8 iSafeKrnlBoot - ok
10:05:02.0628 0x11b8 [ 95178BB4E3AC2FDE16AFF7A3E4355498, 53544CC3B4E7F5F779BF8F2D77C84836AA66D678DB918456EE3EE277F109B044 ] iSafeKrnlKit C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
10:05:02.0631 0x11b8 iSafeKrnlKit - ok
10:05:02.0663 0x11b8 [ 13CB0B41E703E9FBE6386D4549291F83, 313B671DFC4A0C006CA6289E5399C740DF6DAC12204E6FAEDBE4D5219CD12D09 ] iSafeKrnlMon C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
10:05:02.0667 0x11b8 iSafeKrnlMon - ok
10:05:02.0701 0x11b8 [ 5260DF59CE11CEE7173CE864C122D9EE, DA8F0C1AE7EC5784B6E40BEB17F77A3FA401A20B94F42206F7AF4C518EF1A6DD ] iSafeKrnlR3 C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
10:05:02.0703 0x11b8 iSafeKrnlR3 - ok
10:05:02.0728 0x11b8 [ 8EE84CC87D67CE4DE7AF907CCA559F52, F9E93CA39F300A585A47BB9A2C916772947A0A8289A3A18AB1B2A7D9BE7615BF ] iSafeNetFilter C:\Windows\system32\DRIVERS\iSafeNetFilter.sys
10:05:02.0729 0x11b8 iSafeNetFilter - ok
10:05:02.0757 0x11b8 [ 1EC45DC4F84777759EB6620325FCAD89, F354DDDC9B6E84F95016D1648FA4E16BC93600BFFDEB37EACE1B0DFA3DE645A3 ] iSafeService C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
10:05:02.0761 0x11b8 iSafeService - ok
10:05:02.0827 0x11b8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:05:02.0828 0x11b8 isapnp - ok
10:05:02.0942 0x11b8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:05:02.0947 0x11b8 iScsiPrt - ok
10:05:02.0977 0x11b8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:05:02.0979 0x11b8 kbdclass - ok
10:05:03.0157 0x11b8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:05:03.0158 0x11b8 kbdhid - ok
10:05:03.0194 0x11b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
10:05:03.0197 0x11b8 KeyIso - ok
10:05:03.0286 0x11b8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:05:03.0288 0x11b8 KSecDD - ok
10:05:03.0352 0x11b8 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:05:03.0355 0x11b8 KSecPkg - ok
10:05:03.0429 0x11b8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:05:03.0429 0x11b8 ksthunk - ok
10:05:03.0501 0x11b8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:05:03.0508 0x11b8 KtmRm - ok
10:05:03.0586 0x11b8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:05:03.0593 0x11b8 LanmanServer - ok
10:05:03.0656 0x11b8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:05:03.0659 0x11b8 LanmanWorkstation - ok
10:05:03.0675 0x11b8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:05:03.0676 0x11b8 lltdio - ok
10:05:03.0764 0x11b8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:05:03.0775 0x11b8 lltdsvc - ok
10:05:03.0795 0x11b8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:05:03.0796 0x11b8 lmhosts - ok
10:05:03.0839 0x11b8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:05:03.0842 0x11b8 LSI_FC - ok
10:05:03.0869 0x11b8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:05:03.0872 0x11b8 LSI_SAS - ok
10:05:03.0896 0x11b8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:05:03.0897 0x11b8 LSI_SAS2 - ok
10:05:03.0909 0x11b8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:05:03.0912 0x11b8 LSI_SCSI - ok
10:05:03.0942 0x11b8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:05:03.0944 0x11b8 luafv - ok
10:05:04.0002 0x11b8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:05:04.0005 0x11b8 Mcx2Svc - ok
10:05:04.0021 0x11b8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:05:04.0022 0x11b8 megasas - ok
10:05:04.0051 0x11b8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:05:04.0057 0x11b8 MegaSR - ok
10:05:04.0110 0x11b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:05:04.0117 0x11b8 MMCSS - ok
10:05:04.0187 0x11b8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:05:04.0188 0x11b8 Modem - ok
10:05:04.0212 0x11b8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:05:04.0213 0x11b8 monitor - ok
10:05:04.0227 0x11b8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:05:04.0229 0x11b8 mouclass - ok
10:05:04.0244 0x11b8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:05:04.0245 0x11b8 mouhid - ok
10:05:04.0309 0x11b8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:05:04.0311 0x11b8 mountmgr - ok
10:05:04.0404 0x11b8 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:05:04.0406 0x11b8 MozillaMaintenance - ok
10:05:04.0479 0x11b8 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:05:04.0485 0x11b8 MpFilter - ok
10:05:04.0564 0x11b8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:05:04.0567 0x11b8 mpio - ok
10:05:04.0667 0x11b8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:05:04.0668 0x11b8 mpsdrv - ok
10:05:04.0824 0x11b8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:05:04.0841 0x11b8 MpsSvc - ok
10:05:04.0931 0x11b8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:05:04.0942 0x11b8 MRxDAV - ok
10:05:05.0007 0x11b8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:05:05.0011 0x11b8 mrxsmb - ok
10:05:05.0092 0x11b8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:05:05.0097 0x11b8 mrxsmb10 - ok
10:05:05.0112 0x11b8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:05:05.0114 0x11b8 mrxsmb20 - ok
10:05:05.0164 0x11b8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:05:05.0165 0x11b8 msahci - ok
10:05:05.0249 0x11b8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:05:05.0252 0x11b8 msdsm - ok
10:05:05.0332 0x11b8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:05:05.0337 0x11b8 MSDTC - ok
10:05:05.0420 0x11b8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:05:05.0423 0x11b8 Msfs - ok
10:05:05.0479 0x11b8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:05:05.0480 0x11b8 mshidkmdf - ok
10:05:05.0550 0x11b8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:05:05.0551 0x11b8 msisadrv - ok
10:05:05.0676 0x11b8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:05:05.0681 0x11b8 MSiSCSI - ok
10:05:05.0690 0x11b8 msiserver - ok
10:05:05.0709 0x11b8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:05:05.0711 0x11b8 MSKSSRV - ok
10:05:05.0782 0x11b8 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:05:05.0782 0x11b8 MsMpSvc - ok
10:05:05.0814 0x11b8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:05:05.0815 0x11b8 MSPCLOCK - ok
10:05:05.0826 0x11b8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:05:05.0826 0x11b8 MSPQM - ok
10:05:05.0878 0x11b8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:05:05.0885 0x11b8 MsRPC - ok
10:05:05.0946 0x11b8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:05:05.0947 0x11b8 mssmbios - ok
10:05:05.0970 0x11b8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:05:05.0971 0x11b8 MSTEE - ok
10:05:05.0990 0x11b8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:05:05.0991 0x11b8 MTConfig - ok
10:05:06.0013 0x11b8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:05:06.0015 0x11b8 Mup - ok
10:05:06.0091 0x11b8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:05:06.0112 0x11b8 napagent - ok
10:05:06.0173 0x11b8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:05:06.0179 0x11b8 NativeWifiP - ok
10:05:06.0366 0x11b8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:05:06.0390 0x11b8 NDIS - ok
10:05:06.0459 0x11b8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:05:06.0460 0x11b8 NdisCap - ok
10:05:06.0484 0x11b8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:05:06.0485 0x11b8 NdisTapi - ok
10:05:06.0550 0x11b8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:05:06.0552 0x11b8 Ndisuio - ok
10:05:06.0644 0x11b8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:05:06.0648 0x11b8 NdisWan - ok
10:05:06.0730 0x11b8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:05:06.0734 0x11b8 NDProxy - ok
10:05:06.0793 0x11b8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:05:06.0795 0x11b8 NetBIOS - ok
10:05:06.0869 0x11b8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:05:06.0875 0x11b8 NetBT - ok
10:05:06.0901 0x11b8 [ 9E34BF0784E087F7366DBD2BDA01C8EB, 299B4D9DFFC409FDC8AB8678190164E286D16A93F8FEBCE1DA649D2F748A0D1D ] netfilter64 C:\Windows\system32\drivers\netfilter64.sys
10:05:06.0903 0x11b8 netfilter64 - ok
10:05:06.0915 0x11b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
10:05:06.0917 0x11b8 Netlogon - ok
10:05:07.0021 0x11b8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:05:07.0028 0x11b8 Netman - ok
10:05:07.0108 0x11b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0111 0x11b8 NetMsmqActivator - ok
10:05:07.0151 0x11b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0154 0x11b8 NetPipeActivator - ok
10:05:07.0265 0x11b8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:05:07.0275 0x11b8 netprofm - ok
10:05:07.0315 0x11b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0319 0x11b8 NetTcpActivator - ok
10:05:07.0334 0x11b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0337 0x11b8 NetTcpPortSharing - ok
10:05:07.0399 0x11b8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:05:07.0400 0x11b8 nfrd960 - ok
10:05:07.0573 0x11b8 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:05:07.0576 0x11b8 NisDrv - ok
10:05:07.0789 0x11b8 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:05:07.0800 0x11b8 NisSrv - ok
10:05:07.0976 0x11b8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:05:07.0985 0x11b8 NlaSvc - ok
10:05:08.0006 0x11b8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:05:08.0007 0x11b8 Npfs - ok
10:05:08.0076 0x11b8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:05:08.0078 0x11b8 nsi - ok
10:05:08.0150 0x11b8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:05:08.0151 0x11b8 nsiproxy - ok
10:05:08.0310 0x11b8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:05:08.0339 0x11b8 Ntfs - ok
10:05:08.0359 0x11b8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:05:08.0360 0x11b8 Null - ok
10:05:08.0379 0x11b8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:05:08.0382 0x11b8 nvraid - ok
10:05:08.0441 0x11b8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:05:08.0444 0x11b8 nvstor - ok
10:05:08.0493 0x11b8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:05:08.0499 0x11b8 nv_agp - ok
Code:
ATTFilter 10:05:08.0567 0x11b8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:05:08.0572 0x11b8 ohci1394 - ok
10:05:08.0699 0x11b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:05:08.0706 0x11b8 p2pimsvc - ok
10:05:08.0871 0x11b8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:05:08.0883 0x11b8 p2psvc - ok
10:05:08.0992 0x11b8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:05:08.0994 0x11b8 Parport - ok
10:05:09.0092 0x11b8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:05:09.0093 0x11b8 partmgr - ok
10:05:09.0170 0x11b8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:05:09.0177 0x11b8 PcaSvc - ok
10:05:09.0230 0x11b8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:05:09.0235 0x11b8 pci - ok
10:05:09.0331 0x11b8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:05:09.0332 0x11b8 pciide - ok
10:05:09.0368 0x11b8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:05:09.0372 0x11b8 pcmcia - ok
10:05:09.0397 0x11b8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:05:09.0399 0x11b8 pcw - ok
10:05:09.0438 0x11b8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:05:09.0454 0x11b8 PEAUTH - ok
10:05:09.0579 0x11b8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:05:09.0580 0x11b8 PerfHost - ok
10:05:09.0698 0x11b8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:05:09.0733 0x11b8 pla - ok
10:05:09.0814 0x11b8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:05:09.0826 0x11b8 PlugPlay - ok
10:05:09.0894 0x11b8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:05:09.0897 0x11b8 PNRPAutoReg - ok
10:05:09.0920 0x11b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:05:09.0929 0x11b8 PNRPsvc - ok
10:05:10.0061 0x11b8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:05:10.0072 0x11b8 PolicyAgent - ok
10:05:10.0143 0x11b8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:05:10.0147 0x11b8 Power - ok
10:05:10.0202 0x11b8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:05:10.0205 0x11b8 PptpMiniport - ok
10:05:10.0257 0x11b8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:05:10.0258 0x11b8 Processor - ok
10:05:10.0312 0x11b8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:05:10.0319 0x11b8 ProfSvc - ok
10:05:10.0353 0x11b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:05:10.0356 0x11b8 ProtectedStorage - ok
10:05:10.0454 0x11b8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:05:10.0457 0x11b8 Psched - ok
10:05:10.0590 0x11b8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:05:10.0626 0x11b8 ql2300 - ok
10:05:10.0685 0x11b8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:05:10.0688 0x11b8 ql40xx - ok
10:05:10.0775 0x11b8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:05:10.0791 0x11b8 QWAVE - ok
10:05:10.0831 0x11b8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:05:10.0835 0x11b8 QWAVEdrv - ok
10:05:10.0855 0x11b8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:05:10.0856 0x11b8 RasAcd - ok
10:05:10.0879 0x11b8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:05:10.0884 0x11b8 RasAgileVpn - ok
10:05:10.0934 0x11b8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:05:10.0937 0x11b8 RasAuto - ok
10:05:10.0999 0x11b8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:05:11.0003 0x11b8 Rasl2tp - ok
10:05:11.0107 0x11b8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:05:11.0123 0x11b8 RasMan - ok
10:05:11.0197 0x11b8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:05:11.0202 0x11b8 RasPppoe - ok
10:05:11.0230 0x11b8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:05:11.0233 0x11b8 RasSstp - ok
10:05:11.0308 0x11b8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:05:11.0315 0x11b8 rdbss - ok
10:05:11.0353 0x11b8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:05:11.0359 0x11b8 rdpbus - ok
10:05:11.0378 0x11b8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:05:11.0378 0x11b8 RDPCDD - ok
10:05:11.0411 0x11b8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:05:11.0412 0x11b8 RDPENCDD - ok
10:05:11.0423 0x11b8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:05:11.0423 0x11b8 RDPREFMP - ok
10:05:11.0521 0x11b8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:05:11.0523 0x11b8 RdpVideoMiniport - ok
10:05:11.0616 0x11b8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:05:11.0620 0x11b8 RDPWD - ok
10:05:11.0716 0x11b8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:05:11.0727 0x11b8 rdyboost - ok
10:05:11.0794 0x11b8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:05:11.0803 0x11b8 RemoteAccess - ok
10:05:11.0862 0x11b8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:05:11.0868 0x11b8 RemoteRegistry - ok
10:05:11.0882 0x11b8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:05:11.0885 0x11b8 RpcEptMapper - ok
10:05:11.0938 0x11b8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:05:11.0940 0x11b8 RpcLocator - ok
10:05:12.0022 0x11b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:05:12.0034 0x11b8 RpcSs - ok
10:05:12.0100 0x11b8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:05:12.0102 0x11b8 rspndr - ok
10:05:12.0159 0x11b8 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:05:12.0170 0x11b8 RTL8167 - ok
10:05:12.0184 0x11b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
10:05:12.0186 0x11b8 SamSs - ok
10:05:12.0240 0x11b8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:05:12.0244 0x11b8 sbp2port - ok
10:05:12.0315 0x11b8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:05:12.0320 0x11b8 SCardSvr - ok
10:05:12.0366 0x11b8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:05:12.0367 0x11b8 scfilter - ok
10:05:12.0468 0x11b8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:05:12.0493 0x11b8 Schedule - ok
10:05:12.0569 0x11b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:05:12.0571 0x11b8 SCPolicySvc - ok
10:05:12.0687 0x11b8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:05:12.0693 0x11b8 SDRSVC - ok
10:05:12.0751 0x11b8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:05:12.0753 0x11b8 secdrv - ok
10:05:12.0822 0x11b8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:05:12.0828 0x11b8 seclogon - ok
10:05:12.0884 0x11b8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:05:12.0888 0x11b8 SENS - ok
10:05:12.0905 0x11b8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:05:12.0907 0x11b8 SensrSvc - ok
10:05:12.0920 0x11b8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:05:12.0921 0x11b8 Serenum - ok
10:05:12.0982 0x11b8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:05:12.0984 0x11b8 Serial - ok
10:05:13.0044 0x11b8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:05:13.0045 0x11b8 sermouse - ok
10:05:13.0112 0x11b8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:05:13.0116 0x11b8 SessionEnv - ok
10:05:13.0163 0x11b8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:05:13.0164 0x11b8 sffdisk - ok
10:05:13.0213 0x11b8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:05:13.0213 0x11b8 sffp_mmc - ok
10:05:13.0235 0x11b8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:05:13.0236 0x11b8 sffp_sd - ok
10:05:13.0287 0x11b8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:05:13.0288 0x11b8 sfloppy - ok
10:05:13.0346 0x11b8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:05:13.0353 0x11b8 SharedAccess - ok
10:05:13.0426 0x11b8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:05:13.0435 0x11b8 ShellHWDetection - ok
10:05:13.0455 0x11b8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:05:13.0456 0x11b8 SiSRaid2 - ok
10:05:13.0473 0x11b8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:05:13.0475 0x11b8 SiSRaid4 - ok
10:05:13.0494 0x11b8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:05:13.0496 0x11b8 Smb - ok
10:05:13.0560 0x11b8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:05:13.0561 0x11b8 SNMPTRAP - ok
10:05:13.0807 0x11b8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:05:13.0808 0x11b8 spldr - ok
10:05:13.0875 0x11b8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:05:13.0888 0x11b8 Spooler - ok
10:05:14.0071 0x11b8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:05:14.0137 0x11b8 sppsvc - ok
10:05:14.0154 0x11b8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:05:14.0156 0x11b8 sppuinotify - ok
10:05:14.0213 0x11b8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:05:14.0221 0x11b8 srv - ok
10:05:14.0278 0x11b8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:05:14.0285 0x11b8 srv2 - ok
10:05:14.0340 0x11b8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:05:14.0344 0x11b8 srvnet - ok
10:05:14.0367 0x11b8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:05:14.0372 0x11b8 SSDPSRV - ok
10:05:14.0381 0x11b8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:05:14.0384 0x11b8 SstpSvc - ok
10:05:14.0454 0x11b8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:05:14.0455 0x11b8 stexstor - ok
10:05:14.0518 0x11b8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:05:14.0530 0x11b8 stisvc - ok
10:05:14.0612 0x11b8 [ 1A6636D0E7E38CEB2B6B2E00AC17A4AF, 6649E824E6C0CD3FAC84BB395A340170807068A290E6F2A1CE84CB803FD684C9 ] SupraSavingsService64 C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
10:05:14.0616 0x11b8 SupraSavingsService64 - ok
10:05:14.0670 0x11b8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:05:14.0670 0x11b8 swenum - ok
10:05:14.0747 0x11b8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:05:14.0760 0x11b8 swprv - ok
10:05:14.0863 0x11b8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:05:14.0898 0x11b8 SysMain - ok
10:05:14.0954 0x11b8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:05:14.0957 0x11b8 TabletInputService - ok
10:05:15.0007 0x11b8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:05:15.0013 0x11b8 TapiSrv - ok
10:05:15.0034 0x11b8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:05:15.0036 0x11b8 TBS - ok
10:05:15.0128 0x11b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:05:15.0171 0x11b8 Tcpip - ok
10:05:15.0258 0x11b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:05:15.0295 0x11b8 TCPIP6 - ok
10:05:15.0354 0x11b8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:05:15.0355 0x11b8 tcpipreg - ok
10:05:15.0406 0x11b8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:05:15.0406 0x11b8 TDPIPE - ok
10:05:15.0439 0x11b8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:05:15.0440 0x11b8 TDTCP - ok
10:05:15.0490 0x11b8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:05:15.0493 0x11b8 tdx - ok
10:05:15.0548 0x11b8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:05:15.0551 0x11b8 TermDD - ok
10:05:15.0627 0x11b8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:05:15.0642 0x11b8 TermService - ok
10:05:15.0696 0x11b8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:05:15.0699 0x11b8 Themes - ok
10:05:15.0756 0x11b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:05:15.0758 0x11b8 THREADORDER - ok
10:05:15.0779 0x11b8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:05:15.0784 0x11b8 TrkWks - ok
10:05:15.0864 0x11b8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:05:15.0868 0x11b8 TrustedInstaller - ok
10:05:15.0922 0x11b8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:05:15.0924 0x11b8 tssecsrv - ok
10:05:15.0972 0x11b8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:05:15.0974 0x11b8 TsUsbFlt - ok
10:05:16.0036 0x11b8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:05:16.0038 0x11b8 tunnel - ok
10:05:16.0098 0x11b8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:05:16.0099 0x11b8 uagp35 - ok
10:05:16.0122 0x11b8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:05:16.0129 0x11b8 udfs - ok
10:05:16.0190 0x11b8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:05:16.0193 0x11b8 UI0Detect - ok
10:05:16.0210 0x11b8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:05:16.0212 0x11b8 uliagpkx - ok
10:05:16.0265 0x11b8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:05:16.0266 0x11b8 umbus - ok
10:05:16.0286 0x11b8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:05:16.0287 0x11b8 UmPass - ok
10:05:16.0307 0x11b8 Update EnterDigital - ok
10:05:16.0337 0x11b8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:05:16.0344 0x11b8 upnphost - ok
10:05:16.0398 0x11b8 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:05:16.0401 0x11b8 USBAAPL64 - ok
10:05:16.0451 0x11b8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:05:16.0453 0x11b8 usbccgp - ok
10:05:16.0474 0x11b8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:05:16.0477 0x11b8 usbcir - ok
10:05:16.0494 0x11b8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:05:16.0496 0x11b8 usbehci - ok
10:05:16.0516 0x11b8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:05:16.0522 0x11b8 usbhub - ok
10:05:16.0540 0x11b8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:05:16.0541 0x11b8 usbohci - ok
10:05:16.0640 0x11b8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:05:16.0643 0x11b8 usbprint - ok
10:05:16.0703 0x11b8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:05:16.0705 0x11b8 USBSTOR - ok
10:05:16.0787 0x11b8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:05:16.0788 0x11b8 usbuhci - ok
10:05:16.0865 0x11b8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:05:16.0867 0x11b8 UxSms - ok
|
|
01.02.2015, 11:06
| #7 |
| | Trojaner/Viren Infizierung per Post von der TelekomCode:
ATTFilter 10:05:16.0947 0x11b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
10:05:16.0948 0x11b8 VaultSvc - ok
10:05:16.0957 0x11b8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:05:16.0958 0x11b8 vdrvroot - ok
10:05:17.0043 0x11b8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:05:17.0053 0x11b8 vds - ok
10:05:17.0102 0x11b8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:05:17.0104 0x11b8 vga - ok
10:05:17.0193 0x11b8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:05:17.0194 0x11b8 VgaSave - ok
10:05:17.0258 0x11b8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:05:17.0265 0x11b8 vhdmp - ok
10:05:17.0318 0x11b8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:05:17.0318 0x11b8 viaide - ok
10:05:17.0330 0x11b8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:05:17.0332 0x11b8 volmgr - ok
10:05:17.0396 0x11b8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:05:17.0403 0x11b8 volmgrx - ok
10:05:17.0467 0x11b8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:05:17.0472 0x11b8 volsnap - ok
10:05:17.0522 0x11b8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:05:17.0526 0x11b8 vsmraid - ok
10:05:17.0705 0x11b8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:05:17.0737 0x11b8 VSS - ok
10:05:17.0769 0x11b8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:05:17.0769 0x11b8 vwifibus - ok
10:05:17.0785 0x11b8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:05:17.0786 0x11b8 vwififlt - ok
10:05:17.0859 0x11b8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:05:17.0871 0x11b8 W32Time - ok
10:05:17.0923 0x11b8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:05:17.0925 0x11b8 WacomPen - ok
10:05:17.0992 0x11b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:05:17.0995 0x11b8 WANARP - ok
10:05:18.0000 0x11b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:05:18.0002 0x11b8 Wanarpv6 - ok
10:05:18.0107 0x11b8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:05:18.0134 0x11b8 wbengine - ok
10:05:18.0172 0x11b8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:05:18.0177 0x11b8 WbioSrvc - ok
10:05:18.0234 0x11b8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:05:18.0241 0x11b8 wcncsvc - ok
10:05:18.0261 0x11b8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:05:18.0264 0x11b8 WcsPlugInService - ok
10:05:18.0324 0x11b8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:05:18.0325 0x11b8 Wd - ok
10:05:18.0395 0x11b8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:05:18.0414 0x11b8 Wdf01000 - ok
10:05:18.0432 0x11b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:05:18.0436 0x11b8 WdiServiceHost - ok
10:05:18.0446 0x11b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:05:18.0450 0x11b8 WdiSystemHost - ok
10:05:18.0510 0x11b8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:05:18.0517 0x11b8 WebClient - ok
10:05:18.0586 0x11b8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:05:18.0592 0x11b8 Wecsvc - ok
10:05:18.0628 0x11b8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:05:18.0632 0x11b8 wercplsupport - ok
10:05:18.0658 0x11b8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:05:18.0660 0x11b8 WerSvc - ok
10:05:18.0712 0x11b8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:05:18.0713 0x11b8 WfpLwf - ok
10:05:18.0738 0x11b8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:05:18.0739 0x11b8 WIMMount - ok
10:05:18.0768 0x11b8 WinDefend - ok
10:05:18.0806 0x11b8 WindowsMangerProtect - ok
10:05:18.0809 0x11b8 WinHttpAutoProxySvc - ok
10:05:18.0884 0x11b8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:05:18.0889 0x11b8 Winmgmt - ok
10:05:19.0094 0x11b8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:05:19.0137 0x11b8 WinRM - ok
10:05:19.0174 0x11b8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:05:19.0175 0x11b8 WinUsb - ok
10:05:19.0252 0x11b8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:05:19.0270 0x11b8 Wlansvc - ok
10:05:19.0373 0x11b8 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:05:19.0424 0x11b8 wlidsvc - ok
10:05:19.0483 0x11b8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:05:19.0484 0x11b8 WmiAcpi - ok
10:05:19.0555 0x11b8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:05:19.0563 0x11b8 wmiApSrv - ok
10:05:19.0597 0x11b8 WMPNetworkSvc - ok
10:05:19.0657 0x11b8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:05:19.0659 0x11b8 WPCSvc - ok
10:05:19.0715 0x11b8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:05:19.0720 0x11b8 WPDBusEnum - ok
10:05:19.0780 0x11b8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:05:19.0781 0x11b8 ws2ifsl - ok
10:05:19.0798 0x11b8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:05:19.0802 0x11b8 wscsvc - ok
10:05:19.0849 0x11b8 WSearch - ok
10:05:20.0051 0x11b8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
10:05:20.0123 0x11b8 wuauserv - ok
10:05:20.0198 0x11b8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:05:20.0200 0x11b8 WudfPf - ok
10:05:20.0215 0x11b8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:05:20.0219 0x11b8 WUDFRd - ok
10:05:20.0271 0x11b8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:05:20.0274 0x11b8 wudfsvc - ok
10:05:20.0350 0x11b8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:05:20.0356 0x11b8 WwanSvc - ok
10:05:20.0371 0x11b8 ================ Scan global ===============================
10:05:20.0427 0x11b8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:05:20.0489 0x11b8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:05:20.0507 0x11b8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:05:20.0566 0x11b8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:05:20.0628 0x11b8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:05:20.0634 0x11b8 [ Global ] - ok
10:05:20.0635 0x11b8 ================ Scan MBR ==================================
10:05:20.0650 0x11b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:05:20.0823 0x11b8 \Device\Harddisk0\DR0 - ok
10:05:20.0826 0x11b8 ================ Scan VBR ==================================
10:05:20.0839 0x11b8 [ 165AFBE9DB6734817E9C60ECB340A5CA ] \Device\Harddisk0\DR0\Partition1
10:05:20.0842 0x11b8 \Device\Harddisk0\DR0\Partition1 - ok
10:05:20.0857 0x11b8 [ F2393307D2C6853D77840921D21F94C8 ] \Device\Harddisk0\DR0\Partition2
10:05:20.0858 0x11b8 \Device\Harddisk0\DR0\Partition2 - ok
10:05:20.0861 0x11b8 ================ Scan generic autorun ======================
10:05:20.0964 0x11b8 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:05:20.0989 0x11b8 MSC - ok
10:05:21.0033 0x11b8 [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
10:05:21.0051 0x11b8 AVMWlanClient - ok
10:05:21.0120 0x11b8 [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:05:21.0128 0x11b8 SunJavaUpdateSched - ok
10:05:21.0233 0x11b8 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:05:21.0236 0x11b8 iTunesHelper - ok
10:05:21.0298 0x11b8 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:05:21.0306 0x11b8 QuickTime Task - ok
10:05:21.0404 0x11b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:05:21.0428 0x11b8 Sidebar - ok
10:05:21.0472 0x11b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:05:21.0475 0x11b8 mctadmin - ok
10:05:21.0528 0x11b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:05:21.0551 0x11b8 Sidebar - ok
10:05:21.0562 0x11b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:05:21.0564 0x11b8 mctadmin - ok
10:05:21.0578 0x11b8 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:05:21.0582 0x11b8 Win FW state via NFP2: enabled
10:05:21.0583 0x11b8 ============================================================
10:05:21.0583 0x11b8 Scan finished
10:05:21.0583 0x11b8 ============================================================
10:05:21.0595 0x16c8 Detected object count: 0
10:05:21.0595 0x16c8 Actual detected object count: 0
10:06:10.0801 0x0eb4 ============================================================
10:06:10.0801 0x0eb4 Scan started
10:06:10.0801 0x0eb4 Mode: Manual; TDLFS;
10:06:10.0801 0x0eb4 ============================================================
10:06:10.0801 0x0eb4 KSN ping started
10:06:13.0254 0x0eb4 KSN ping finished: true
10:06:15.0070 0x0eb4 ================ Scan system memory ========================
10:06:15.0070 0x0eb4 System memory - ok
10:06:15.0076 0x0eb4 ================ Scan services =============================
10:06:15.0247 0x0eb4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:06:15.0251 0x0eb4 1394ohci - ok
10:06:15.0310 0x0eb4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:06:15.0316 0x0eb4 ACPI - ok
10:06:15.0367 0x0eb4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:06:15.0368 0x0eb4 AcpiPmi - ok
10:06:15.0491 0x0eb4 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:06:15.0494 0x0eb4 AdobeARMservice - ok
10:06:15.0629 0x0eb4 [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:06:15.0634 0x0eb4 AdobeFlashPlayerUpdateSvc - ok
10:06:15.0699 0x0eb4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:06:15.0708 0x0eb4 adp94xx - ok
10:06:15.0727 0x0eb4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:06:15.0734 0x0eb4 adpahci - ok
10:06:15.0756 0x0eb4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:06:15.0760 0x0eb4 adpu320 - ok
10:06:15.0821 0x0eb4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:06:15.0823 0x0eb4 AeLookupSvc - ok
10:06:15.0853 0x0eb4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:06:15.0863 0x0eb4 AFD - ok
10:06:15.0912 0x0eb4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:06:15.0913 0x0eb4 agp440 - ok
10:06:15.0925 0x0eb4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:06:15.0927 0x0eb4 ALG - ok
10:06:15.0970 0x0eb4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:06:15.0971 0x0eb4 aliide - ok
10:06:15.0998 0x0eb4 [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:06:16.0001 0x0eb4 AMD External Events Utility - ok
10:06:16.0049 0x0eb4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:06:16.0050 0x0eb4 amdide - ok
10:06:16.0109 0x0eb4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:06:16.0112 0x0eb4 AmdK8 - ok
10:06:16.0133 0x0eb4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:06:16.0135 0x0eb4 AmdPPM - ok
10:06:16.0188 0x0eb4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:06:16.0190 0x0eb4 amdsata - ok
10:06:16.0213 0x0eb4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:06:16.0217 0x0eb4 amdsbs - ok
10:06:16.0234 0x0eb4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:06:16.0235 0x0eb4 amdxata - ok
10:06:16.0287 0x0eb4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:06:16.0289 0x0eb4 AppID - ok
10:06:16.0339 0x0eb4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:06:16.0340 0x0eb4 AppIDSvc - ok
10:06:16.0395 0x0eb4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:06:16.0397 0x0eb4 Appinfo - ok
10:06:16.0554 0x0eb4 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:06:16.0567 0x0eb4 Apple Mobile Device - ok
10:06:16.0646 0x0eb4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:06:16.0648 0x0eb4 arc - ok
10:06:16.0677 0x0eb4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:06:16.0679 0x0eb4 arcsas - ok
10:06:16.0926 0x0eb4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:06:16.0927 0x0eb4 aspnet_state - ok
10:06:16.0947 0x0eb4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:06:16.0948 0x0eb4 AsyncMac - ok
10:06:17.0009 0x0eb4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:06:17.0010 0x0eb4 atapi - ok
10:06:17.0242 0x0eb4 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:06:17.0367 0x0eb4 atikmdag - ok
10:06:17.0433 0x0eb4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:06:17.0445 0x0eb4 AudioEndpointBuilder - ok
10:06:17.0469 0x0eb4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:06:17.0482 0x0eb4 AudioSrv - ok
10:06:17.0511 0x0eb4 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
10:06:17.0512 0x0eb4 avmeject - ok
10:06:17.0568 0x0eb4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:06:17.0571 0x0eb4 AxInstSV - ok
10:06:17.0639 0x0eb4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:06:17.0659 0x0eb4 b06bdrv - ok
10:06:17.0699 0x0eb4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:06:17.0710 0x0eb4 b57nd60a - ok
10:06:17.0778 0x0eb4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:06:17.0780 0x0eb4 BDESVC - ok
10:06:17.0788 0x0eb4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:06:17.0788 0x0eb4 Beep - ok
10:06:17.0846 0x0eb4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:06:17.0860 0x0eb4 BFE - ok
10:06:17.0892 0x0eb4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:06:17.0908 0x0eb4 BITS - ok
10:06:17.0922 0x0eb4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:06:17.0923 0x0eb4 blbdrive - ok
10:06:18.0002 0x0eb4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:06:18.0014 0x0eb4 Bonjour Service - ok
10:06:18.0071 0x0eb4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:06:18.0073 0x0eb4 bowser - ok
10:06:18.0088 0x0eb4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:06:18.0089 0x0eb4 BrFiltLo - ok
10:06:18.0149 0x0eb4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:06:18.0149 0x0eb4 BrFiltUp - ok
10:06:18.0202 0x0eb4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:06:18.0205 0x0eb4 Browser - ok
10:06:18.0229 0x0eb4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:06:18.0234 0x0eb4 Brserid - ok
10:06:18.0250 0x0eb4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:06:18.0251 0x0eb4 BrSerWdm - ok
10:06:18.0271 0x0eb4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:06:18.0271 0x0eb4 BrUsbMdm - ok
10:06:18.0279 0x0eb4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:06:18.0279 0x0eb4 BrUsbSer - ok
10:06:18.0298 0x0eb4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:06:18.0300 0x0eb4 BTHMODEM - ok
10:06:18.0352 0x0eb4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:06:18.0354 0x0eb4 bthserv - ok
10:06:18.0373 0x0eb4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:06:18.0374 0x0eb4 cdfs - ok
10:06:18.0429 0x0eb4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:06:18.0431 0x0eb4 cdrom - ok
10:06:18.0482 0x0eb4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:06:18.0484 0x0eb4 CertPropSvc - ok
10:06:18.0497 0x0eb4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:06:18.0499 0x0eb4 circlass - ok
10:06:18.0523 0x0eb4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:06:18.0529 0x0eb4 CLFS - ok
10:06:18.0600 0x0eb4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:06:18.0601 0x0eb4 clr_optimization_v2.0.50727_32 - ok
10:06:18.0618 0x0eb4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:06:18.0620 0x0eb4 clr_optimization_v2.0.50727_64 - ok
10:06:18.0702 0x0eb4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:06:18.0704 0x0eb4 clr_optimization_v4.0.30319_32 - ok
10:06:18.0729 0x0eb4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:06:18.0732 0x0eb4 clr_optimization_v4.0.30319_64 - ok
10:06:18.0783 0x0eb4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:06:18.0784 0x0eb4 CmBatt - ok
10:06:18.0801 0x0eb4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:06:18.0802 0x0eb4 cmdide - ok
10:06:18.0870 0x0eb4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:06:18.0878 0x0eb4 CNG - ok
10:06:18.0895 0x0eb4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:06:18.0896 0x0eb4 Compbatt - ok
10:06:18.0945 0x0eb4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:06:18.0946 0x0eb4 CompositeBus - ok
10:06:18.0955 0x0eb4 COMSysApp - ok
10:06:18.0979 0x0eb4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:06:18.0980 0x0eb4 crcdisk - ok
10:06:19.0030 0x0eb4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:06:19.0033 0x0eb4 CryptSvc - ok
10:06:19.0096 0x0eb4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:06:19.0106 0x0eb4 DcomLaunch - ok
10:06:19.0167 0x0eb4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:06:19.0188 0x0eb4 defragsvc - ok
10:06:19.0238 0x0eb4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:06:19.0241 0x0eb4 DfsC - ok
10:06:19.0275 0x0eb4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:06:19.0283 0x0eb4 Dhcp - ok
10:06:19.0292 0x0eb4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:06:19.0294 0x0eb4 discache - ok
10:06:19.0354 0x0eb4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:06:19.0355 0x0eb4 Disk - ok
10:06:19.0414 0x0eb4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:06:19.0427 0x0eb4 Dnscache - ok
10:06:19.0485 0x0eb4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:06:19.0490 0x0eb4 dot3svc - ok
10:06:19.0562 0x0eb4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:06:19.0577 0x0eb4 DPS - ok
10:06:19.0622 0x0eb4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:06:19.0623 0x0eb4 drmkaud - ok
10:06:19.0681 0x0eb4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:06:19.0705 0x0eb4 DXGKrnl - ok
Code:
ATTFilter 10:06:19.0786 0x0eb4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:06:19.0790 0x0eb4 EapHost - ok
10:06:19.0942 0x0eb4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:06:20.0002 0x0eb4 ebdrv - ok
10:06:20.0064 0x0eb4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
10:06:20.0065 0x0eb4 EFS - ok
10:06:20.0149 0x0eb4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:06:20.0162 0x0eb4 ehRecvr - ok
10:06:20.0227 0x0eb4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:06:20.0229 0x0eb4 ehSched - ok
10:06:20.0258 0x0eb4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:06:20.0267 0x0eb4 elxstor - ok
10:06:20.0320 0x0eb4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:06:20.0321 0x0eb4 ErrDev - ok
10:06:20.0378 0x0eb4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:06:20.0385 0x0eb4 EventSystem - ok
10:06:20.0410 0x0eb4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:06:20.0414 0x0eb4 exfat - ok
10:06:20.0441 0x0eb4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:06:20.0445 0x0eb4 fastfat - ok
10:06:20.0513 0x0eb4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:06:20.0524 0x0eb4 Fax - ok
10:06:20.0541 0x0eb4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:06:20.0542 0x0eb4 fdc - ok
10:06:20.0561 0x0eb4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:06:20.0563 0x0eb4 fdPHost - ok
10:06:20.0577 0x0eb4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:06:20.0578 0x0eb4 FDResPub - ok
10:06:20.0639 0x0eb4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:06:20.0641 0x0eb4 FileInfo - ok
10:06:20.0655 0x0eb4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:06:20.0656 0x0eb4 Filetrace - ok
10:06:20.0671 0x0eb4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:06:20.0672 0x0eb4 flpydisk - ok
10:06:20.0726 0x0eb4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:06:20.0731 0x0eb4 FltMgr - ok
10:06:20.0805 0x0eb4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:06:20.0826 0x0eb4 FontCache - ok
10:06:20.0891 0x0eb4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:06:20.0892 0x0eb4 FontCache3.0.0.0 - ok
10:06:20.0910 0x0eb4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:06:20.0911 0x0eb4 FsDepends - ok
10:06:20.0964 0x0eb4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:06:20.0968 0x0eb4 Fs_Rec - ok
10:06:21.0041 0x0eb4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:06:21.0048 0x0eb4 fvevol - ok
10:06:21.0086 0x0eb4 [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5 C:\Windows\system32\DRIVERS\fwlanusb5.sys
10:06:21.0102 0x0eb4 fwlanusb5 - ok
10:06:21.0124 0x0eb4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:06:21.0125 0x0eb4 gagp30kx - ok
10:06:21.0179 0x0eb4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:06:21.0182 0x0eb4 GEARAspiWDM - ok
10:06:21.0259 0x0eb4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:06:21.0274 0x0eb4 gpsvc - ok
10:06:21.0293 0x0eb4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:06:21.0294 0x0eb4 hcw85cir - ok
10:06:21.0352 0x0eb4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:06:21.0359 0x0eb4 HdAudAddService - ok
10:06:21.0419 0x0eb4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:06:21.0431 0x0eb4 HDAudBus - ok
10:06:21.0450 0x0eb4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:06:21.0453 0x0eb4 HidBatt - ok
10:06:21.0482 0x0eb4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:06:21.0484 0x0eb4 HidBth - ok
10:06:21.0499 0x0eb4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:06:21.0500 0x0eb4 HidIr - ok
10:06:21.0553 0x0eb4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:06:21.0555 0x0eb4 hidserv - ok
10:06:21.0610 0x0eb4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:06:21.0611 0x0eb4 HidUsb - ok
10:06:21.0669 0x0eb4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:06:21.0672 0x0eb4 hkmsvc - ok
10:06:21.0727 0x0eb4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:06:21.0732 0x0eb4 HomeGroupListener - ok
10:06:21.0786 0x0eb4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:06:21.0790 0x0eb4 HomeGroupProvider - ok
10:06:21.0848 0x0eb4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:06:21.0850 0x0eb4 HpSAMD - ok
10:06:21.0919 0x0eb4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:06:21.0932 0x0eb4 HTTP - ok
10:06:21.0986 0x0eb4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:06:21.0987 0x0eb4 hwpolicy - ok
10:06:22.0043 0x0eb4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:06:22.0046 0x0eb4 i8042prt - ok
10:06:22.0123 0x0eb4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:06:22.0137 0x0eb4 iaStorV - ok
10:06:22.0225 0x0eb4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:06:22.0240 0x0eb4 idsvc - ok
10:06:22.0246 0x0eb4 IEEtwCollectorService - ok
10:06:22.0274 0x0eb4 IePluginServices - ok
10:06:22.0320 0x0eb4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:06:22.0321 0x0eb4 iirsp - ok
10:06:22.0390 0x0eb4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:06:22.0405 0x0eb4 IKEEXT - ok
10:06:22.0456 0x0eb4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:06:22.0458 0x0eb4 intelide - ok
10:06:22.0487 0x0eb4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:06:22.0490 0x0eb4 intelppm - ok
10:06:22.0535 0x0eb4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:06:22.0538 0x0eb4 IPBusEnum - ok
10:06:22.0601 0x0eb4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:06:22.0604 0x0eb4 IpFilterDriver - ok
10:06:22.0668 0x0eb4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:06:22.0683 0x0eb4 iphlpsvc - ok
10:06:22.0740 0x0eb4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:06:22.0744 0x0eb4 IPMIDRV - ok
10:06:22.0802 0x0eb4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:06:22.0805 0x0eb4 IPNAT - ok
10:06:22.0901 0x0eb4 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:06:22.0915 0x0eb4 iPod Service - ok
10:06:22.0947 0x0eb4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:06:22.0948 0x0eb4 IRENUM - ok
10:06:23.0118 0x0eb4 [ 433A1606FCC62A99E6848929198A78B1, 76DF83A5F85917BA244674A6234BECF3F9C6FE44C6F8A0B82F08616517C93922 ] iSafeKrnl C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
10:06:23.0122 0x0eb4 iSafeKrnl - ok
10:06:23.0150 0x0eb4 [ AA0E848E069F99936966E03E2C01733F, 5B8F796231C3CF4D0C2D7FC5084F1D27F19D78B6EE9181BB8315D9F8C58B3A6E ] iSafeKrnlBoot C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys
10:06:23.0151 0x0eb4 iSafeKrnlBoot - ok
10:06:23.0175 0x0eb4 [ 95178BB4E3AC2FDE16AFF7A3E4355498, 53544CC3B4E7F5F779BF8F2D77C84836AA66D678DB918456EE3EE277F109B044 ] iSafeKrnlKit C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
10:06:23.0177 0x0eb4 iSafeKrnlKit - ok
10:06:23.0220 0x0eb4 [ 13CB0B41E703E9FBE6386D4549291F83, 313B671DFC4A0C006CA6289E5399C740DF6DAC12204E6FAEDBE4D5219CD12D09 ] iSafeKrnlMon C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
10:06:23.0221 0x0eb4 iSafeKrnlMon - ok
10:06:23.0232 0x0eb4 [ 5260DF59CE11CEE7173CE864C122D9EE, DA8F0C1AE7EC5784B6E40BEB17F77A3FA401A20B94F42206F7AF4C518EF1A6DD ] iSafeKrnlR3 C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
10:06:23.0234 0x0eb4 iSafeKrnlR3 - ok
10:06:23.0251 0x0eb4 [ 8EE84CC87D67CE4DE7AF907CCA559F52, F9E93CA39F300A585A47BB9A2C916772947A0A8289A3A18AB1B2A7D9BE7615BF ] iSafeNetFilter C:\Windows\system32\DRIVERS\iSafeNetFilter.sys
10:06:23.0253 0x0eb4 iSafeNetFilter - ok
10:06:23.0271 0x0eb4 [ 1EC45DC4F84777759EB6620325FCAD89, F354DDDC9B6E84F95016D1648FA4E16BC93600BFFDEB37EACE1B0DFA3DE645A3 ] iSafeService C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
10:06:23.0274 0x0eb4 iSafeService - ok
10:06:23.0321 0x0eb4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:06:23.0321 0x0eb4 isapnp - ok
10:06:23.0388 0x0eb4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:06:23.0393 0x0eb4 iScsiPrt - ok
10:06:23.0409 0x0eb4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:06:23.0410 0x0eb4 kbdclass - ok
10:06:23.0465 0x0eb4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:06:23.0466 0x0eb4 kbdhid - ok
10:06:23.0494 0x0eb4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
10:06:23.0496 0x0eb4 KeyIso - ok
10:06:23.0553 0x0eb4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:06:23.0555 0x0eb4 KSecDD - ok
10:06:23.0619 0x0eb4 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:06:23.0623 0x0eb4 KSecPkg - ok
10:06:23.0670 0x0eb4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:06:23.0671 0x0eb4 ksthunk - ok
10:06:23.0734 0x0eb4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:06:23.0741 0x0eb4 KtmRm - ok
10:06:23.0797 0x0eb4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:06:23.0803 0x0eb4 LanmanServer - ok
10:06:23.0856 0x0eb4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:06:23.0859 0x0eb4 LanmanWorkstation - ok
10:06:23.0875 0x0eb4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:06:23.0876 0x0eb4 lltdio - ok
10:06:23.0930 0x0eb4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:06:23.0945 0x0eb4 lltdsvc - ok
10:06:23.0962 0x0eb4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:06:23.0964 0x0eb4 lmhosts - ok
10:06:23.0995 0x0eb4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:06:23.0997 0x0eb4 LSI_FC - ok
10:06:24.0028 0x0eb4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:06:24.0030 0x0eb4 LSI_SAS - ok
10:06:24.0060 0x0eb4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:06:24.0061 0x0eb4 LSI_SAS2 - ok
10:06:24.0074 0x0eb4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:06:24.0076 0x0eb4 LSI_SCSI - ok
10:06:24.0144 0x0eb4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:06:24.0146 0x0eb4 luafv - ok
10:06:24.0202 0x0eb4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:06:24.0205 0x0eb4 Mcx2Svc - ok
10:06:24.0221 0x0eb4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:06:24.0222 0x0eb4 megasas - ok
10:06:24.0242 0x0eb4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:06:24.0247 0x0eb4 MegaSR - ok
10:06:24.0301 0x0eb4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:06:24.0303 0x0eb4 MMCSS - ok
10:06:24.0326 0x0eb4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:06:24.0327 0x0eb4 Modem - ok
10:06:24.0346 0x0eb4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:06:24.0346 0x0eb4 monitor - ok
10:06:24.0361 0x0eb4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:06:24.0362 0x0eb4 mouclass - ok
10:06:24.0377 0x0eb4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:06:24.0378 0x0eb4 mouhid - ok
10:06:24.0424 0x0eb4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:06:24.0427 0x0eb4 mountmgr - ok
10:06:24.0529 0x0eb4 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:06:24.0531 0x0eb4 MozillaMaintenance - ok
10:06:24.0594 0x0eb4 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:06:24.0599 0x0eb4 MpFilter - ok
10:06:24.0652 0x0eb4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:06:24.0655 0x0eb4 mpio - ok
10:06:24.0671 0x0eb4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:06:24.0673 0x0eb4 mpsdrv - ok
10:06:24.0742 0x0eb4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:06:24.0757 0x0eb4 MpsSvc - ok
10:06:24.0829 0x0eb4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:06:24.0833 0x0eb4 MRxDAV - ok
10:06:24.0895 0x0eb4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:06:24.0900 0x0eb4 mrxsmb - ok
10:06:24.0919 0x0eb4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:06:24.0924 0x0eb4 mrxsmb10 - ok
10:06:24.0937 0x0eb4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:06:24.0939 0x0eb4 mrxsmb20 - ok
10:06:24.0989 0x0eb4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:06:24.0990 0x0eb4 msahci - ok
10:06:25.0049 0x0eb4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:06:25.0052 0x0eb4 msdsm - ok
10:06:25.0110 0x0eb4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:06:25.0114 0x0eb4 MSDTC - ok
10:06:25.0170 0x0eb4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:06:25.0171 0x0eb4 Msfs - ok
10:06:25.0183 0x0eb4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:06:25.0184 0x0eb4 mshidkmdf - ok
10:06:25.0233 0x0eb4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:06:25.0234 0x0eb4 msisadrv - ok
10:06:25.0297 0x0eb4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:06:25.0309 0x0eb4 MSiSCSI - ok
10:06:25.0316 0x0eb4 msiserver - ok
10:06:25.0335 0x0eb4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:06:25.0336 0x0eb4 MSKSSRV - ok
10:06:25.0407 0x0eb4 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:06:25.0409 0x0eb4 MsMpSvc - ok
10:06:25.0424 0x0eb4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:06:25.0424 0x0eb4 MSPCLOCK - ok
10:06:25.0435 0x0eb4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:06:25.0435 0x0eb4 MSPQM - ok
10:06:25.0495 0x0eb4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:06:25.0501 0x0eb4 MsRPC - ok
10:06:25.0555 0x0eb4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:06:25.0556 0x0eb4 mssmbios - ok
10:06:25.0571 0x0eb4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:06:25.0571 0x0eb4 MSTEE - ok
10:06:25.0634 0x0eb4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:06:25.0636 0x0eb4 MTConfig - ok
10:06:25.0666 0x0eb4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:06:25.0669 0x0eb4 Mup - ok
10:06:25.0695 0x0eb4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:06:25.0705 0x0eb4 napagent - ok
10:06:25.0722 0x0eb4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:06:25.0728 0x0eb4 NativeWifiP - ok
10:06:25.0804 0x0eb4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:06:25.0822 0x0eb4 NDIS - ok
10:06:25.0846 0x0eb4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:06:25.0847 0x0eb4 NdisCap - ok
10:06:25.0867 0x0eb4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:06:25.0868 0x0eb4 NdisTapi - ok
10:06:25.0918 0x0eb4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:06:25.0919 0x0eb4 Ndisuio - ok
10:06:25.0972 0x0eb4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:06:25.0975 0x0eb4 NdisWan - ok
10:06:26.0028 0x0eb4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:06:26.0030 0x0eb4 NDProxy - ok
10:06:26.0035 0x0eb4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:06:26.0037 0x0eb4 NetBIOS - ok
10:06:26.0086 0x0eb4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:06:26.0090 0x0eb4 NetBT - ok
10:06:26.0111 0x0eb4 [ 9E34BF0784E087F7366DBD2BDA01C8EB, 299B4D9DFFC409FDC8AB8678190164E286D16A93F8FEBCE1DA649D2F748A0D1D ] netfilter64 C:\Windows\system32\drivers\netfilter64.sys
10:06:26.0112 0x0eb4 netfilter64 - ok
10:06:26.0125 0x0eb4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
10:06:26.0127 0x0eb4 Netlogon - ok
10:06:26.0184 0x0eb4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:06:26.0191 0x0eb4 Netman - ok
10:06:26.0242 0x0eb4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0244 0x0eb4 NetMsmqActivator - ok
10:06:26.0250 0x0eb4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0253 0x0eb4 NetPipeActivator - ok
10:06:26.0275 0x0eb4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:06:26.0284 0x0eb4 netprofm - ok
10:06:26.0291 0x0eb4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0295 0x0eb4 NetTcpActivator - ok
10:06:26.0302 0x0eb4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0304 0x0eb4 NetTcpPortSharing - ok
10:06:26.0320 0x0eb4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:06:26.0321 0x0eb4 nfrd960 - ok
10:06:26.0375 0x0eb4 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:06:26.0378 0x0eb4 NisDrv - ok
10:06:26.0431 0x0eb4 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:06:26.0437 0x0eb4 NisSrv - ok
10:06:26.0493 0x0eb4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:06:26.0499 0x0eb4 NlaSvc - ok
10:06:26.0507 0x0eb4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:06:26.0509 0x0eb4 Npfs - ok
10:06:26.0561 0x0eb4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:06:26.0564 0x0eb4 nsi - ok
10:06:26.0610 0x0eb4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:06:26.0611 0x0eb4 nsiproxy - ok
10:06:26.0721 0x0eb4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:06:26.0754 0x0eb4 Ntfs - ok
10:06:26.0786 0x0eb4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:06:26.0787 0x0eb4 Null - ok
10:06:26.0806 0x0eb4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:06:26.0810 0x0eb4 nvraid - ok
10:06:26.0869 0x0eb4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:06:26.0872 0x0eb4 nvstor - ok
10:06:26.0920 0x0eb4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:06:26.0922 0x0eb4 nv_agp - ok
10:06:26.0976 0x0eb4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:06:26.0977 0x0eb4 ohci1394 - ok
10:06:27.0046 0x0eb4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:06:27.0057 0x0eb4 p2pimsvc - ok
10:06:27.0079 0x0eb4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:06:27.0087 0x0eb4 p2psvc - ok
10:06:27.0136 0x0eb4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:06:27.0138 0x0eb4 Parport - ok
Code:
ATTFilter 10:06:27.0187 0x0eb4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:06:27.0189 0x0eb4 partmgr - ok
10:06:27.0204 0x0eb4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:06:27.0209 0x0eb4 PcaSvc - ok
10:06:27.0223 0x0eb4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:06:27.0227 0x0eb4 pci - ok
10:06:27.0283 0x0eb4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:06:27.0283 0x0eb4 pciide - ok
10:06:27.0311 0x0eb4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:06:27.0315 0x0eb4 pcmcia - ok
10:06:27.0333 0x0eb4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:06:27.0334 0x0eb4 pcw - ok
10:06:27.0365 0x0eb4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:06:27.0376 0x0eb4 PEAUTH - ok
10:06:27.0464 0x0eb4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:06:27.0465 0x0eb4 PerfHost - ok
10:06:27.0548 0x0eb4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:06:27.0576 0x0eb4 pla - ok
10:06:27.0651 0x0eb4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:06:27.0659 0x0eb4 PlugPlay - ok
10:06:27.0714 0x0eb4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:06:27.0720 0x0eb4 PNRPAutoReg - ok
10:06:27.0751 0x0eb4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:06:27.0762 0x0eb4 PNRPsvc - ok
10:06:27.0822 0x0eb4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:06:27.0831 0x0eb4 PolicyAgent - ok
10:06:27.0895 0x0eb4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:06:27.0899 0x0eb4 Power - ok
10:06:27.0946 0x0eb4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:06:27.0954 0x0eb4 PptpMiniport - ok
10:06:28.0011 0x0eb4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:06:28.0014 0x0eb4 Processor - ok
10:06:28.0069 0x0eb4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:06:28.0073 0x0eb4 ProfSvc - ok
10:06:28.0089 0x0eb4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:06:28.0091 0x0eb4 ProtectedStorage - ok
10:06:28.0144 0x0eb4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:06:28.0146 0x0eb4 Psched - ok
10:06:28.0205 0x0eb4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:06:28.0232 0x0eb4 ql2300 - ok
10:06:28.0254 0x0eb4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:06:28.0256 0x0eb4 ql40xx - ok
10:06:28.0310 0x0eb4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:06:28.0316 0x0eb4 QWAVE - ok
10:06:28.0330 0x0eb4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:06:28.0331 0x0eb4 QWAVEdrv - ok
10:06:28.0342 0x0eb4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:06:28.0342 0x0eb4 RasAcd - ok
10:06:28.0391 0x0eb4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:06:28.0392 0x0eb4 RasAgileVpn - ok
10:06:28.0403 0x0eb4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:06:28.0406 0x0eb4 RasAuto - ok
10:06:28.0461 0x0eb4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:06:28.0464 0x0eb4 Rasl2tp - ok
10:06:28.0482 0x0eb4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:06:28.0489 0x0eb4 RasMan - ok
10:06:28.0499 0x0eb4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:06:28.0501 0x0eb4 RasPppoe - ok
10:06:28.0509 0x0eb4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:06:28.0511 0x0eb4 RasSstp - ok
10:06:28.0581 0x0eb4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:06:28.0589 0x0eb4 rdbss - ok
10:06:28.0622 0x0eb4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:06:28.0623 0x0eb4 rdpbus - ok
10:06:28.0639 0x0eb4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:06:28.0640 0x0eb4 RDPCDD - ok
10:06:28.0665 0x0eb4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:06:28.0665 0x0eb4 RDPENCDD - ok
10:06:28.0683 0x0eb4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:06:28.0684 0x0eb4 RDPREFMP - ok
10:06:28.0765 0x0eb4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:06:28.0765 0x0eb4 RdpVideoMiniport - ok
10:06:28.0821 0x0eb4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:06:28.0824 0x0eb4 RDPWD - ok
10:06:28.0877 0x0eb4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:06:28.0881 0x0eb4 rdyboost - ok
10:06:28.0925 0x0eb4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:06:28.0927 0x0eb4 RemoteAccess - ok
10:06:28.0981 0x0eb4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:06:28.0985 0x0eb4 RemoteRegistry - ok
10:06:28.0994 0x0eb4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:06:28.0996 0x0eb4 RpcEptMapper - ok
10:06:29.0049 0x0eb4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:06:29.0050 0x0eb4 RpcLocator - ok
10:06:29.0111 0x0eb4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:06:29.0121 0x0eb4 RpcSs - ok
10:06:29.0171 0x0eb4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:06:29.0173 0x0eb4 rspndr - ok
10:06:29.0211 0x0eb4 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:06:29.0220 0x0eb4 RTL8167 - ok
10:06:29.0230 0x0eb4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
10:06:29.0231 0x0eb4 SamSs - ok
10:06:29.0277 0x0eb4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:06:29.0280 0x0eb4 sbp2port - ok
10:06:29.0334 0x0eb4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:06:29.0338 0x0eb4 SCardSvr - ok
10:06:29.0386 0x0eb4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:06:29.0387 0x0eb4 scfilter - ok
10:06:29.0484 0x0eb4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:06:29.0508 0x0eb4 Schedule - ok
10:06:29.0563 0x0eb4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:06:29.0565 0x0eb4 SCPolicySvc - ok
10:06:29.0618 0x0eb4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:06:29.0622 0x0eb4 SDRSVC - ok
10:06:29.0672 0x0eb4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:06:29.0673 0x0eb4 secdrv - ok
10:06:29.0687 0x0eb4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:06:29.0689 0x0eb4 seclogon - ok
10:06:29.0746 0x0eb4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:06:29.0748 0x0eb4 SENS - ok
10:06:29.0767 0x0eb4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:06:29.0769 0x0eb4 SensrSvc - ok
10:06:29.0782 0x0eb4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:06:29.0783 0x0eb4 Serenum - ok
10:06:29.0794 0x0eb4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:06:29.0796 0x0eb4 Serial - ok
10:06:29.0848 0x0eb4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:06:29.0849 0x0eb4 sermouse - ok
10:06:29.0916 0x0eb4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:06:29.0920 0x0eb4 SessionEnv - ok
10:06:29.0967 0x0eb4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:06:29.0968 0x0eb4 sffdisk - ok
10:06:30.0016 0x0eb4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:06:30.0017 0x0eb4 sffp_mmc - ok
10:06:30.0072 0x0eb4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:06:30.0073 0x0eb4 sffp_sd - ok
10:06:30.0124 0x0eb4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:06:30.0125 0x0eb4 sfloppy - ok
10:06:30.0200 0x0eb4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:06:30.0207 0x0eb4 SharedAccess - ok
10:06:30.0230 0x0eb4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:06:30.0238 0x0eb4 ShellHWDetection - ok
10:06:30.0250 0x0eb4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:06:30.0251 0x0eb4 SiSRaid2 - ok
10:06:30.0268 0x0eb4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:06:30.0270 0x0eb4 SiSRaid4 - ok
10:06:30.0288 0x0eb4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:06:30.0290 0x0eb4 Smb - ok
10:06:30.0344 0x0eb4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:06:30.0346 0x0eb4 SNMPTRAP - ok
10:06:30.0364 0x0eb4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:06:30.0367 0x0eb4 spldr - ok
10:06:30.0433 0x0eb4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:06:30.0444 0x0eb4 Spooler - ok
10:06:30.0589 0x0eb4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:06:30.0651 0x0eb4 sppsvc - ok
10:06:30.0683 0x0eb4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:06:30.0685 0x0eb4 sppuinotify - ok
10:06:30.0749 0x0eb4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:06:30.0758 0x0eb4 srv - ok
10:06:30.0822 0x0eb4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:06:30.0830 0x0eb4 srv2 - ok
10:06:30.0885 0x0eb4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:06:30.0888 0x0eb4 srvnet - ok
10:06:30.0904 0x0eb4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:06:30.0908 0x0eb4 SSDPSRV - ok
10:06:30.0914 0x0eb4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:06:30.0918 0x0eb4 SstpSvc - ok
10:06:30.0966 0x0eb4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:06:30.0967 0x0eb4 stexstor - ok
10:06:31.0036 0x0eb4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:06:31.0047 0x0eb4 stisvc - ok
10:06:31.0082 0x0eb4 [ 1A6636D0E7E38CEB2B6B2E00AC17A4AF, 6649E824E6C0CD3FAC84BB395A340170807068A290E6F2A1CE84CB803FD684C9 ] SupraSavingsService64 C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
10:06:31.0085 0x0eb4 SupraSavingsService64 - ok
10:06:31.0131 0x0eb4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:06:31.0132 0x0eb4 swenum - ok
10:06:31.0200 0x0eb4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:06:31.0214 0x0eb4 swprv - ok
10:06:31.0304 0x0eb4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:06:31.0337 0x0eb4 SysMain - ok
Code:
ATTFilter 10:06:31.0358 0x0eb4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:06:31.0361 0x0eb4 TabletInputService - ok
10:06:31.0383 0x0eb4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:06:31.0389 0x0eb4 TapiSrv - ok
10:06:31.0404 0x0eb4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:06:31.0407 0x0eb4 TBS - ok
10:06:31.0525 0x0eb4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:06:31.0562 0x0eb4 Tcpip - ok
10:06:31.0632 0x0eb4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:06:31.0665 0x0eb4 TCPIP6 - ok
10:06:31.0724 0x0eb4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:06:31.0725 0x0eb4 tcpipreg - ok
10:06:31.0776 0x0eb4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:06:31.0777 0x0eb4 TDPIPE - ok
10:06:31.0800 0x0eb4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:06:31.0801 0x0eb4 TDTCP - ok
10:06:31.0851 0x0eb4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:06:31.0854 0x0eb4 tdx - ok
10:06:31.0917 0x0eb4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:06:31.0926 0x0eb4 TermDD - ok
10:06:32.0001 0x0eb4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:06:32.0023 0x0eb4 TermService - ok
10:06:32.0074 0x0eb4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:06:32.0077 0x0eb4 Themes - ok
10:06:32.0126 0x0eb4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:06:32.0129 0x0eb4 THREADORDER - ok
10:06:32.0140 0x0eb4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:06:32.0143 0x0eb4 TrkWks - ok
10:06:32.0215 0x0eb4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:06:32.0219 0x0eb4 TrustedInstaller - ok
10:06:32.0269 0x0eb4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:06:32.0273 0x0eb4 tssecsrv - ok
10:06:32.0325 0x0eb4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:06:32.0327 0x0eb4 TsUsbFlt - ok
10:06:32.0382 0x0eb4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:06:32.0386 0x0eb4 tunnel - ok
10:06:32.0435 0x0eb4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:06:32.0437 0x0eb4 uagp35 - ok
10:06:32.0462 0x0eb4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:06:32.0471 0x0eb4 udfs - ok
10:06:32.0535 0x0eb4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:06:32.0537 0x0eb4 UI0Detect - ok
10:06:32.0555 0x0eb4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:06:32.0556 0x0eb4 uliagpkx - ok
10:06:32.0610 0x0eb4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:06:32.0612 0x0eb4 umbus - ok
10:06:32.0631 0x0eb4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:06:32.0631 0x0eb4 UmPass - ok
10:06:32.0635 0x0eb4 Update EnterDigital - ok
10:06:32.0657 0x0eb4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:06:32.0665 0x0eb4 upnphost - ok
10:06:32.0710 0x0eb4 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:06:32.0711 0x0eb4 USBAAPL64 - ok
10:06:32.0762 0x0eb4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:06:32.0764 0x0eb4 usbccgp - ok
10:06:32.0794 0x0eb4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:06:32.0796 0x0eb4 usbcir - ok
10:06:32.0814 0x0eb4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:06:32.0816 0x0eb4 usbehci - ok
10:06:32.0836 0x0eb4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:06:32.0842 0x0eb4 usbhub - ok
10:06:32.0852 0x0eb4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:06:32.0853 0x0eb4 usbohci - ok
10:06:32.0925 0x0eb4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:06:32.0927 0x0eb4 usbprint - ok
10:06:32.0981 0x0eb4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:06:32.0983 0x0eb4 USBSTOR - ok
10:06:32.0999 0x0eb4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:06:33.0000 0x0eb4 usbuhci - ok
10:06:33.0052 0x0eb4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:06:33.0054 0x0eb4 UxSms - ok
10:06:33.0067 0x0eb4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
10:06:33.0069 0x0eb4 VaultSvc - ok
10:06:33.0078 0x0eb4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:06:33.0079 0x0eb4 vdrvroot - ok
10:06:33.0136 0x0eb4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:06:33.0147 0x0eb4 vds - ok
10:06:33.0206 0x0eb4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:06:33.0207 0x0eb4 vga - ok
10:06:33.0221 0x0eb4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:06:33.0222 0x0eb4 VgaSave - ok
10:06:33.0276 0x0eb4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:06:33.0280 0x0eb4 vhdmp - ok
10:06:33.0330 0x0eb4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:06:33.0330 0x0eb4 viaide - ok
10:06:33.0342 0x0eb4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:06:33.0343 0x0eb4 volmgr - ok
10:06:33.0398 0x0eb4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:06:33.0405 0x0eb4 volmgrx - ok
10:06:33.0462 0x0eb4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:06:33.0467 0x0eb4 volsnap - ok
10:06:33.0517 0x0eb4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:06:33.0520 0x0eb4 vsmraid - ok
10:06:33.0623 0x0eb4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:06:33.0651 0x0eb4 VSS - ok
10:06:33.0664 0x0eb4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:06:33.0665 0x0eb4 vwifibus - ok
10:06:33.0681 0x0eb4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:06:33.0682 0x0eb4 vwififlt - ok
10:06:33.0746 0x0eb4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:06:33.0754 0x0eb4 W32Time - ok
10:06:33.0777 0x0eb4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:06:33.0778 0x0eb4 WacomPen - ok
10:06:33.0828 0x0eb4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:06:33.0830 0x0eb4 WANARP - ok
10:06:33.0836 0x0eb4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:06:33.0838 0x0eb4 Wanarpv6 - ok
10:06:33.0882 0x0eb4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:06:33.0909 0x0eb4 wbengine - ok
10:06:33.0924 0x0eb4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:06:33.0928 0x0eb4 WbioSrvc - ok
10:06:33.0980 0x0eb4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:06:33.0987 0x0eb4 wcncsvc - ok
10:06:33.0999 0x0eb4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:06:34.0001 0x0eb4 WcsPlugInService - ok
10:06:34.0045 0x0eb4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:06:34.0046 0x0eb4 Wd - ok
10:06:34.0135 0x0eb4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:06:34.0152 0x0eb4 Wdf01000 - ok
10:06:34.0169 0x0eb4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:06:34.0172 0x0eb4 WdiServiceHost - ok
10:06:34.0178 0x0eb4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:06:34.0181 0x0eb4 WdiSystemHost - ok
10:06:34.0238 0x0eb4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:06:34.0243 0x0eb4 WebClient - ok
10:06:34.0260 0x0eb4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:06:34.0265 0x0eb4 Wecsvc - ok
10:06:34.0281 0x0eb4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:06:34.0284 0x0eb4 wercplsupport - ok
10:06:34.0295 0x0eb4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:06:34.0298 0x0eb4 WerSvc - ok
10:06:34.0349 0x0eb4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:06:34.0350 0x0eb4 WfpLwf - ok
10:06:34.0367 0x0eb4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:06:34.0368 0x0eb4 WIMMount - ok
10:06:34.0397 0x0eb4 WinDefend - ok
10:06:34.0418 0x0eb4 WindowsMangerProtect - ok
10:06:34.0422 0x0eb4 WinHttpAutoProxySvc - ok
10:06:34.0499 0x0eb4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:06:34.0507 0x0eb4 Winmgmt - ok
10:06:34.0599 0x0eb4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:06:34.0635 0x0eb4 WinRM - ok
10:06:34.0670 0x0eb4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:06:34.0672 0x0eb4 WinUsb - ok
10:06:34.0748 0x0eb4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:06:34.0765 0x0eb4 Wlansvc - ok
10:06:34.0852 0x0eb4 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:06:34.0890 0x0eb4 wlidsvc - ok
10:06:34.0946 0x0eb4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:06:34.0947 0x0eb4 WmiAcpi - ok
10:06:35.0003 0x0eb4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:06:35.0007 0x0eb4 wmiApSrv - ok
10:06:35.0025 0x0eb4 WMPNetworkSvc - ok
10:06:35.0078 0x0eb4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:06:35.0079 0x0eb4 WPCSvc - ok
10:06:35.0135 0x0eb4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:06:35.0138 0x0eb4 WPDBusEnum - ok
10:06:35.0191 0x0eb4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:06:35.0192 0x0eb4 ws2ifsl - ok
10:06:35.0203 0x0eb4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:06:35.0207 0x0eb4 wscsvc - ok
10:06:35.0212 0x0eb4 WSearch - ok
10:06:35.0325 0x0eb4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
10:06:35.0369 0x0eb4 wuauserv - ok
10:06:35.0428 0x0eb4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:06:35.0429 0x0eb4 WudfPf - ok
10:06:35.0444 0x0eb4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:06:35.0448 0x0eb4 WUDFRd - ok
10:06:35.0501 0x0eb4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:06:35.0504 0x0eb4 wudfsvc - ok
10:06:35.0563 0x0eb4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:06:35.0568 0x0eb4 WwanSvc - ok
10:06:35.0585 0x0eb4 ================ Scan global ===============================
10:06:35.0598 0x0eb4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:06:35.0652 0x0eb4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:06:35.0664 0x0eb4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:06:35.0712 0x0eb4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:06:35.0766 0x0eb4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:06:35.0773 0x0eb4 [ Global ] - ok
10:06:35.0773 0x0eb4 ================ Scan MBR ==================================
10:06:35.0779 0x0eb4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:06:35.0998 0x0eb4 \Device\Harddisk0\DR0 - ok
10:06:35.0998 0x0eb4 ================ Scan VBR ==================================
10:06:36.0001 0x0eb4 [ 165AFBE9DB6734817E9C60ECB340A5CA ] \Device\Harddisk0\DR0\Partition1
10:06:36.0003 0x0eb4 \Device\Harddisk0\DR0\Partition1 - ok
10:06:36.0007 0x0eb4 [ F2393307D2C6853D77840921D21F94C8 ] \Device\Harddisk0\DR0\Partition2
10:06:36.0009 0x0eb4 \Device\Harddisk0\DR0\Partition2 - ok
10:06:36.0009 0x0eb4 ================ Scan generic autorun ======================
10:06:36.0166 0x0eb4 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:06:36.0188 0x0eb4 MSC - ok
10:06:36.0228 0x0eb4 [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
10:06:36.0243 0x0eb4 AVMWlanClient - ok
10:06:36.0315 0x0eb4 [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:06:36.0323 0x0eb4 SunJavaUpdateSched - ok
10:06:36.0429 0x0eb4 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:06:36.0432 0x0eb4 iTunesHelper - ok
10:06:36.0496 0x0eb4 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:06:36.0503 0x0eb4 QuickTime Task - ok
10:06:36.0597 0x0eb4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:06:36.0618 0x0eb4 Sidebar - ok
10:06:36.0668 0x0eb4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:06:36.0671 0x0eb4 mctadmin - ok
10:06:36.0713 0x0eb4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:06:36.0731 0x0eb4 Sidebar - ok
10:06:36.0740 0x0eb4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:06:36.0743 0x0eb4 mctadmin - ok
10:06:36.0748 0x0eb4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:06:36.0752 0x0eb4 Win FW state via NFP2: enabled
10:06:36.0753 0x0eb4 ============================================================
10:06:36.0753 0x0eb4 Scan finished
10:06:36.0753 0x0eb4 ============================================================
10:06:36.0764 0x1254 Detected object count: 0
10:06:36.0764 0x1254 Actual detected object count: 0
|
|
01.02.2015, 15:38
| #8 |
| /// the machine /// TB-Ausbilder | Trojaner/Viren Infizierung per Post von der Telekom hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.02.2015, 17:58
| #9 |
| | Trojaner/Viren Infizierung per Post von der TelekomCode:
ATTFilter ComboFix 15-01-29.01 - Sandra Weilnau 01.02.2015 17:42:36.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3839.1752 [GMT 1:00]
ausgeführt von:: c:\users\Sandra Weilnau\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-01-01 bis 2015-02-01 ))))))))))))))))))))))))))))))
.
.
2015-02-01 16:48 . 2015-02-01 16:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-01 16:46 . 2015-02-01 16:46 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A362C864-7E53-4881-B191-6EF7FA65D41E}\offreg.dll
2015-02-01 16:36 . 2015-02-01 16:36 -------- d-s---w- c:\windows\SysWow64\Microsoft
2015-02-01 11:34 . 2015-02-01 11:37 -------- d-----w- C:\AdwCleaner
2015-02-01 10:36 . 2015-02-01 10:36 -------- d-----w- c:\program files (x86)\GUMD135.tmp
2015-02-01 10:36 . 2015-02-01 10:36 6000640 ----a-w- c:\program files (x86)\GUTD136.tmp
2015-02-01 10:34 . 2015-02-01 10:34 -------- d-----w- c:\users\Sandra Weilnau\AppData\Roaming\AVAST Software
2015-02-01 10:32 . 2015-02-01 10:32 -------- d-----w- c:\windows\SysWow64\vbox
2015-02-01 10:32 . 2015-02-01 10:32 -------- d-----w- c:\windows\system32\vbox
2015-02-01 10:31 . 2015-02-01 10:40 -------- d-----w- c:\program files\Google
2015-02-01 10:28 . 2015-02-01 10:28 43152 ----a-w- c:\windows\avastSS.scr
2015-02-01 10:27 . 2015-02-01 10:27 -------- d-----w- c:\program files\AVAST Software
2015-02-01 10:26 . 2015-02-01 10:27 -------- d-----w- c:\programdata\AVAST Software
2015-02-01 08:37 . 2015-02-01 08:37 -------- d-----w- c:\programdata\Malwarebytes
2015-02-01 08:37 . 2015-02-01 08:54 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-02-01 08:37 . 2015-02-01 08:37 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-01 08:36 . 2015-02-01 08:36 97496 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-02-01 08:28 . 2015-02-01 08:28 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-01-31 15:59 . 2015-01-31 16:01 -------- d-----w- C:\FRST
2015-01-18 13:24 . 2015-01-18 13:25 -------- d-----w- c:\program files (x86)\Safari
2015-01-18 13:22 . 2015-01-18 13:22 -------- d-----w- c:\users\Sandra Weilnau\AppData\Local\Macromedia
2015-01-18 13:21 . 2015-01-18 13:21 -------- d-----w- c:\users\Sandra Weilnau\AppData\Local\Mozilla
2015-01-18 13:20 . 2015-01-27 13:06 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-01-16 11:25 . 2015-02-01 11:37 -------- d-----w- c:\windows\system32\log
2015-01-14 14:20 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-14 14:19 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-01-14 14:19 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-14 14:19 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-01-14 14:19 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2015-01-14 14:19 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-14 14:19 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-14 14:19 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-14 14:19 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-14 14:19 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
2015-01-14 14:19 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
2015-01-14 14:19 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-01-14 14:19 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-01 14:34 . 2014-11-13 14:33 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-01-26 09:22 . 2014-06-10 18:24 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-26 09:22 . 2014-06-10 18:24 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-14 16:21 . 2014-06-13 17:27 113365784 ----a-w- c:\windows\system32\MRT.exe
2014-12-31 11:14 . 2014-06-10 18:16 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 05:09 . 2014-12-18 11:33 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 11:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-10 21:09 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-10 21:09 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-10 21:09 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-10 21:09 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-10 21:09 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-10 21:09 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-10 21:09 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-10 21:09 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-10 21:15 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-10 21:15 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 21:15 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 21:15 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 21:15 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 21:15 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 21:15 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 21:15 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 21:15 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 21:15 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 21:15 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 21:15 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 21:15 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 21:15 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 21:15 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 21:15 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 21:15 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 21:15 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 21:15 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 21:15 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 21:15 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 21:15 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 21:15 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 21:15 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 21:15 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 21:15 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 21:15 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 21:15 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 21:15 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 21:15 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 21:15 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 21:15 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 21:15 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 21:15 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 21:15 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 21:15 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 21:15 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 21:15 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 21:15 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 21:15 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-11 03:09 . 2014-12-10 21:03 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 06:14 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 06:14 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 21:03 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 06:14 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 06:14 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-10 21:03 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-10 20:58 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-10 20:58 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
Code:
ATTFilter .
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\FRITZWLANMini.exe" [2012-08-21 933888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - aswHwid
*Deregistered* - aswStm
*Deregistered* - VBoxAswDrv
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-10 09:22]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.search.selectedEngine - Yahoo! (Avast)
FF - prefs.js: browser.startup.homepage - hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
Code:
ATTFilter .
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-02-01 17:51:07
ComboFix-quarantined-files.txt 2015-02-01 16:51
.
Vor Suchlauf: 16 Verzeichnis(se), 87.992.991.744 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 87.831.400.448 Bytes frei
.
- - End Of File - - 91673C09C779AD67289C876999A82261
A36C5E4F47E84449FF07ED3517B43A31
Da ich ja nicht wirklich verstehe was das alles bedeutet..... Hatte ich was drauf? Und viel wichtiger - ist es jetzt weg? |
|
01.02.2015, 19:45
| #10 |
| /// the machine /// TB-Ausbilder | Trojaner/Viren Infizierung per Post von der Telekom Ja, aber nur Adware. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.02.2015, 21:14
| #11 |
| | Trojaner/Viren Infizierung per Post von der TelekomCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 01.02.2015 Suchlauf-Zeit: 20:21:58 Logdatei: Malware.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.02.01.06 Rootkit Datenbank: v2015.01.14.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Sandra Weilnau Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 345342 Verstrichene Zeit: 16 Min, 38 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.EnterDigital.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update EnterDigital, In Quarantäne, [b397041505853ff73007d2361aeb8779], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 3 PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [5febfd1cdfabd2641bc44fee55ab2ad6], PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [da701900aae01125d33e7203bf46b24e], PUP.Optional.QuickSideBar.A, C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ainbkicbloikcngphmjfpjdemblcojdd_0.localstorage, In Quarantäne, [50fa1ffa3c4e2016afb69513d72cce32], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.109 - Bericht erstellt am 01/02/2015 um 20:48:13
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sandra Weilnau - SANDRAWEILNAU
# Gestartet von : C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0.1 (x86 de)
-\\ Google Chrome v
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [8272 octets] - [01/02/2015 12:34:50]
AdwCleaner[R1].txt - [775 octets] - [01/02/2015 20:48:13]
AdwCleaner[S0].txt - [7264 octets] - [01/02/2015 12:37:25]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [894 octets] ##########
Code:
ATTFilter # AdwCleaner v4.109 - Bericht erstellt am 01/02/2015 um 20:50:16
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sandra Weilnau - SANDRAWEILNAU
# Gestartet von : C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0.1 (x86 de)
-\\ Google Chrome v
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [8272 octets] - [01/02/2015 12:34:50]
AdwCleaner[R1].txt - [973 octets] - [01/02/2015 20:48:13]
AdwCleaner[S0].txt - [7264 octets] - [01/02/2015 12:37:25]
AdwCleaner[S1].txt - [895 octets] - [01/02/2015 20:50:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [954 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sandra Weilnau on 01.02.2015 at 20:57:54,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update sizlsearch
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Sandra Weilnau\AppData\Roaming\mozilla\firefox\profiles\4qsoxp54.default\minidumps [7 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.02.2015 at 21:03:21,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015 Ran by Sandra Weilnau (administrator) on SANDRAWEILNAU on 01-02-2015 21:07:17 Running from C:\Users\Sandra Weilnau\Downloads Loaded Profiles: Sandra Weilnau (Available profiles: Sandra Weilnau) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-01] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) CHR HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search FF SearchEngineOrder.1: Yahoo! (Avast) FF SelectedSearchEngine: Yahoo! (Avast) FF Homepage: https://de.yahoo.com/?fr=hp-avast&type=avastbcl FF Keyword.URL: https://de.search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-338094041-3377201104-4203914905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sandra Weilnau\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\searchplugins\yahoo-avast.xml FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-01] Chrome: ======= CHR Profile: C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12] CHR Extension: (Google Drive) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12] CHR Extension: (YouTube) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12] CHR Extension: (Google Search) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12] CHR Extension: (Google Wallet) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26] CHR Extension: (Gmail) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-01] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\Sandra Weilnau\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-01] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-01] (Avast Software) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-01] () S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin) R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-01] (Avast Software) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-01 21:07 - 2015-02-01 21:07 - 00012669 _____ () C:\Users\Sandra Weilnau\Downloads\FRST.txt 2015-02-01 21:06 - 2015-02-01 21:07 - 02131456 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64.exe 2015-02-01 21:03 - 2015-02-01 21:03 - 00000947 _____ () C:\Users\Sandra Weilnau\Desktop\JRT.txt 2015-02-01 20:57 - 2015-02-01 20:57 - 01707939 _____ (Thisisu) C:\Users\Sandra Weilnau\Downloads\JRT.exe 2015-02-01 20:57 - 2015-02-01 20:57 - 00000000 ____D () C:\Windows\ERUNT 2015-02-01 20:47 - 2015-02-01 20:47 - 02194432 _____ () C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe 2015-02-01 20:45 - 2015-02-01 20:45 - 00001715 _____ () C:\Malware.txt 2015-02-01 20:20 - 2015-02-01 20:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-01 20:20 - 2015-02-01 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-01 20:19 - 2015-02-01 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-01 20:19 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-02-01 20:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-02-01 20:18 - 2015-02-01 20:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sandra Weilnau\Downloads\mbam-setup-2.0.4.1028.exe 2015-02-01 18:55 - 2015-02-01 18:55 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-55-04.001-aswFe.exe-4204.log 2015-02-01 18:54 - 2015-02-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-54-58.096-AvastVBoxSVC.exe-4300.log 2015-02-01 18:49 - 2015-02-01 18:49 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-49-30.015-aswFe.exe-4584.log 2015-02-01 18:49 - 2015-02-01 18:49 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-49-24.003-AvastVBoxSVC.exe-4696.log 2015-02-01 18:32 - 2015-02-01 18:32 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-02-01 18:31 - 2015-02-01 18:31 - 14107296 _____ (Microsoft Corporation) C:\Users\Sandra Weilnau\Downloads\mseinstall.exe 2015-02-01 18:26 - 2015-02-01 18:26 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-26-37.049-aswFe.exe-204.log 2015-02-01 18:23 - 2015-02-01 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-23-53.033-aswFe.exe-1664.log 2015-02-01 18:23 - 2015-02-01 18:23 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-23-49.090-AvastVBoxSVC.exe-4148.log 2015-02-01 18:17 - 2015-02-01 18:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-02-01 18:17 - 2015-02-01 18:17 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-02-01 18:17 - 2015-02-01 18:17 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2015-02-01 18:17 - 2015-02-01 18:17 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-02-01 18:17 - 2015-02-01 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-02-01 18:17 - 2015-02-01 11:28 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-02-01 18:17 - 2015-02-01 11:28 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-02-01 18:07 - 2015-02-01 18:08 - 132469808 _____ (AVAST Software) C:\Users\Sandra Weilnau\Downloads\avast_free_antivirus_setup_10.2208.712.exe 2015-02-01 17:51 - 2015-02-01 17:51 - 00017145 _____ () C:\ComboFix.txt 2015-02-01 17:40 - 2015-02-01 17:51 - 00000000 ____D () C:\Qoobox 2015-02-01 17:40 - 2015-02-01 17:50 - 00000000 ____D () C:\Windows\erdnt 2015-02-01 17:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-02-01 17:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-02-01 17:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2015-02-01 17:35 - 2015-02-01 17:35 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-35-39.072-AvastVBoxSVC.exe-2744.log 2015-02-01 17:31 - 2015-02-01 17:31 - 05611408 ____R (Swearware) C:\Users\Sandra Weilnau\Downloads\ComboFix.exe 2015-02-01 17:22 - 2015-02-01 17:22 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-22-30.078-AvastVBoxSVC.exe-3324.log 2015-02-01 15:18 - 2015-02-01 15:19 - 00000197 _____ () C:\Windows\system32\2015-02-01-14-18-53.031-AvastVBoxSVC.exe-2892.log 2015-02-01 12:41 - 2015-02-01 12:41 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-41-52.065-AvastVBoxSVC.exe-2632.log 2015-02-01 12:34 - 2015-02-01 20:50 - 00000000 ____D () C:\AdwCleaner 2015-02-01 12:06 - 2015-02-01 12:07 - 00000247 _____ () C:\Windows\system32\2015-02-01-11-06-58.083-aswFe.exe-4672.log 2015-02-01 11:57 - 2015-02-01 12:06 - 00000247 _____ () C:\Windows\system32\2015-02-01-10-57-18.036-aswFe.exe-2404.log 2015-02-01 11:57 - 2015-02-01 11:57 - 00000197 _____ () C:\Windows\system32\2015-02-01-10-57-11.057-AvastVBoxSVC.exe-3064.log 2015-02-01 11:36 - 2015-02-01 11:36 - 06000640 _____ () C:\Program Files (x86)\GUTD136.tmp 2015-02-01 11:36 - 2015-02-01 11:36 - 00000000 ____D () C:\Program Files (x86)\GUMD135.tmp 2015-02-01 11:34 - 2015-02-01 11:34 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\AVAST Software 2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\system32\vbox 2015-02-01 11:31 - 2015-02-01 11:40 - 00000000 ____D () C:\Program Files\Google 2015-02-01 11:28 - 2015-02-01 11:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-02-01 11:27 - 2015-02-01 11:27 - 00000000 ____D () C:\Program Files\AVAST Software 2015-02-01 11:26 - 2015-02-01 11:27 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-02-01 09:37 - 2015-02-01 20:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-01 09:37 - 2015-02-01 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-01 09:37 - 2015-02-01 09:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-02-01 09:36 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-02-01 09:28 - 2015-02-01 09:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-01-31 16:59 - 2015-02-01 21:07 - 00000000 ____D () C:\FRST 2015-01-27 10:13 - 2015-01-27 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-18 17:12 - 2015-02-01 20:51 - 00004698 _____ () C:\Windows\setupact.log 2015-01-18 17:12 - 2015-01-18 17:12 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-18 17:11 - 2015-02-01 20:51 - 00433512 _____ () C:\Windows\PFRO.log 2015-01-18 14:25 - 2015-01-18 14:25 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk 2015-01-18 14:24 - 2015-01-18 14:25 - 00000000 ____D () C:\Program Files (x86)\Safari 2015-01-18 14:22 - 2015-01-18 14:22 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Macromedia 2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla 2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Mozilla 2015-01-18 14:20 - 2015-01-27 14:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-18 14:20 - 2015-01-18 14:20 - 00000000 ____D () C:\ProgramData\Mozilla 2015-01-16 12:25 - 2015-02-01 12:37 - 00000000 ____D () C:\Windows\system32\log 2015-01-14 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 15:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 15:19 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-14 15:19 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-14 15:19 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-14 15:19 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-14 15:19 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 15:19 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 15:19 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 15:19 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 15:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 15:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 15:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-01 20:58 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-01 20:58 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-01 20:55 - 2014-06-10 18:16 - 01246539 _____ () C:\Windows\WindowsUpdate.log 2015-02-01 20:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-01 20:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech 2015-02-01 20:39 - 2014-06-10 19:52 - 00000000 ____D () C:\temp 2015-02-01 20:22 - 2014-11-02 14:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-01 18:32 - 2014-06-12 05:55 - 00001912 _____ () C:\Windows\epplauncher.mif 2015-02-01 17:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2015-02-01 17:48 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2015-02-01 12:37 - 2014-06-10 18:44 - 00001013 _____ () C:\Users\Sandra Weilnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-01 12:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Program Files (x86)\Google 2015-02-01 11:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Google 2015-01-27 12:25 - 2014-09-02 08:53 - 00000242 _____ () C:\Users\Sandra Weilnau\BullseyeCoverageError.txt 2015-01-26 10:22 - 2014-11-02 14:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-26 10:22 - 2014-06-10 19:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-26 10:22 - 2014-06-10 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-22 20:20 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Apple Computer 2015-01-18 20:30 - 2014-06-11 04:10 - 00699092 _____ () C:\Windows\system32\perfh007.dat 2015-01-18 20:30 - 2014-06-11 04:10 - 00149232 _____ () C:\Windows\system32\perfc007.dat 2015-01-18 20:30 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-18 14:25 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Apple Computer 2015-01-18 13:58 - 2014-11-02 14:19 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-01-18 13:55 - 2014-11-02 14:31 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-14 17:26 - 2014-06-13 18:28 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-14 17:21 - 2014-06-13 18:27 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-11 19:54 - 2014-06-17 08:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\vlc 2015-01-09 11:15 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-01-08 20:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF ==================== Files in the root of some directories ======= 2015-02-01 11:36 - 2015-02-01 11:36 - 6000640 _____ () C:\Program Files (x86)\GUTD136.tmp Some content of TEMP: ==================== C:\Users\Sandra Weilnau\AppData\Local\Temp\Quarantine.exe C:\Users\Sandra Weilnau\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-27 09:53 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Ist das jetzt alles okay so? Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Sandra Weilnau at 2015-02-01 21:08:05
Running from C:\Users\Sandra Weilnau\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Unity Web Player (HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-01-2015 13:45:27 Windows Update
18-01-2015 14:24:06 Installed Safari
21-01-2015 21:35:17 Windows Update
26-01-2015 09:09:59 Windows Update
29-01-2015 10:36:51 Windows Update
01-02-2015 09:29:13 Revo Uninstaller's restore point - WinZipper
01-02-2015 09:32:28 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!)
01-02-2015 11:27:27 avast! antivirus system restore point
01-02-2015 11:49:37 Removed Java 8 Update 25
01-02-2015 11:50:38 Removed Java 8 Update 25 (64-bit)
01-02-2015 17:35:03 avast! antivirus system restore point
01-02-2015 18:16:01 avast! antivirus system restore point
01-02-2015 18:29:50 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-06-10 19:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03471EC2-D1EF-4912-A06D-6E3527413301} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {4F9168FA-DF64-4BDB-9DC2-F5CD7214BAD8} - System32\Tasks\{0BFD0BD1-B78A-48FB-BDB0-1D19DAEB6821} => pcalua.exe -a C:\Users\SANDRA~1\AppData\Local\Temp\{D132361B-7D51-4CA2-B31D-695926883B08}\InstallFlashPlayer.exe -d C:\Users\SANDRA~1\AppData\Local\Temp\IDC2.tmp -c -iv 6
Task: {582986BC-7704-4E3D-8A47-FEFDAF58E4B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {87EBAF50-877D-49CB-AB01-238381004950} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-01] (AVAST Software)
Task: {C6EF8342-447B-4602-9D82-E368285BE08E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE6C9AD6-19A0-4D00-AB3E-11F9E9E1A157} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F4CE997F-9700-4C42-BE97-8726373DF709} - System32\Tasks\{39E7ABE2-4635-4A33-A61A-5561D6505943} => pcalua.exe -a "C:\Users\Sandra Weilnau\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2015-02-01 11:28 - 2015-02-01 11:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-01 20:13 - 2015-02-01 20:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-27 10:13 - 2015-01-27 10:14 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-26 10:22 - 2015-01-26 10:22 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-338094041-3377201104-4203914905-500 - Administrator - Disabled)
Gast (S-1-5-21-338094041-3377201104-4203914905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-338094041-3377201104-4203914905-1002 - Limited - Enabled)
Sandra Weilnau (S-1-5-21-338094041-3377201104-4203914905-1000 - Administrator - Enabled) => C:\Users\Sandra Weilnau
==================== Faulty Device Manager Devices =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 260 Processor
Percentage of memory in use: 41%
Total physical RAM: 3839.18 MB
Available physical RAM: 2259.92 MB
Total Pagefile: 7676.54 MB
Available Pagefile: 5646.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:77.7 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.08 GB) (Free:0.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 02C0D7BF)
Partition 1: (Active) - (Size=84 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
__________________  |
|
02.02.2015, 09:24
| #12 |
| /// the machine /// TB-Ausbilder | Trojaner/Viren Infizierung per Post von der TelekomESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.02.2015, 19:00
| #13 |
| | Trojaner/Viren Infizierung per Post von der Telekom Ich bin gerade an dem ESET online Scan.... Jetzt hab ich aber noch mal ne Frage  )Ich hatte die ganze Zeit nervige Werbeeinblendungen sobald ich etwas angeklickt habe :/ sind die dann jetzt auch weg? Ich passe schon auf was ich installiere(was man von meinem Mann nicht behaupten kann) aber gibt es da einen sicheren Schutz das nicht wieder Adware drauf kommt? Der Scan läuft immer noch ist das normal? Vor allem mach ich mir Gedanken weil ja Firewall und Virusprogramm deaktiviert sind Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d3ece7fe3dc0904191326d719f690778
# engine=22260
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-02 05:42:14
# local_time=2015-02-02 06:42:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 84620 116147 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 90559 45879328 0 0
# scanned=749882
# found=287
# cleaned=0
# scan_time=25189
sh=69506F53296DEA6B18878EB4863E2AA3477D0766 ft=1 fh=c71c001173e98cd4 vn="Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=CC041C934F8C519E3A9B3E3971155E8D44BC92B8 ft=1 fh=c71c0011898cc47b vn="Variante von Win32/ELEX.BD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\update\update.exe.vir"
sh=C93FB945956D3241233F257ECD5BC0A0CD586235 ft=0 fh=0000000000000000 vn="JS/Trackware.Agent.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.js.vir"
sh=92B359D33855BF27D6F0C1F58510D7B493A1162B ft=1 fh=4d6af7cbc920e55f vn="Variante von Win32/LoadTubes.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Sandra Weilnau\AppData\Roaming\loadtbs\uninstall.exe.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=8B67C4946B050285FE89EFE36AB6DC2F7B3E2D2F ft=1 fh=d91722da20002316 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Anwendungsdaten\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Anwendungsdaten\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Application Data\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\WPM\wprotectmanager.exe"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Anwendungsdaten\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Anwendungsdaten\VOPackage\VOPackage.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\nsnC802.tmp"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Roaming\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Roaming\VOPackage\VOPackage.exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Downloads\setup (1).exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Downloads\setup (2).exe"
sh=835D4B2CD4AB8A53184D5505C30E06E2FEDD3A47 ft=1 fh=9564e183ef98f7cb vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Downloads\setup.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
sh=F86C88388A82F65BC24C4AA5E9976721D5F474C8 ft=1 fh=7acced1143aee893 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe"
sh=F2FC2EAF732B4C7EC6806D7471552E524E0A6356 ft=1 fh=80742489e7f51237 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe"
sh=AE6241AB1CD9CBAEC6EB20D72A1003D31E17662B ft=1 fh=9d51af4df9578bd3 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe"
sh=E329C3DE6775C68A8F25BE1B192C1EA171468AE4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\54246.crx"
sh=CA71ECAF757D9BDC073C66B8993FC25B6C8924A1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\54246.xpi"
sh=677D86005EBDFB5E1F760AD807409DB08536BCDB ft=1 fh=d3c83b4567ac8997 vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bg.exe"
sh=076A3B78D9902AD9C2EBA2B20E9528FEC07D2FA3 ft=1 fh=8030ef68282b4fbe vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll"
sh=03968227D47D277355EF6E7A63678E157969140F ft=1 fh=d8accb8698cd2780 vn="Variante von Win64/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll"
sh=EB969D370BAB52A1CC9198F899956E3BB2409007 ft=1 fh=15ca2823dedff24d vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe"
sh=CE5D01A83E89CA9F9906280F3148F30F773DFFF2 ft=1 fh=c4dccb6a2c703b00 vn="Variante von Win32/Toolbar.CrossRider.BP evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\Uninstall.exe"
sh=80984286766388010D80EF1854A03C840F95F493 ft=1 fh=c1190a78ba67e05f vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\utils.exe"
sh=5A2788927EE1E67F9E945D10D562C4957A07BE34 ft=1 fh=c71c0011bb6d120b vn="Variante von Win32/AdWare.AddLyrics.AJ Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQL.exe"
sh=A16E4B9EB735F8F3522050F628797D1957383A2B ft=1 fh=1f862fe921f9c131 vn="Variante von Win32/AdWare.AddLyrics.BA Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQL158.dll"
sh=FB727F8C00390F677464DC47FE8BD42D5200D83E ft=1 fh=9893a5de479c5863 vn="Variante von Win32/AdWare.AddLyrics.AK Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe"
sh=8F3CC22D25D4E8696CDB208D45EDD0CEB761FD3D ft=1 fh=ca1eee2075d2f7bd vn="Variante von Win32/AdWare.AddLyrics.AJ Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe"
sh=95F16225F5701E3807D773C3CDC198AE0551630C ft=1 fh=c387e1ea6439112d vn="Variante von Win32/AdWare.AddLyrics.AS Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Uninstall.exe"
sh=1E9189AC027DC6EA73FDB2B282556BF632D10A27 ft=1 fh=de11dca32e2fbb75 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\BrowserConnection.dll"
sh=8FD65DAB9271AA17576B9056C33ECE43F8586B9E ft=1 fh=cced25fe859363ea vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\datamngr.dll"
sh=294E221F7F1ACFE8F242715F347AB94AB9DEED86 ft=1 fh=2e9cfed28213c0bb vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\datamngrUI.exe"
sh=7F585ACED3A1B8F61059A55121C0F465F12B31F2 ft=1 fh=43220a23f668b9bc vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\DnsBHO.dll"
sh=659059A6B630B488F3AA01AFEFE7841584A943DE ft=1 fh=f9cf2ec098d80d5a vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\IEBHO.dll"
sh=B81BAAC9D35824000ADB556418067A9220C40F01 ft=1 fh=23a12d968d390125 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\dtUser.exe"
sh=57E79F81354D497FF57273098E9DC5324E96483F ft=1 fh=3aca384b2c14dc8c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\searchcoreband.dll"
sh=A69E434131FDA85ECC56B0138F097B4F259B9DF2 ft=1 fh=752a3d16031b4239 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll"
sh=EB8F540A30EACBB6426FAE50C9E40878E55FB6A2 ft=1 fh=22c78b88903889b5 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\x64\datamngr.dll"
sh=E269A90BE7BACCC3005CE960ED30AB7EEA3B8A44 ft=1 fh=1bb9b179c6dcb9c3 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\x64\IEBHO.dll"
sh=81FBC911F6F39943B5A508257ED317C6A388CA54 ft=1 fh=f881a71255879118 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe"
sh=6F4FD559E82ECD0E9BF238374A8AE7763D9AF88F ft=1 fh=0fe3e64a55eab364 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll"
sh=09975ED04166B761DC1CED0B15BAE6D37DCC0560 ft=1 fh=919d2464905062de vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe"
sh=CC7735B51ACFC778DAFCE7B9C25798C1149059CA ft=1 fh=bdcf262ba56c13e6 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe"
sh=C2BF9E02AAF8CD61356523AF0425BD4DEEE8A0E8 ft=1 fh=aed2a53e39c1b826 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe"
sh=E07AC00C609A9096EFEDCF5839D77AD91C96BD2D ft=1 fh=a44174895411af10 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll"
sh=6C0CFF21847BEBDC22C8ED1C8A24ED19724D7741 ft=1 fh=91d5fb4f6ab1ad55 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"
sh=19D4CD0E4DDB51C3B3A25676F68963807BE1710C ft=1 fh=5c3c9fe0db73a8b4 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll"
sh=3AE79DE1D9A3C56075DB1B53DF9D7880AE03A5F6 ft=1 fh=bd390a3911fc5a39 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"
sh=0F00EB8310C851AAD8AE9C7C17EF5F0D81617D3A ft=1 fh=1090c94a8e08b65e vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe"
sh=189FC4DEFBF3AF52775F7A922789A0CA6A8FF6F8 ft=1 fh=4ed2a41f68ba7620 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SupTab\SupTab.dll"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\ProgramData\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\ProgramData\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Anwendungsdaten\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Anwendungsdaten\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Application Data\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Application Data\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\WPM\wprotectmanager.exe"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Anwendungsdaten\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Anwendungsdaten\VOPackage\VOPackage.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Roaming\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Roaming\VOPackage\VOPackage.exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Downloads\setup (1).exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Downloads\setup (2).exe"
sh=835D4B2CD4AB8A53184D5505C30E06E2FEDD3A47 ft=1 fh=9564e183ef98f7cb vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Downloads\setup.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
Code:
ATTFilter Results of screen317's Security Check version 0.99.95 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials avast! Antivirus Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Java 64-bit 8 Update 31 Adobe Flash Player 16.0.0.296 Adobe Reader XI Mozilla Firefox (35.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast avastui.exe AVAST Software Avast ng vbox\AvastVBoxSVC.exe AVAST Software Avast ng ngservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015 Ran by Sandra Weilnau (administrator) on SANDRAWEILNAU on 02-02-2015 18:58:27 Running from C:\Users\Sandra Weilnau\Downloads Loaded Profiles: Sandra Weilnau (Available profiles: Sandra Weilnau) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-01] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) CHR HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search FF SearchEngineOrder.1: Yahoo! (Avast) FF SelectedSearchEngine: Yahoo! (Avast) FF Homepage: https://de.yahoo.com/?fr=hp-avast&type=avastbcl FF Keyword.URL: https://de.search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-338094041-3377201104-4203914905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sandra Weilnau\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\searchplugins\yahoo-avast.xml FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-01] Chrome: ======= CHR Profile: C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12] CHR Extension: (Google Drive) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12] CHR Extension: (YouTube) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12] CHR Extension: (Google Search) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12] CHR Extension: (Google Wallet) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26] CHR Extension: (Gmail) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-01] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\Sandra Weilnau\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-01] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-01] (Avast Software) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-01] () S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin) R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-01] (Avast Software) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-02 18:57 - 2015-02-02 18:57 - 02131456 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64(1).exe 2015-02-02 18:49 - 2015-02-02 18:49 - 00852573 _____ () C:\Users\Sandra Weilnau\Downloads\SecurityCheck.exe 2015-02-02 11:29 - 2015-02-02 11:29 - 02347384 _____ (ESET) C:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe 2015-02-01 21:08 - 2015-02-01 21:08 - 00011312 _____ () C:\Users\Sandra Weilnau\Downloads\Addition.txt 2015-02-01 21:07 - 2015-02-02 18:58 - 00012716 _____ () C:\Users\Sandra Weilnau\Downloads\FRST.txt 2015-02-01 21:06 - 2015-02-01 21:07 - 02131456 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64.exe 2015-02-01 21:03 - 2015-02-01 21:03 - 00000947 _____ () C:\Users\Sandra Weilnau\Desktop\JRT.txt 2015-02-01 20:57 - 2015-02-01 20:57 - 01707939 _____ (Thisisu) C:\Users\Sandra Weilnau\Downloads\JRT.exe 2015-02-01 20:57 - 2015-02-01 20:57 - 00000000 ____D () C:\Windows\ERUNT 2015-02-01 20:47 - 2015-02-01 20:47 - 02194432 _____ () C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe 2015-02-01 20:45 - 2015-02-01 20:45 - 00001715 _____ () C:\Malware.txt 2015-02-01 20:20 - 2015-02-01 20:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-01 20:20 - 2015-02-01 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-01 20:19 - 2015-02-01 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-01 20:19 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-02-01 20:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-02-01 20:18 - 2015-02-01 20:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sandra Weilnau\Downloads\mbam-setup-2.0.4.1028.exe 2015-02-01 18:55 - 2015-02-01 18:55 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-55-04.001-aswFe.exe-4204.log 2015-02-01 18:54 - 2015-02-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-54-58.096-AvastVBoxSVC.exe-4300.log 2015-02-01 18:49 - 2015-02-01 18:49 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-49-30.015-aswFe.exe-4584.log 2015-02-01 18:49 - 2015-02-01 18:49 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-49-24.003-AvastVBoxSVC.exe-4696.log 2015-02-01 18:32 - 2015-02-01 18:32 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-02-01 18:31 - 2015-02-01 18:31 - 14107296 _____ (Microsoft Corporation) C:\Users\Sandra Weilnau\Downloads\mseinstall.exe 2015-02-01 18:26 - 2015-02-01 18:26 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-26-37.049-aswFe.exe-204.log 2015-02-01 18:23 - 2015-02-01 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-23-53.033-aswFe.exe-1664.log 2015-02-01 18:23 - 2015-02-01 18:23 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-23-49.090-AvastVBoxSVC.exe-4148.log 2015-02-01 18:17 - 2015-02-02 11:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-02-01 18:17 - 2015-02-01 18:17 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-02-01 18:17 - 2015-02-01 18:17 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2015-02-01 18:17 - 2015-02-01 18:17 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-02-01 18:17 - 2015-02-01 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-02-01 18:17 - 2015-02-01 11:28 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-02-01 18:17 - 2015-02-01 11:28 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-02-01 18:17 - 2015-02-01 11:28 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-02-01 18:07 - 2015-02-01 18:08 - 132469808 _____ (AVAST Software) C:\Users\Sandra Weilnau\Downloads\avast_free_antivirus_setup_10.2208.712.exe 2015-02-01 17:51 - 2015-02-01 17:51 - 00017145 _____ () C:\ComboFix.txt 2015-02-01 17:40 - 2015-02-01 17:51 - 00000000 ____D () C:\Qoobox 2015-02-01 17:40 - 2015-02-01 17:50 - 00000000 ____D () C:\Windows\erdnt 2015-02-01 17:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-02-01 17:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-02-01 17:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2015-02-01 17:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2015-02-01 17:35 - 2015-02-01 17:35 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-35-39.072-AvastVBoxSVC.exe-2744.log 2015-02-01 17:31 - 2015-02-01 17:31 - 05611408 ____R (Swearware) C:\Users\Sandra Weilnau\Downloads\ComboFix.exe 2015-02-01 17:22 - 2015-02-01 17:22 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-22-30.078-AvastVBoxSVC.exe-3324.log 2015-02-01 15:18 - 2015-02-01 15:19 - 00000197 _____ () C:\Windows\system32\2015-02-01-14-18-53.031-AvastVBoxSVC.exe-2892.log 2015-02-01 12:41 - 2015-02-01 12:41 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-41-52.065-AvastVBoxSVC.exe-2632.log 2015-02-01 12:34 - 2015-02-01 20:50 - 00000000 ____D () C:\AdwCleaner 2015-02-01 12:06 - 2015-02-01 12:07 - 00000247 _____ () C:\Windows\system32\2015-02-01-11-06-58.083-aswFe.exe-4672.log 2015-02-01 11:57 - 2015-02-01 12:06 - 00000247 _____ () C:\Windows\system32\2015-02-01-10-57-18.036-aswFe.exe-2404.log 2015-02-01 11:57 - 2015-02-01 11:57 - 00000197 _____ () C:\Windows\system32\2015-02-01-10-57-11.057-AvastVBoxSVC.exe-3064.log 2015-02-01 11:36 - 2015-02-01 11:36 - 06000640 _____ () C:\Program Files (x86)\GUTD136.tmp 2015-02-01 11:36 - 2015-02-01 11:36 - 00000000 ____D () C:\Program Files (x86)\GUMD135.tmp 2015-02-01 11:34 - 2015-02-01 11:34 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\AVAST Software 2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\system32\vbox 2015-02-01 11:31 - 2015-02-01 11:40 - 00000000 ____D () C:\Program Files\Google 2015-02-01 11:28 - 2015-02-01 11:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-02-01 11:27 - 2015-02-01 11:27 - 00000000 ____D () C:\Program Files\AVAST Software 2015-02-01 11:26 - 2015-02-01 11:27 - 00000000 ____D () C:\ProgramData\AVAST Software 2015-02-01 09:37 - 2015-02-02 14:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-01 09:37 - 2015-02-01 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-01 09:37 - 2015-02-01 09:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-02-01 09:36 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-02-01 09:28 - 2015-02-01 09:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-01-31 16:59 - 2015-02-02 18:58 - 00000000 ____D () C:\FRST 2015-01-27 10:13 - 2015-01-27 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-18 17:12 - 2015-02-02 11:20 - 00004754 _____ () C:\Windows\setupact.log 2015-01-18 17:12 - 2015-01-18 17:12 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-18 17:11 - 2015-02-01 20:51 - 00433512 _____ () C:\Windows\PFRO.log 2015-01-18 14:25 - 2015-01-18 14:25 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk 2015-01-18 14:24 - 2015-01-18 14:25 - 00000000 ____D () C:\Program Files (x86)\Safari 2015-01-18 14:22 - 2015-01-18 14:22 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Macromedia 2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla 2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Mozilla 2015-01-18 14:20 - 2015-01-27 14:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-18 14:20 - 2015-01-18 14:20 - 00000000 ____D () C:\ProgramData\Mozilla 2015-01-16 12:25 - 2015-02-01 12:37 - 00000000 ____D () C:\Windows\system32\log 2015-01-14 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 15:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 15:19 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-14 15:19 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-14 15:19 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-14 15:19 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-14 15:19 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 15:19 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 15:19 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 15:19 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 15:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 15:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 15:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-02 18:22 - 2014-11-02 14:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-02 17:28 - 2014-06-10 18:16 - 01283731 _____ () C:\Windows\WindowsUpdate.log 2015-02-02 11:29 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-02 11:29 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-02 11:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-01 20:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech 2015-02-01 20:39 - 2014-06-10 19:52 - 00000000 ____D () C:\temp 2015-02-01 18:32 - 2014-06-12 05:55 - 00001912 _____ () C:\Windows\epplauncher.mif 2015-02-01 17:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2015-02-01 17:48 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2015-02-01 12:37 - 2014-06-10 18:44 - 00001013 _____ () C:\Users\Sandra Weilnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-01 12:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Program Files (x86)\Google 2015-02-01 11:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Google 2015-01-27 12:25 - 2014-09-02 08:53 - 00000242 _____ () C:\Users\Sandra Weilnau\BullseyeCoverageError.txt 2015-01-26 10:22 - 2014-11-02 14:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-26 10:22 - 2014-06-10 19:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-26 10:22 - 2014-06-10 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-22 20:20 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Apple Computer 2015-01-18 20:30 - 2014-06-11 04:10 - 00699092 _____ () C:\Windows\system32\perfh007.dat 2015-01-18 20:30 - 2014-06-11 04:10 - 00149232 _____ () C:\Windows\system32\perfc007.dat 2015-01-18 20:30 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-18 14:25 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Apple Computer 2015-01-18 13:58 - 2014-11-02 14:19 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-01-18 13:55 - 2014-11-02 14:31 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-14 17:26 - 2014-06-13 18:28 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-14 17:21 - 2014-06-13 18:27 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-11 19:54 - 2014-06-17 08:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\vlc 2015-01-09 11:15 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-01-08 20:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF ==================== Files in the root of some directories ======= 2015-02-01 11:36 - 2015-02-01 11:36 - 6000640 _____ () C:\Program Files (x86)\GUTD136.tmp Some content of TEMP: ==================== C:\Users\Sandra Weilnau\AppData\Local\Temp\Quarantine.exe C:\Users\Sandra Weilnau\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-27 09:53 ==================== End Of Log ============================ --- --- ---
__________________ |
|
02.02.2015, 19:03
| #14 |
| | Trojaner/Viren Infizierung per Post von der TelekomCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Sandra Weilnau at 2015-02-02 18:59:18
Running from C:\Users\Sandra Weilnau\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Unity Web Player (HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-01-2015 13:45:27 Windows Update
18-01-2015 14:24:06 Installed Safari
21-01-2015 21:35:17 Windows Update
26-01-2015 09:09:59 Windows Update
29-01-2015 10:36:51 Windows Update
01-02-2015 09:29:13 Revo Uninstaller's restore point - WinZipper
01-02-2015 09:32:28 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!)
01-02-2015 11:27:27 avast! antivirus system restore point
01-02-2015 11:49:37 Removed Java 8 Update 25
01-02-2015 11:50:38 Removed Java 8 Update 25 (64-bit)
01-02-2015 17:35:03 avast! antivirus system restore point
01-02-2015 18:16:01 avast! antivirus system restore point
01-02-2015 18:29:50 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-06-10 19:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03471EC2-D1EF-4912-A06D-6E3527413301} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {4F9168FA-DF64-4BDB-9DC2-F5CD7214BAD8} - System32\Tasks\{0BFD0BD1-B78A-48FB-BDB0-1D19DAEB6821} => pcalua.exe -a C:\Users\SANDRA~1\AppData\Local\Temp\{D132361B-7D51-4CA2-B31D-695926883B08}\InstallFlashPlayer.exe -d C:\Users\SANDRA~1\AppData\Local\Temp\IDC2.tmp -c -iv 6
Task: {582986BC-7704-4E3D-8A47-FEFDAF58E4B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {87EBAF50-877D-49CB-AB01-238381004950} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-01] (AVAST Software)
Task: {C6EF8342-447B-4602-9D82-E368285BE08E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE6C9AD6-19A0-4D00-AB3E-11F9E9E1A157} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F4CE997F-9700-4C42-BE97-8726373DF709} - System32\Tasks\{39E7ABE2-4635-4A33-A61A-5561D6505943} => pcalua.exe -a "C:\Users\Sandra Weilnau\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2015-02-01 11:28 - 2015-02-01 11:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-01 20:13 - 2015-02-01 20:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-02 11:21 - 2015-02-02 11:21 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-27 10:13 - 2015-01-27 10:14 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-26 10:22 - 2015-01-26 10:22 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-338094041-3377201104-4203914905-500 - Administrator - Disabled)
Gast (S-1-5-21-338094041-3377201104-4203914905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-338094041-3377201104-4203914905-1002 - Limited - Enabled)
Sandra Weilnau (S-1-5-21-338094041-3377201104-4203914905-1000 - Administrator - Enabled) => C:\Users\Sandra Weilnau
==================== Faulty Device Manager Devices =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/02/2015 06:45:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/02/2015 06:43:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 170650
Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 170650
Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 458347
Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 458347
Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 11:29:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/02/2015 11:29:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (02/02/2015 06:17:09 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (02/02/2015 03:36:06 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (02/02/2015 11:20:21 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (02/02/2015 11:20:21 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Microsoft Office Sessions:
=========================
Error: (02/02/2015 06:45:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (02/02/2015 06:43:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe
Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 170650
Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 170650
Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 458347
Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 458347
Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 11:29:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe
Error: (02/02/2015 11:29:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 260 Processor
Percentage of memory in use: 62%
Total physical RAM: 3839.18 MB
Available physical RAM: 1448.89 MB
Total Pagefile: 7676.54 MB
Available Pagefile: 5060.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:77.65 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.08 GB) (Free:0.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 02C0D7BF)
Partition 1: (Active) - (Size=84 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
__________________ |
|
03.02.2015, 07:50
| #15 |
| /// the machine /// TB-Ausbilder | Trojaner/Viren Infizierung per Post von der Telekom Wir haben Adware entfernt. Ordner Windows.old komplett löschen. Bestehen die Probleme mit der Werbung aktuell noch?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Trojaner/Viren Infizierung per Post von der Telekom |
| ahnung, brief, freue, heute, infizierung, langsam, neu, rechner, riesig, schön, suche, telekom, troja, trojaner, verseucht, viren, wirklich, würde |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
