| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.03.2015, 17:27
| #1 |
 |  Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglich Hallo Superhelden, hallo Cosinus, Cosinus hat mein Malware und Trojanerproblem auf meinem Laptop exzellent gelöst. Nun würde ich gerne auch noch mein Netbook, welches ich meist nur im Urlaub dabei habe auch überprüfen lassen, denn auch hier hatte ich das Problem, dass ich eine bestimmte Software nicht mehr installieren konnte, ohne dass ich Fehlermeldungen von angeblich fehlenden .dll erhalte habe. Ich gehe davon aus, dass ich mir auch hier einige Trojaner eingefangen habe. Da ich diesen PC nicht so oft benutze ist mir das zuerst gar nicht aufgefallen, dass auch hier Trojaner im System stecken könnten. Gerne warte ich auch Eure Antwort. Viele Grüße Golfkirsi |
|
28.03.2015, 17:36
| #2 |
| /// the machine /// TB-Ausbilder    | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglich hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
29.03.2015, 17:25
| #3 |
| | FRST Log Files FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Kirsten Netbook (administrator) on KIRSTENNETBOOK on 29-03-2015 18:05:54
Running from C:\Users\Kirsten Netbook\Desktop
Loaded Profiles: Kirsten Netbook (Available profiles: Kirsten Netbook)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AsusService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Verbindungsassistent\WTGService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
() C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(AsusTek Computer Inc.) C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
() C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realonemessagecenter.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1021424 2009-10-17] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2009-12-07] (ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [402608 2009-09-26] ()
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [EeeStorageBackup] => C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1732608 2009-11-26] ()
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-27] (ASUSTeK Computer Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032 2009-09-29] (Realtek Semiconductor)
HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2012-01-25] ()
HKLM\...\Run: [IgfxExt] => C:\windows\system32\IgfxExt.exe [174616 2009-10-15] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [296520 2014-12-29] (RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-02-07] (Google Inc.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768 2012-02-25] (Logitech)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {1e462194-1c64-11df-8bd4-e0cb4e5d850d} - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {1e462197-1c64-11df-8bd4-e0cb4e5d850d} - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {38a23243-128b-11df-bc84-e0cb4e5d850d} - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {38a23286-128b-11df-bc84-e0cb4e5d850d} - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {38a233b7-128b-11df-bc84-e0cb4e5d850d} - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {39fddaf5-9f42-11df-9370-e0cb4e5d850d} - E:\Setup.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {43face12-f802-11e0-8872-e0cb4e5d850d} - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {6c153db1-352b-11e0-bc81-e0cb4e5d850d} - F:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {6c153db5-352b-11e0-bc81-e0cb4e5d850d} - F:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {8a2c6943-1253-11df-9329-e0cb4e5d850d} - E:\AutoRun.exe
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\MountPoints2: {cab00b5d-f803-11e0-978e-806e6f6e6963} - E:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Kirsten Netbook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {2056C5CD-58DC-4BAA-8A40-394CDC65FF63} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {A3A0D795-C88A-4280-A52C-47B031A6634C} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {F998415F-72B7-4022-88E4-5BFD2AF313C2} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO: Asz.Citavi.IEPicker.IEPickerButton -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://webvpn.fernuni-hagen.de/+CSCOL+/relayp.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://webvpn.fernuni-hagen.de/CACHE/stc/1/binaries/vpnweb.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: bw+0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw+0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw-0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw-0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw00 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw00s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw10 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw10s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw20 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw20s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw30 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw30s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw40 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw40s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw50 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw50s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw60 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw60s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw70 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw70s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw80 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw80s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw90 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bw90s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwa0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwa0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwb0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwb0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwc0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwc0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwd0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwd0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwe0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwe0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwf0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwf0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwg0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwg0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwh0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwh0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwi0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwi0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwj0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwj0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwk0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwk0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwl0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwl0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwm0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwm0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwn0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwn0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwo0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwo0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwp0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwp0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwq0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwq0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwr0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwr0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bws0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bws0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwt0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwt0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwu0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwu0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwv0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwv0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bww0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bww0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwx0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwx0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwy0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwy0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwz0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: bwz0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: offline-8876480 - {A83C21FA-BB10-4C67-A5E1-0E25BD1FA872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. )
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-12-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-12-29] (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013-04-23]
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-29]
FF HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
Chrome:
=======
CHR Profile: C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf [2013-04-23]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-12-22]
CHR HKLM\...\Chrome\Extension: [dgjkhjdcljddbedokogakmmdjgnbeanf] - C:\Users\Kirsten Netbook\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx [2013-04-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [804600 2015-03-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-22] (Avira Operations GmbH & Co. KG)
R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed]
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin)
S2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin)
S2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-29] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\Program Files\Verbindungsassistent\wtgservice.exe [330696 2011-06-27] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] ()
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-06] (Avira Operations GmbH & Co. KG)
R3 igd; C:\windows\System32\DRIVERS\igdkmd32.sys [635552 2009-10-10] (Intel Corporation)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
S3 Netaapl; C:\windows\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [File not signed]
R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2012-11-11] (Avira GmbH)
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\DRIVERS\btwrchid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-29 18:05 - 2015-03-29 18:11 - 00039632 _____ () C:\Users\Kirsten Netbook\Desktop\FRST.txt
2015-03-29 18:05 - 2015-03-29 18:06 - 00000000 ____D () C:\FRST
2015-03-29 18:04 - 2015-03-29 18:05 - 01135104 _____ (Farbar) C:\Users\Kirsten Netbook\Desktop\FRST.exe
2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2015-03-28 19:28 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2015-03-28 17:59 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-03-22 18:59 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-03-22 18:59 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-03-22 18:59 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-03-22 18:57 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-22 18:57 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-22 18:57 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-22 18:57 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-22 18:57 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-22 18:57 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-22 18:57 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-22 18:57 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-22 18:57 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-22 18:57 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-22 18:57 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-22 18:57 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-22 18:57 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-22 18:57 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-22 18:57 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-22 18:57 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-22 18:57 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-22 18:57 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-22 18:57 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-22 18:57 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-22 18:56 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-22 18:56 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-22 18:56 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-22 18:56 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-22 18:56 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-22 18:56 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-22 18:56 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-22 18:56 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-22 18:56 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-22 18:56 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-22 18:55 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-22 18:55 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-22 18:55 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-22 18:55 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-22 18:55 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-22 18:55 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-22 18:53 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-22 18:52 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-03-22 18:52 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-22 18:52 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-22 18:52 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-22 18:52 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-22 18:52 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-22 18:52 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-22 18:52 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-22 18:52 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-22 18:52 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-22 18:52 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-22 18:52 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-22 18:52 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-22 18:52 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-22 18:52 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-22 18:52 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-22 18:52 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-22 18:52 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-22 18:52 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-22 18:52 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-22 18:51 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-22 18:51 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-22 18:51 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-22 18:51 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-22 18:51 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-22 18:51 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-22 18:51 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-22 18:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-22 18:50 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-22 18:49 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-22 18:49 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-22 18:49 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-22 18:49 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-22 18:49 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-22 18:49 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-22 18:49 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-22 18:49 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-22 18:49 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-22 18:49 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-22 18:49 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-22 17:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2015-03-22 16:58 - 2015-03-22 16:58 - 00057060 _____ () C:\Users\Kirsten Netbook\Documents\AVSCAN-20150322-144821-6E1AC39D.LOG
2015-03-22 16:56 - 2015-03-22 16:56 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-03-22 16:08 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2015-03-22 16:08 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2015-03-22 16:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2015-03-22 16:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2015-03-22 14:28 - 2015-03-22 14:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-22 14:28 - 2015-03-22 14:28 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-05 10:43 - 2015-01-09 01:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-03-05 09:23 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-03-05 09:23 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-03-05 09:23 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-03-05 09:21 - 2015-02-04 04:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-05 09:21 - 2015-02-04 04:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-05 09:21 - 2015-02-04 04:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-05 09:21 - 2015-02-04 04:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-05 09:21 - 2015-02-04 04:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-05 09:21 - 2015-02-04 04:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-05 09:21 - 2015-02-04 04:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-05 09:21 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-03-05 09:21 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-03-05 08:50 - 2015-03-29 13:01 - 00000280 _____ () C:\windows\setupact.log
2015-03-05 08:50 - 2015-03-05 08:50 - 00000000 _____ () C:\windows\setuperr.log
2015-03-05 08:48 - 2015-03-28 20:38 - 00001338 _____ () C:\windows\PFRO.log
2015-03-04 23:25 - 2015-03-04 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-03-04 22:02 - 2015-03-04 22:02 - 00007611 _____ () C:\Users\Kirsten Netbook\AppData\Local\Resmon.ResmonCfg
2015-03-04 20:06 - 2015-03-04 20:06 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
2015-03-04 20:06 - 2015-03-04 20:06 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 7.lnk
2015-03-04 19:59 - 2015-03-28 18:55 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\elsterformular
2015-03-04 19:52 - 2015-03-28 18:57 - 00000000 ____D () C:\ProgramData\elsterformular
2015-03-04 19:05 - 2015-03-28 18:55 - 00000000 ____D () C:\Program Files\ElsterFormular
2015-03-04 18:36 - 2015-03-04 18:46 - 205863960 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kirsten Netbook\Downloads\ElsterFormular-16.0.20150211k.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-29 18:10 - 2013-11-02 19:24 - 01731414 _____ () C:\windows\WindowsUpdate.log
2015-03-29 18:08 - 2009-07-14 06:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-29 18:08 - 2009-07-14 06:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-29 18:03 - 2010-02-12 01:30 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 17:57 - 2010-02-12 01:30 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 17:56 - 2012-07-22 19:33 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 17:55 - 2010-02-03 01:30 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\Skype
2015-03-29 17:55 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\tracing
2015-03-29 13:09 - 2009-07-26 23:56 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-29 13:01 - 2010-03-11 18:34 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2015-03-29 13:01 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-29 12:59 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-29 12:54 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-28 20:39 - 2009-07-14 06:33 - 00418496 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-28 20:30 - 2009-12-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-28 20:04 - 2013-09-07 20:07 - 00000000 ____D () C:\windows\system32\MRT
2015-03-28 19:49 - 2010-02-04 00:43 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-22 18:05 - 2010-06-16 00:07 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-22 18:02 - 2009-07-14 09:49 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-22 16:38 - 2013-05-19 11:04 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-22 16:38 - 2012-11-11 20:06 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-22 16:38 - 2012-11-11 20:06 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-22 15:56 - 2010-06-17 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-22 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat
2015-03-04 23:21 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2015-03-04 19:48 - 2014-12-29 13:33 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-04 18:10 - 2012-07-22 19:33 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-03-04 18:10 - 2011-06-19 19:27 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-11-02 19:16 - 2013-11-02 19:16 - 50053120 _____ () C:\Program Files\GUT7EF0.tmp
2013-04-23 21:39 - 2013-04-23 21:38 - 0030894 _____ () C:\Users\Kirsten Netbook\AppData\Roaming\speedanalysis.ico
2010-02-03 01:31 - 2010-02-03 01:31 - 0000000 _____ () C:\Users\Kirsten Netbook\AppData\Roaming\wklnhst.dat
2011-02-22 12:07 - 2011-02-22 12:07 - 0003584 _____ () C:\Users\Kirsten Netbook\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-04 22:02 - 2015-03-04 22:02 - 0007611 _____ () C:\Users\Kirsten Netbook\AppData\Local\Resmon.ResmonCfg
2013-08-02 20:43 - 2013-08-02 20:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-05-18 16:34 - 2010-05-18 16:34 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some content of TEMP:
====================
C:\Users\Kirsten Netbook\AppData\Local\Temp\avgnt.exe
C:\Users\Kirsten Netbook\AppData\Local\Temp\shutdown1427561847.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-04 23:12
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Kirsten Netbook at 2015-03-29 18:13:59
Running from C:\Users\Kirsten Netbook\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.5 (HKLM\...\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}) (Version: 3.5.1 - Adobe)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Antivirus Pro (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.04 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
b-Cards 3.2 Version 3.2 (Vista/Win7) (HKLM\...\{BAE1F999-4707-4E17-8294-273DF3037E6F}_is1) (Version: 3.2 (Vista/Win7) - Birdigee)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
CDRWIN 7 (HKLM\...\{389BE10D-555B-495B-A83E-E3D94B66D26A}) (Version: 7.0.8.527 - S.A.D.)
Cisco AnyConnect VPN Client (HKLM\...\{96C6C69B-B21D-48D9-8ACC-52AE3EB361A2}) (Version: 2.2.0133 - Cisco Systems, Inc.)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 2.5 (HKLM\...\Citavi) (Version: 2.5.2.0 - Academic Software Zurich)
Citrix Presentation Server Client - Nur Web (HKLM\...\{23E8D2D6-F7C8-4A35-816C-6C914EE0A601}) (Version: 10.150.58643 - Citrix Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ebi.BookReader3J (HKLM\...\{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}) (Version: 3.75.14 - eBOOK Initiative Japan Co., Ltd.)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.3 - )
Eee Docking 3.3.0 (HKLM\...\Eee Docking_is1) (Version: 3.3.0 - ASUSTek Computer Inc.)
FILEminimizer Pictures (HKLM\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
FileOpen Client (HKLM\...\{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}) (Version: 3.0.16.879 - FileOpen Systems, Inc.)
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.15 - AsusTek Computer)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{87B2E9C6-8AC1-43EF-9072-DB2EF0A49680}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 9.7.3 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version: - Intel Corporation)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_19 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142190}) (Version: 1.4.2_19 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.29 - AsusTek Computer Inc.)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.01.02 - Logitech, Inc.)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{26257879-B20D-4D30-A429-B387A4890929}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Communicator 2007 (HKLM\...\{0FCA0973-24C0-48EA-8CF6-71B53C135C09}) (Version: 2.0.6362.0 - Microsoft Corporation)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM\...\OMUI.nl-nl) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - French/Français (HKLM\...\OMUI.fr-fr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Italian/Italiano (HKLM\...\OMUI.it-it) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
RealDownloader (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0130 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1800 - SRS Labs, Inc.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.39049 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Verbindungsassistent (HKLM\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
Video Downloader (Version: 1.0.0 - RealNetworks) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Kirsten Netbook\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Kirsten Netbook\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
==================== Restore Points =========================
22-03-2015 14:49:55 Windows-Sicherung
22-03-2015 14:57:08 Windows Update
28-03-2015 18:00:00 Windows-Sicherung
28-03-2015 18:02:32 Windows Update
29-03-2015 12:36:07 Windows Update
29-03-2015 15:10:56 Removed ebi.BookReader3J
29-03-2015 17:56:05 Removed ebi.BookReader3J
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {079519C7-79CD-4826-AC43-8C37A87AAA9F} - System32\Tasks\{19F80B1B-01D7-4B38-8D93-A092DBA51E5D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {11432A0C-F225-4641-B405-6F1314D3ECBA} - System32\Tasks\{AF5831CF-F5CC-4167-9005-87540502B82C} => pcalua.exe -a E:\Verbindungsassistent\setup.exe -d E:\Verbindungsassistent
Task: {222B8AC3-BF54-4A05-9716-AFD9D413B1E2} - System32\Tasks\{50E22A1D-2377-44FA-95F5-E6147F031453} => pcalua.exe -a "C:\Program Files\Verbindungsassistent\Uninstaller.exe"
Task: {2390EBDB-2951-435E-80B5-489BDC9527C0} - System32\Tasks\{D79687B4-7E68-40A5-906A-ED7D12EC442F} => pcalua.exe -a "E:\Avira AntiVir Premium\avira_antivirus_premium_de.exe" -d "E:\Avira AntiVir Premium"
Task: {2B5CB29C-793C-4CAD-8284-DF6A6E3FB9A3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {4D8CA824-41F0-430D-8960-7E872C97E861} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {5A7E1106-B2AC-4B16-8211-3410E271948C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {5FECBC36-3FC4-4C2A-A6FE-2062A4759F33} - System32\Tasks\Update- und Informations-Manager => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2012-02-25] (Logitech)
Task: {61316885-6202-415E-997F-BFC360241E0F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe [2014-12-29] (RealNetworks, Inc.)
Task: {6A1B19B0-838C-40C8-83FB-1F6310205B63} - System32\Tasks\{7F93A435-B317-4DB2-9350-73A97D7059AE} => pcalua.exe -a "C:\Program Files\ElsterFormular\bin\installationsverwaltung.exe" -d "C:\Program Files\ElsterFormular\bin" -c --zeigeDlg
Task: {75DAEAAA-31E9-4CEC-B201-CAE8A8504572} - System32\Tasks\{230793ED-72EA-48A0-A706-41A6CB6B1213} => pcalua.exe -a E:\Radiotracker\Radiotracker6.exe -d E:\Radiotracker
Task: {78FE2AE6-098D-4013-9270-90EC4649790A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {80695B6C-60FB-49BC-B39F-782E8F90455F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {83C6AADB-8B32-4BCF-9344-347A093032E3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-04] (Adobe Systems Incorporated)
Task: {89D23E6A-BBA8-4593-95AB-C7B86342EA12} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {8FC2B7D0-D141-457F-A838-9A7700700617} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {C5E21B80-4D26-43FE-9C56-72B74D6D571C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {CCDC2DBC-C152-4E95-B107-3A3926EC7660} - System32\Tasks\Festplatte reinigen => C:\Windows\System32\cleanmgr.exe [2009-07-14] (Microsoft Corporation)
Task: {DA1E871B-5210-4887-8829-850517EE6EE5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {E3798267-96D1-40C7-ADDD-F54C9B241069} - System32\Tasks\{EFB8FC22-DB0F-4EF5-B9A8-DDBEDAD7B3FA} => pcalua.exe -a "C:\Users\Kirsten Netbook\Downloads\vpnclient-win-msi-5.0.exe" -d "C:\Users\Kirsten Netbook\Downloads"
Task: {F4C4E744-5087-4C09-81D2-137241617607} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {FB92EDBC-96ED-4C75-B4E7-026AAE88A910} - System32\Tasks\Logitech-Online-Aktualisierungsprogramm => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-02-25] (Logitech)
Task: {FC7CF5D3-9096-4533-B181-F0823768783B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-07 16:19 - 2009-08-19 03:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe
2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-12-29 13:26 - 2014-12-29 13:26 - 00865880 _____ () c:\program files\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files\Real\UpdateService\RPDSUpdatePlugin.dll
2011-01-24 10:20 - 2011-06-27 22:38 - 00330696 _____ () C:\Program Files\Verbindungsassistent\wtgservice.exe
2009-12-07 16:50 - 2009-09-26 00:02 - 00402608 _____ () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
2011-07-13 09:38 - 2011-07-13 09:38 - 00181664 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll
2009-11-26 15:52 - 2009-11-26 15:52 - 01732608 _____ () C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2011-09-05 09:19 - 2011-09-05 09:19 - 00028672 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll
2014-10-29 20:06 - 2014-10-29 20:06 - 00560192 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
2014-10-29 20:01 - 2014-10-29 20:01 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kirsten Netbook\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1967279032-2498529286-1251811412-500 - Administrator - Disabled)
Gast (S-1-5-21-1967279032-2498529286-1251811412-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1967279032-2498529286-1251811412-1006 - Limited - Enabled)
Kirsten Netbook (S-1-5-21-1967279032-2498529286-1251811412-1000 - Administrator - Enabled) => C:\Users\Kirsten Netbook
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/29/2015 03:26:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4976
Error: (03/29/2015 03:26:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4976
Error: (03/29/2015 03:26:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/29/2015 02:55:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5085
Error: (03/29/2015 02:55:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5085
Error: (03/29/2015 02:55:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/29/2015 01:19:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18782
Error: (03/29/2015 01:19:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18782
Error: (03/29/2015 01:19:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/29/2015 01:18:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7238
System errors:
=============
Error: (03/29/2015 03:05:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (03/29/2015 02:40:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (03/29/2015 01:07:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (03/29/2015 01:06:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (03/29/2015 01:03:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/29/2015 01:03:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (03/29/2015 00:44:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.195.475.0)
Error: (03/29/2015 02:58:29 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/28/2015 08:44:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iPod-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/28/2015 08:44:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst iPod-Dienst erreicht.
Microsoft Office Sessions:
=========================
Error: (04/21/2013 10:50:20 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 483676 seconds with 120 seconds of active time. This session ended with a crash.
Error: (08/11/2012 08:46:21 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/29/2012 05:04:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/29/2011 05:05:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/08/2011 09:21:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/02/2011 03:36:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/21/2011 03:38:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 382 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/14/2011 10:36:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6549 seconds with 5940 seconds of active time. This session ended with a crash.
Error: (01/30/2011 10:07:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1118 seconds with 120 seconds of active time. This session ended with a crash.
Error: (01/13/2011 11:39:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 555 seconds with 480 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU Z520 @ 1.33GHz
Percentage of memory in use: 81%
Total physical RAM: 2037.93 MB
Available physical RAM: 369.94 MB
Total Pagefile: 4075.86 MB
Available Pagefile: 1701.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.12 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:42.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:122.87 GB) (Free:26.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: ABF319E9)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=122.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=1B)
Partition 4: (Not Active) - (Size=17 MB) - (Type=EF)
==================== End Of Log ============================
vielen Dank, dass du dich meinem Problem angenommen hast. Anbei die ersten zwei Log-Files mit der Bitte um weitere Anweisungen. Vielen Dank Golfkirsi |
|
30.03.2015, 05:18
| #4 |
| /// the machine /// TB-Ausbilder | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglich hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.03.2015, 19:54
| #5 |
| | Mbar LogCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.30.07
rootkit: v2015.03.26.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17691
Kirsten Netbook :: KIRSTENNETBOOK [administrator]
30.03.2015 19:33:14
mbar-log-2015-03-30 (19-33-14).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 333673
Time elapsed: 55 minute(s), 56 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 20:49:44.0479 0x1290 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:49:50.0057 0x1290 ============================================================
20:49:50.0057 0x1290 Current date / time: 2015/03/30 20:49:50.0057
20:49:50.0057 0x1290 SystemInfo:
20:49:50.0057 0x1290
20:49:50.0057 0x1290 OS Version: 6.1.7601 ServicePack: 1.0
20:49:50.0057 0x1290 Product type: Workstation
20:49:50.0057 0x1290 ComputerName: KIRSTENNETBOOK
20:49:50.0057 0x1290 UserName: Kirsten Netbook
20:49:50.0057 0x1290 Windows directory: C:\windows
20:49:50.0057 0x1290 System windows directory: C:\windows
20:49:50.0057 0x1290 Processor architecture: Intel x86
20:49:50.0057 0x1290 Number of processors: 2
20:49:50.0057 0x1290 Page size: 0x1000
20:49:50.0057 0x1290 Boot type: Normal boot
20:49:50.0057 0x1290 ============================================================
20:50:06.0192 0x1290 KLMD registered as C:\windows\system32\drivers\96103999.sys
20:50:06.0603 0x1290 System UUID: {4B18D621-131F-83CD-8B43-482ED3F746CE}
20:50:08.0190 0x1290 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:50:08.0190 0x1290 ============================================================
20:50:08.0190 0x1290 \Device\Harddisk0\DR0:
20:50:08.0190 0x1290 MBR partitions:
20:50:08.0190 0x1290 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
20:50:08.0190 0x1290 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0xF5BB800
20:50:08.0190 0x1290 ============================================================
20:50:08.0230 0x1290 C: <-> \Device\Harddisk0\DR0\Partition1
20:50:08.0270 0x1290 D: <-> \Device\Harddisk0\DR0\Partition2
20:50:08.0270 0x1290 ============================================================
20:50:08.0270 0x1290 Initialize success
20:50:08.0270 0x1290 ============================================================
20:50:25.0329 0x152c ============================================================
20:50:25.0329 0x152c Scan started
20:50:25.0329 0x152c Mode: Manual;
20:50:25.0329 0x152c ============================================================
20:50:25.0329 0x152c KSN ping started
20:50:39.0145 0x152c KSN ping finished: true
20:50:40.0755 0x152c ================ Scan system memory ========================
20:50:40.0755 0x152c System memory - ok
20:50:40.0775 0x152c ================ Scan services =============================
20:50:41.0063 0x152c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:50:41.0080 0x152c 1394ohci - ok
20:50:41.0206 0x152c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
20:50:41.0232 0x152c ACPI - ok
20:50:41.0289 0x152c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:50:41.0289 0x152c AcpiPmi - ok
20:50:41.0481 0x152c [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:50:41.0491 0x152c AdobeARMservice - ok
20:50:41.0645 0x152c [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:50:41.0678 0x152c AdobeFlashPlayerUpdateSvc - ok
20:50:41.0797 0x152c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
20:50:41.0837 0x152c adp94xx - ok
20:50:41.0905 0x152c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
20:50:41.0934 0x152c adpahci - ok
20:50:41.0988 0x152c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
20:50:42.0002 0x152c adpu320 - ok
20:50:42.0065 0x152c [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:50:42.0069 0x152c AeLookupSvc - ok
20:50:42.0162 0x152c [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys
20:50:42.0196 0x152c AFD - ok
20:50:42.0253 0x152c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
20:50:42.0259 0x152c agp440 - ok
20:50:42.0321 0x152c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
20:50:42.0331 0x152c aic78xx - ok
20:50:42.0393 0x152c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
20:50:42.0403 0x152c ALG - ok
20:50:42.0451 0x152c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
20:50:42.0457 0x152c aliide - ok
20:50:42.0496 0x152c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
20:50:42.0503 0x152c amdagp - ok
20:50:42.0547 0x152c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
20:50:42.0550 0x152c amdide - ok
20:50:42.0615 0x152c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
20:50:42.0615 0x152c AmdK8 - ok
20:50:42.0645 0x152c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:50:42.0662 0x152c AmdPPM - ok
20:50:42.0719 0x152c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:50:42.0729 0x152c amdsata - ok
20:50:42.0779 0x152c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
20:50:42.0794 0x152c amdsbs - ok
20:50:42.0829 0x152c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:50:42.0833 0x152c amdxata - ok
20:50:43.0102 0x152c [ 3C355762D89401975EF86E6975FEC77C, D3F7DF98A40A57373B4C9325AB057D3A0A24B772499D0D6A2EC154A1D4CB57EA ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
20:50:43.0177 0x152c AntiVirMailService - ok
20:50:43.0331 0x152c [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:50:43.0385 0x152c AntiVirSchedulerService - ok
20:50:43.0511 0x152c [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:50:43.0578 0x152c AntiVirService - ok
20:50:43.0745 0x152c [ 7983B808D27CEFADD0BCBCAB30736B5B, 5E723476EF71F4C7AFC9E65113F6E78357DC908ED6E09F1142C4DB19B78DC5EF ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:50:43.0839 0x152c AntiVirWebService - ok
20:50:43.0905 0x152c [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\windows\system32\drivers\appid.sys
20:50:43.0915 0x152c AppID - ok
20:50:43.0960 0x152c [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\windows\System32\appidsvc.dll
20:50:43.0967 0x152c AppIDSvc - ok
20:50:44.0017 0x152c [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\windows\System32\appinfo.dll
20:50:44.0017 0x152c Appinfo - ok
20:50:44.0109 0x152c [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:50:44.0119 0x152c Apple Mobile Device - ok
20:50:44.0190 0x152c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
20:50:44.0198 0x152c arc - ok
20:50:44.0243 0x152c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
20:50:44.0253 0x152c arcsas - ok
20:50:44.0445 0x152c [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:50:44.0445 0x152c aspnet_state - ok
20:50:44.0504 0x152c [ A9A565C669786C402752F609AFDD0DD5, 7D64828DE5503AF4B4A80F4C08BB2659B277CD664AB33724FB9387948BE8765A ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
20:50:44.0507 0x152c AsUpIO - ok
20:50:44.0587 0x152c [ C4FB2613D3C75364BB159B9C23A00E7A, 945AD13620BBEFFC382EDC3B3337975D158C7EDB4E3782021FCBE3B49A8A1F57 ] AsusService C:\Windows\System32\AsusService.exe
20:50:44.0623 0x152c AsusService - ok
20:50:44.0689 0x152c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:50:44.0689 0x152c AsyncMac - ok
20:50:44.0751 0x152c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
20:50:44.0751 0x152c atapi - ok
20:50:44.0916 0x152c [ B01751CC563AECAC09BBE36AAA21FBEF, 453CAED322CC13155D3BD1F5BF9ABC9FA7F74D9C17E712DAEC63E9518F0E9229 ] athr C:\windows\system32\DRIVERS\athr.sys
20:50:45.0035 0x152c athr - ok
20:50:45.0157 0x152c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:50:45.0204 0x152c AudioEndpointBuilder - ok
20:50:45.0271 0x152c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\windows\System32\Audiosrv.dll
20:50:45.0317 0x152c Audiosrv - ok
20:50:45.0443 0x152c [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
20:50:45.0453 0x152c avgntflt - ok
20:50:45.0535 0x152c [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
20:50:45.0545 0x152c avipbb - ok
20:50:45.0616 0x152c [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
20:50:45.0617 0x152c avkmgr - ok
20:50:45.0705 0x152c [ E011CD533A4F67F194B43666AE05EDA9, F328BC48AE0DCD7CD5E05D0FA28751B6DAB7883A32ECEDE14E3FEBA926135457 ] avmike C:\Program Files\FRITZ!Fernzugang\avmike.exe
20:50:45.0729 0x152c avmike - ok
20:50:45.0799 0x152c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
20:50:45.0811 0x152c AxInstSV - ok
20:50:45.0919 0x152c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
20:50:45.0962 0x152c b06bdrv - ok
20:50:46.0027 0x152c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
20:50:46.0049 0x152c b57nd60x - ok
20:50:46.0121 0x152c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
20:50:46.0131 0x152c BDESVC - ok
20:50:46.0179 0x152c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
20:50:46.0182 0x152c Beep - ok
20:50:46.0285 0x152c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
20:50:46.0337 0x152c BFE - ok
20:50:46.0448 0x152c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\System32\qmgr.dll
20:50:46.0533 0x152c BITS - ok
20:50:46.0643 0x152c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:50:46.0648 0x152c blbdrive - ok
20:50:46.0764 0x152c [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:50:46.0800 0x152c Bonjour Service - ok
20:50:46.0847 0x152c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:50:46.0856 0x152c bowser - ok
20:50:46.0890 0x152c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
20:50:46.0894 0x152c BrFiltLo - ok
20:50:46.0935 0x152c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
20:50:46.0938 0x152c BrFiltUp - ok
20:50:46.0998 0x152c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
20:50:47.0009 0x152c Browser - ok
20:50:47.0084 0x152c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:50:47.0109 0x152c Brserid - ok
20:50:47.0158 0x152c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:50:47.0165 0x152c BrSerWdm - ok
20:50:47.0207 0x152c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:50:47.0210 0x152c BrUsbMdm - ok
20:50:47.0245 0x152c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:50:47.0248 0x152c BrUsbSer - ok
20:50:47.0312 0x152c [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
20:50:47.0317 0x152c BthEnum - ok
20:50:47.0375 0x152c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
20:50:47.0381 0x152c BTHMODEM - ok
20:50:47.0441 0x152c [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
20:50:47.0460 0x152c BthPan - ok
20:50:47.0563 0x152c [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
20:50:47.0633 0x152c BTHPORT - ok
20:50:47.0745 0x152c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
20:50:47.0755 0x152c bthserv - ok
20:50:47.0827 0x152c [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
20:50:47.0837 0x152c BTHUSB - ok
20:50:47.0867 0x152c btwaudio - ok
20:50:47.0914 0x152c btwavdt - ok
20:50:47.0944 0x152c btwl2cap - ok
20:50:47.0974 0x152c btwrchid - ok
20:50:48.0230 0x152c [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:50:48.0372 0x152c c2cautoupdatesvc - ok
20:50:48.0668 0x152c [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:50:48.0828 0x152c c2cpnrsvc - ok
20:50:48.0918 0x152c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:50:48.0927 0x152c cdfs - ok
20:50:49.0003 0x152c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\drivers\cdrom.sys
20:50:49.0013 0x152c cdrom - ok
20:50:49.0084 0x152c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
20:50:49.0096 0x152c CertPropSvc - ok
20:50:49.0145 0x152c [ 32416A00199B83F3CB19A504A226A519, 0090A0BB6DF2DCDA4A3255E896D132E47E82CEFF2884D813E8F6CF55C5AF6254 ] certsrv C:\Program Files\FRITZ!Fernzugang\certsrv.exe
20:50:49.0155 0x152c certsrv - ok
20:50:49.0217 0x152c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
20:50:49.0227 0x152c circlass - ok
20:50:49.0299 0x152c [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\windows\system32\CLFS.sys
20:50:49.0329 0x152c CLFS - ok
20:50:49.0431 0x152c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:50:49.0441 0x152c clr_optimization_v2.0.50727_32 - ok
20:50:49.0503 0x152c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:50:49.0513 0x152c clr_optimization_v4.0.30319_32 - ok
20:50:49.0592 0x152c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:50:49.0595 0x152c CmBatt - ok
20:50:49.0645 0x152c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
20:50:49.0649 0x152c cmdide - ok
20:50:49.0751 0x152c [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\windows\system32\Drivers\cng.sys
20:50:49.0786 0x152c CNG - ok
20:50:49.0834 0x152c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
20:50:49.0838 0x152c Compbatt - ok
20:50:49.0902 0x152c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
20:50:49.0907 0x152c CompositeBus - ok
20:50:49.0938 0x152c COMSysApp - ok
20:50:49.0998 0x152c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
20:50:50.0002 0x152c crcdisk - ok
20:50:50.0094 0x152c [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\windows\system32\cryptsvc.dll
20:50:50.0112 0x152c CryptSvc - ok
20:50:50.0208 0x152c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
20:50:50.0260 0x152c DcomLaunch - ok
20:50:50.0355 0x152c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
20:50:50.0385 0x152c defragsvc - ok
20:50:50.0456 0x152c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:50:50.0468 0x152c DfsC - ok
20:50:50.0558 0x152c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
20:50:50.0587 0x152c Dhcp - ok
20:50:50.0631 0x152c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
20:50:50.0638 0x152c discache - ok
20:50:50.0699 0x152c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
20:50:50.0709 0x152c Disk - ok
20:50:50.0773 0x152c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
20:50:50.0791 0x152c Dnscache - ok
20:50:50.0863 0x152c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
20:50:50.0883 0x152c dot3svc - ok
20:50:50.0953 0x152c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
20:50:50.0973 0x152c DPS - ok
20:50:51.0048 0x152c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:50:51.0052 0x152c drmkaud - ok
20:50:51.0177 0x152c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:50:51.0260 0x152c DXGKrnl - ok
20:50:51.0332 0x152c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
20:50:51.0348 0x152c EapHost - ok
20:50:51.0746 0x152c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
20:50:52.0095 0x152c ebdrv - ok
20:50:52.0176 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] EFS C:\windows\System32\lsass.exe
20:50:52.0195 0x152c EFS - ok
20:50:52.0323 0x152c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:50:52.0392 0x152c ehRecvr - ok
20:50:52.0464 0x152c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
20:50:52.0476 0x152c ehSched - ok
20:50:52.0585 0x152c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
20:50:52.0641 0x152c elxstor - ok
20:50:52.0697 0x152c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
20:50:52.0697 0x152c ErrDev - ok
20:50:52.0799 0x152c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
20:50:52.0836 0x152c EventSystem - ok
20:50:52.0896 0x152c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
20:50:52.0913 0x152c exfat - ok
20:50:52.0967 0x152c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
20:50:52.0985 0x152c fastfat - ok
20:50:53.0110 0x152c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
20:50:53.0163 0x152c Fax - ok
20:50:53.0225 0x152c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
20:50:53.0235 0x152c fdc - ok
20:50:53.0303 0x152c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
20:50:53.0307 0x152c fdPHost - ok
20:50:53.0347 0x152c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
20:50:53.0358 0x152c FDResPub - ok
20:50:53.0396 0x152c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:50:53.0406 0x152c FileInfo - ok
20:50:53.0440 0x152c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:50:53.0449 0x152c Filetrace - ok
20:50:53.0487 0x152c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
20:50:53.0492 0x152c flpydisk - ok
20:50:53.0556 0x152c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:50:53.0578 0x152c FltMgr - ok
20:50:53.0727 0x152c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\windows\system32\FntCache.dll
20:50:53.0809 0x152c FontCache - ok
20:50:53.0921 0x152c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:50:53.0921 0x152c FontCache3.0.0.0 - ok
20:50:53.0971 0x152c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:50:53.0981 0x152c FsDepends - ok
20:50:54.0051 0x152c [ B74B0578FD1D3F897E95F2A2B69EA051, 64FCA8452CB37D55679AC8BEF221D6BA1D91E50680D37FFCFB81619ADAA5889C ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
20:50:54.0061 0x152c fssfltr - ok
20:50:54.0251 0x152c [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:50:54.0341 0x152c fsssvc - ok
20:50:54.0413 0x152c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:50:54.0423 0x152c Fs_Rec - ok
20:50:54.0513 0x152c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:50:54.0533 0x152c fvevol - ok
20:50:54.0603 0x152c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
20:50:54.0613 0x152c gagp30kx - ok
20:50:54.0663 0x152c [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:50:54.0673 0x152c GEARAspiWDM - ok
20:50:54.0826 0x152c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
20:50:54.0913 0x152c gpsvc - ok
20:50:55.0037 0x152c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:50:55.0057 0x152c gupdate - ok
20:50:55.0107 0x152c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:50:55.0127 0x152c gupdatem - ok
20:50:55.0227 0x152c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:50:55.0247 0x152c gusvc - ok
20:50:55.0317 0x152c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:50:55.0317 0x152c hcw85cir - ok
20:50:55.0427 0x152c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:50:55.0467 0x152c HdAudAddService - ok
20:50:55.0539 0x152c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
20:50:55.0562 0x152c HDAudBus - ok
20:50:55.0602 0x152c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
20:50:55.0613 0x152c HidBatt - ok
20:50:55.0669 0x152c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
20:50:55.0689 0x152c HidBth - ok
20:50:55.0729 0x152c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
20:50:55.0739 0x152c HidIr - ok
20:50:55.0799 0x152c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\system32\hidserv.dll
20:50:55.0809 0x152c hidserv - ok
20:50:55.0879 0x152c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\drivers\hidusb.sys
20:50:55.0894 0x152c HidUsb - ok
20:50:56.0001 0x152c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
20:50:56.0011 0x152c hkmsvc - ok
20:50:56.0071 0x152c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:50:56.0113 0x152c HomeGroupListener - ok
20:50:56.0183 0x152c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:50:56.0213 0x152c HomeGroupProvider - ok
20:50:56.0283 0x152c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:50:56.0293 0x152c HpSAMD - ok
20:50:56.0393 0x152c [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:50:56.0453 0x152c HTTP - ok
20:50:56.0545 0x152c [ 1720966D9C7EA5E2D78B6DB92D2F9171, B43521949F0557C9DC1DEC23A4A31D293FFBE721A937C90A2BCF6FCD1A216ADE ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
20:50:56.0565 0x152c hwdatacard - ok
20:50:56.0615 0x152c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:50:56.0625 0x152c hwpolicy - ok
20:50:56.0695 0x152c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
20:50:56.0705 0x152c i8042prt - ok
20:50:56.0815 0x152c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:50:56.0865 0x152c iaStorV - ok
20:50:57.0087 0x152c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:50:57.0197 0x152c idsvc - ok
20:50:57.0257 0x152c IEEtwCollectorService - ok
20:50:57.0417 0x152c [ BB418D3796D89EF0665450228287CB34, 56F18650BF2E09E99FBC8037EE395EC8AE357A837F4271E2E34763E801E13C3E ] igd C:\windows\system32\DRIVERS\igdkmd32.sys
20:50:57.0507 0x152c igd - ok
20:50:57.0609 0x152c [ BB418D3796D89EF0665450228287CB34, 56F18650BF2E09E99FBC8037EE395EC8AE357A837F4271E2E34763E801E13C3E ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
20:50:57.0679 0x152c igfx - ok
20:50:57.0749 0x152c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
20:50:57.0769 0x152c iirsp - ok
20:50:57.0919 0x152c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
20:50:58.0019 0x152c IKEEXT - ok
20:50:58.0457 0x152c [ DB96B8BD676BB24BD4F1DC53CA1F182C, 42E8A43E35520793A3A34BA6F70A631D629194C8C882EB62BBF296D9F731D6CD ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
20:50:58.0799 0x152c IntcAzAudAddService - ok
20:50:58.0903 0x152c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
20:50:58.0911 0x152c intelide - ok
20:50:58.0991 0x152c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
20:50:59.0003 0x152c intelppm - ok
20:50:59.0062 0x152c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:50:59.0075 0x152c IPBusEnum - ok
20:50:59.0105 0x152c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:50:59.0115 0x152c IpFilterDriver - ok
20:50:59.0225 0x152c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:50:59.0308 0x152c iphlpsvc - ok
20:50:59.0381 0x152c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:50:59.0391 0x152c IPMIDRV - ok
20:50:59.0461 0x152c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:50:59.0481 0x152c IPNAT - ok
20:50:59.0611 0x152c [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:50:59.0651 0x152c iPod Service - ok
20:50:59.0701 0x152c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
20:50:59.0701 0x152c IRENUM - ok
20:50:59.0771 0x152c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
20:50:59.0781 0x152c isapnp - ok
20:50:59.0851 0x152c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:50:59.0871 0x152c iScsiPrt - ok
20:50:59.0931 0x152c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
20:50:59.0941 0x152c kbdclass - ok
20:51:00.0001 0x152c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:51:00.0011 0x152c kbdhid - ok
20:51:00.0081 0x152c [ 3EB803312987FF44265C87CB960DF6AB, D6F44702F92089A0C847044A3933F7311D6A72C4647C3FECB35CDBF96A913A40 ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
20:51:00.0081 0x152c kbfiltr - ok
20:51:00.0131 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] KeyIso C:\windows\system32\lsass.exe
20:51:00.0141 0x152c KeyIso - ok
20:51:00.0201 0x152c [ 4DAC97CF81FAE4B2988AEF0DF40D04AE, 5560304972693DE5D5B21CE010A76067FA5B64AD5968122EE9F8248B3EA4878E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:51:00.0211 0x152c KSecDD - ok
20:51:00.0275 0x152c [ 9EED5E0B7BF784C491C2289A09920BDA, 9E82EB777A01AB32EDA2AE0420546602A82C850D68D2C0AEDB4EA5ADEDF835E6 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:51:00.0291 0x152c KSecPkg - ok
20:51:00.0373 0x152c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
20:51:00.0415 0x152c KtmRm - ok
20:51:00.0485 0x152c [ A158CEA8644B8A5C1EC0E9A81B70F65A, 70B4726BFB652CB41F06F60AE2A780A521E7B783F0B38BE55E8A566A915929F5 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
20:51:00.0495 0x152c L1C - ok
20:51:00.0535 0x152c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\system32\srvsvc.dll
20:51:00.0565 0x152c LanmanServer - ok
20:51:00.0625 0x152c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:51:00.0655 0x152c LanmanWorkstation - ok
20:51:00.0737 0x152c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:51:00.0747 0x152c lltdio - ok
20:51:00.0807 0x152c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:51:00.0837 0x152c lltdsvc - ok
20:51:00.0877 0x152c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
20:51:00.0887 0x152c lmhosts - ok
20:51:00.0967 0x152c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
20:51:00.0987 0x152c LSI_FC - ok
20:51:01.0037 0x152c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
20:51:01.0057 0x152c LSI_SAS - ok
20:51:01.0097 0x152c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
20:51:01.0107 0x152c LSI_SAS2 - ok
20:51:01.0147 0x152c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
20:51:01.0169 0x152c LSI_SCSI - ok
20:51:01.0219 0x152c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
20:51:01.0229 0x152c luafv - ok
20:51:01.0304 0x152c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:51:01.0327 0x152c Mcx2Svc - ok
20:51:01.0366 0x152c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
20:51:01.0377 0x152c megasas - ok
20:51:01.0461 0x152c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
20:51:01.0491 0x152c MegaSR - ok
20:51:01.0541 0x152c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
20:51:01.0551 0x152c MMCSS - ok
20:51:01.0581 0x152c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
20:51:01.0581 0x152c Modem - ok
20:51:01.0631 0x152c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:51:01.0641 0x152c monitor - ok
20:51:01.0691 0x152c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:51:01.0701 0x152c mouclass - ok
20:51:01.0761 0x152c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:51:01.0771 0x152c mouhid - ok
20:51:01.0831 0x152c [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:51:01.0851 0x152c mountmgr - ok
20:51:01.0930 0x152c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
20:51:01.0943 0x152c mpio - ok
20:51:02.0013 0x152c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:51:02.0033 0x152c mpsdrv - ok
20:51:02.0153 0x152c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
20:51:02.0245 0x152c MpsSvc - ok
20:51:02.0317 0x152c [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:51:02.0337 0x152c MRxDAV - ok
20:51:02.0417 0x152c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:51:02.0427 0x152c mrxsmb - ok
20:51:02.0517 0x152c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:51:02.0565 0x152c mrxsmb10 - ok
20:51:02.0619 0x152c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:51:02.0639 0x152c mrxsmb20 - ok
20:51:02.0689 0x152c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
20:51:02.0699 0x152c msahci - ok
20:51:02.0779 0x152c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:51:02.0799 0x152c msdsm - ok
20:51:02.0861 0x152c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
20:51:02.0891 0x152c MSDTC - ok
20:51:02.0991 0x152c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
20:51:02.0991 0x152c Msfs - ok
20:51:03.0031 0x152c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:51:03.0051 0x152c mshidkmdf - ok
20:51:03.0123 0x152c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:51:03.0133 0x152c msisadrv - ok
20:51:03.0203 0x152c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:51:03.0223 0x152c MSiSCSI - ok
20:51:03.0253 0x152c msiserver - ok
20:51:03.0313 0x152c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:51:03.0323 0x152c MSKSSRV - ok
20:51:03.0375 0x152c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:51:03.0385 0x152c MSPCLOCK - ok
20:51:03.0415 0x152c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:51:03.0425 0x152c MSPQM - ok
20:51:03.0485 0x152c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:51:03.0515 0x152c MsRPC - ok
20:51:03.0595 0x152c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
20:51:03.0595 0x152c mssmbios - ok
20:51:03.0645 0x152c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:51:03.0666 0x152c MSTEE - ok
20:51:03.0704 0x152c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
20:51:03.0713 0x152c MTConfig - ok
20:51:03.0777 0x152c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
20:51:03.0787 0x152c Mup - ok
20:51:03.0879 0x152c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
20:51:03.0919 0x152c napagent - ok
20:51:04.0009 0x152c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:51:04.0039 0x152c NativeWifiP - ok
20:51:04.0179 0x152c [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
20:51:04.0239 0x152c NDIS - ok
20:51:04.0289 0x152c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:51:04.0299 0x152c NdisCap - ok
20:51:04.0359 0x152c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:51:04.0369 0x152c NdisTapi - ok
20:51:04.0429 0x152c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:51:04.0439 0x152c Ndisuio - ok
20:51:04.0489 0x152c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:51:04.0509 0x152c NdisWan - ok
20:51:04.0549 0x152c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:51:04.0559 0x152c NDProxy - ok
20:51:04.0629 0x152c [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
20:51:04.0644 0x152c Net Driver HPZ12 - ok
20:51:04.0681 0x152c [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\windows\system32\DRIVERS\netaapl.sys
20:51:04.0691 0x152c Netaapl - ok
20:51:04.0741 0x152c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:51:04.0751 0x152c NetBIOS - ok
20:51:04.0833 0x152c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:51:04.0853 0x152c NetBT - ok
20:51:04.0893 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] Netlogon C:\windows\system32\lsass.exe
20:51:04.0903 0x152c Netlogon - ok
20:51:04.0983 0x152c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
20:51:05.0023 0x152c Netman - ok
20:51:05.0083 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0103 0x152c NetMsmqActivator - ok
20:51:05.0153 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0163 0x152c NetPipeActivator - ok
20:51:05.0243 0x152c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
20:51:05.0283 0x152c netprofm - ok
20:51:05.0323 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0343 0x152c NetTcpActivator - ok
20:51:05.0373 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0393 0x152c NetTcpPortSharing - ok
20:51:05.0455 0x152c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
20:51:05.0465 0x152c nfrd960 - ok
20:51:05.0535 0x152c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\windows\System32\nlasvc.dll
20:51:05.0575 0x152c NlaSvc - ok
20:51:05.0615 0x152c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:51:05.0625 0x152c Npfs - ok
20:51:05.0685 0x152c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
20:51:05.0695 0x152c nsi - ok
20:51:05.0725 0x152c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:51:05.0735 0x152c nsiproxy - ok
20:51:05.0944 0x152c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:51:06.0064 0x152c Ntfs - ok
20:51:06.0114 0x152c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
20:51:06.0124 0x152c Null - ok
20:51:06.0184 0x152c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
20:51:06.0194 0x152c nvraid - ok
20:51:06.0274 0x152c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
20:51:06.0294 0x152c nvstor - ok
20:51:06.0334 0x152c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:51:06.0344 0x152c nv_agp - ok
20:51:06.0460 0x152c [ 4A0ADB15B198A1222EB6B9D31BF818FC, 7FA4DE9AEF466E4A5B8802A36C2163AD8434212D894B45C03BE6598D1F0EA5D5 ] NWIM C:\windows\system32\DRIVERS\avmnwim.sys
20:51:06.0500 0x152c NWIM - ok
20:51:06.0566 0x152c [ 93996AC3A64FB550506E1EA80DD334EB, 9FA8D2C5B40C11373835D1183BC92DE55504E57D4BC0347B837758EBF70FE5B8 ] nwtsrv C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
20:51:06.0586 0x152c nwtsrv - ok
20:51:06.0696 0x152c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:51:06.0746 0x152c odserv - ok
20:51:06.0806 0x152c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:51:06.0816 0x152c ohci1394 - ok
20:51:06.0888 0x152c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:51:06.0908 0x152c ose - ok
20:51:07.0018 0x152c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:51:07.0058 0x152c p2pimsvc - ok
20:51:07.0118 0x152c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
20:51:07.0158 0x152c p2psvc - ok
20:51:07.0218 0x152c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
20:51:07.0228 0x152c Parport - ok
20:51:07.0278 0x152c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
20:51:07.0288 0x152c partmgr - ok
20:51:07.0318 0x152c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
20:51:07.0328 0x152c Parvdm - ok
20:51:07.0388 0x152c [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\windows\System32\pcasvc.dll
20:51:07.0418 0x152c PcaSvc - ok
20:51:07.0468 0x152c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
20:51:07.0488 0x152c pci - ok
20:51:07.0538 0x152c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
20:51:07.0548 0x152c pciide - ok
20:51:07.0608 0x152c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
20:51:07.0628 0x152c pcmcia - ok
20:51:07.0668 0x152c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
20:51:07.0678 0x152c pcw - ok
20:51:07.0788 0x152c [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:51:07.0848 0x152c PEAUTH - ok
20:51:08.0110 0x152c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
20:51:08.0270 0x152c pla - ok
20:51:08.0370 0x152c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:51:08.0400 0x152c PlugPlay - ok
20:51:08.0490 0x152c [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
20:51:08.0500 0x152c Pml Driver HPZ12 - ok
20:51:08.0540 0x152c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:51:08.0560 0x152c PNRPAutoReg - ok
20:51:08.0620 0x152c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:51:08.0650 0x152c PNRPsvc - ok
20:51:08.0740 0x152c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:51:08.0780 0x152c PolicyAgent - ok
20:51:08.0850 0x152c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
20:51:08.0870 0x152c Power - ok
20:51:08.0940 0x152c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:51:08.0950 0x152c PptpMiniport - ok
20:51:09.0000 0x152c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
20:51:09.0013 0x152c Processor - ok
20:51:09.0082 0x152c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\windows\system32\profsvc.dll
20:51:09.0128 0x152c ProfSvc - ok
20:51:09.0164 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] ProtectedStorage C:\windows\system32\lsass.exe
20:51:09.0174 0x152c ProtectedStorage - ok
20:51:09.0224 0x152c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:51:09.0234 0x152c Psched - ok
20:51:09.0294 0x152c [ 40FEDD328F98245AD201CF5F9F311724, CE1582652B6A7CACE46D8B492CAA8E51EA46C3890EF640E8C5E1E053731A4D74 ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
20:51:09.0304 0x152c PxHelp20 - ok
20:51:09.0498 0x152c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
20:51:09.0626 0x152c ql2300 - ok
20:51:09.0686 0x152c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
20:51:09.0706 0x152c ql40xx - ok
20:51:09.0766 0x152c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
20:51:09.0796 0x152c QWAVE - ok
20:51:09.0846 0x152c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:51:09.0856 0x152c QWAVEdrv - ok
20:51:09.0886 0x152c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:51:09.0886 0x152c RasAcd - ok
20:51:09.0956 0x152c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:51:09.0956 0x152c RasAgileVpn - ok
20:51:10.0006 0x152c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
20:51:10.0038 0x152c RasAuto - ok
20:51:10.0088 0x152c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:51:10.0098 0x152c Rasl2tp - ok
20:51:10.0198 0x152c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
20:51:10.0250 0x152c RasMan - ok
20:51:10.0310 0x152c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:51:10.0320 0x152c RasPppoe - ok
20:51:10.0360 0x152c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:51:10.0376 0x152c RasSstp - ok
20:51:10.0432 0x152c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:51:10.0452 0x152c rdbss - ok
20:51:10.0502 0x152c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
20:51:10.0502 0x152c rdpbus - ok
20:51:10.0562 0x152c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:51:10.0562 0x152c RDPCDD - ok
20:51:10.0622 0x152c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:51:10.0632 0x152c RDPENCDD - ok
20:51:10.0672 0x152c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:51:10.0672 0x152c RDPREFMP - ok
20:51:10.0752 0x152c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:51:10.0772 0x152c RDPWD - ok
20:51:10.0859 0x152c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:51:10.0883 0x152c rdyboost - ok
20:51:10.0934 0x152c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
20:51:10.0944 0x152c RemoteAccess - ok
20:51:11.0004 0x152c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
20:51:11.0024 0x152c RemoteRegistry - ok
20:51:11.0104 0x152c [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
20:51:11.0124 0x152c RFCOMM - ok
20:51:11.0174 0x152c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:51:11.0194 0x152c RpcEptMapper - ok
20:51:11.0224 0x152c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
20:51:11.0234 0x152c RpcLocator - ok
20:51:11.0326 0x152c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
20:51:11.0378 0x152c RpcSs - ok
20:51:11.0428 0x152c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:51:11.0438 0x152c rspndr - ok
20:51:11.0478 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] SamSs C:\windows\system32\lsass.exe
20:51:11.0488 0x152c SamSs - ok
20:51:11.0542 0x152c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:51:11.0560 0x152c sbp2port - ok
20:51:11.0640 0x152c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
20:51:11.0660 0x152c SCardSvr - ok
20:51:11.0710 0x152c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:51:11.0720 0x152c scfilter - ok
20:51:11.0887 0x152c [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\windows\system32\schedsvc.dll
20:51:11.0962 0x152c Schedule - ok
20:51:12.0012 0x152c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
20:51:12.0028 0x152c SCPolicySvc - ok
20:51:12.0084 0x152c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:51:12.0104 0x152c SDRSVC - ok
20:51:12.0164 0x152c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:51:12.0174 0x152c secdrv - ok
20:51:12.0224 0x152c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
20:51:12.0244 0x152c seclogon - ok
20:51:12.0284 0x152c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\System32\sens.dll
20:51:12.0314 0x152c SENS - ok
20:51:12.0354 0x152c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:51:12.0418 0x152c SensrSvc - ok
20:51:12.0470 0x152c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
20:51:12.0481 0x152c Serenum - ok
20:51:12.0547 0x152c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
20:51:12.0565 0x152c Serial - ok
20:51:12.0636 0x152c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
20:51:12.0646 0x152c sermouse - ok
20:51:12.0766 0x152c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
20:51:12.0796 0x152c SessionEnv - ok
20:51:12.0856 0x152c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:51:12.0866 0x152c sffdisk - ok
20:51:12.0896 0x152c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:51:12.0906 0x152c sffp_mmc - ok
20:51:12.0946 0x152c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:51:12.0956 0x152c sffp_sd - ok
20:51:13.0008 0x152c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
20:51:13.0018 0x152c sfloppy - ok
20:51:13.0140 0x152c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
20:51:13.0190 0x152c SharedAccess - ok
20:51:13.0270 0x152c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:51:13.0320 0x152c ShellHWDetection - ok
20:51:13.0360 0x152c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
20:51:13.0380 0x152c sisagp - ok
20:51:13.0440 0x152c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
20:51:13.0450 0x152c SiSRaid2 - ok
20:51:13.0490 0x152c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
20:51:13.0510 0x152c SiSRaid4 - ok
20:51:13.0662 0x152c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:51:13.0710 0x152c SkypeUpdate - ok
20:51:13.0784 0x152c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:51:13.0804 0x152c Smb - ok
20:51:13.0904 0x152c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:51:13.0924 0x152c SNMPTRAP - ok
20:51:13.0954 0x152c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
20:51:13.0964 0x152c spldr - ok
20:51:14.0076 0x152c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
20:51:14.0126 0x152c Spooler - ok
20:51:14.0610 0x152c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
20:51:14.0994 0x152c sppsvc - ok
20:51:15.0096 0x152c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
20:51:15.0116 0x152c sppuinotify - ok
20:51:15.0206 0x152c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys
20:51:15.0246 0x152c srv - ok
20:51:15.0326 0x152c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:51:15.0366 0x152c srv2 - ok
20:51:15.0426 0x152c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:51:15.0446 0x152c srvnet - ok
20:51:15.0526 0x152c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:51:15.0566 0x152c SSDPSRV - ok
20:51:15.0638 0x152c [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
20:51:15.0648 0x152c ssmdrv - ok
20:51:15.0718 0x152c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll
20:51:15.0748 0x152c SstpSvc - ok
20:51:15.0806 0x152c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
20:51:15.0818 0x152c stexstor - ok
20:51:15.0889 0x152c [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\windows\system32\DRIVERS\serscan.sys
20:51:15.0903 0x152c StillCam - ok
20:51:16.0033 0x152c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll
20:51:16.0090 0x152c StiSvc - ok
20:51:16.0130 0x152c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys
20:51:16.0140 0x152c swenum - ok
20:51:16.0210 0x152c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll
20:51:16.0250 0x152c swprv - ok
20:51:16.0330 0x152c [ 8BD10DC8809DC69A1C5A795CB10ADD76, 92ED1BC580DC2BE539296D69775368C974FBB0145A5114BA250261E49E073960 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:51:16.0360 0x152c SynTP - ok
20:51:16.0510 0x152c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\windows\system32\sysmain.dll
20:51:16.0610 0x152c SysMain - ok
20:51:16.0722 0x152c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
20:51:16.0742 0x152c TabletInputService - ok
20:51:16.0842 0x152c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll
20:51:16.0879 0x152c TapiSrv - ok
20:51:16.0934 0x152c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll
20:51:16.0954 0x152c TBS - ok
20:51:17.0136 0x152c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:51:17.0266 0x152c Tcpip - ok
20:51:17.0436 0x152c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:51:17.0548 0x152c TCPIP6 - ok
20:51:17.0670 0x152c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:51:17.0680 0x152c tcpipreg - ok
20:51:17.0750 0x152c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:51:17.0750 0x152c TDPIPE - ok
20:51:17.0800 0x152c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:51:17.0810 0x152c TDTCP - ok
20:51:17.0870 0x152c [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:51:17.0890 0x152c tdx - ok
20:51:18.0452 0x152c [ 7F4DFE2297AE542CE5BCC88553A541F6, 490FE8EAD232082B53C7FCBD632C816DA18754B9E19AC2AC388F76C0041F89B5 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
20:51:18.0786 0x152c TeamViewer7 - ok
20:51:18.0876 0x152c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys
20:51:18.0886 0x152c TermDD - ok
20:51:19.0041 0x152c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\windows\System32\termsrv.dll
20:51:19.0154 0x152c TermService - ok
20:51:19.0242 0x152c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll
20:51:19.0267 0x152c Themes - ok
20:51:19.0327 0x152c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll
20:51:19.0345 0x152c THREADORDER - ok
20:51:19.0400 0x152c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll
20:51:19.0420 0x152c TrkWks - ok
20:51:19.0510 0x152c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:51:19.0540 0x152c TrustedInstaller - ok
20:51:19.0622 0x152c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:51:19.0632 0x152c tssecsrv - ok
20:51:19.0702 0x152c [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:51:19.0722 0x152c TsUsbFlt - ok
20:51:19.0802 0x152c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:51:19.0832 0x152c tunnel - ok
20:51:19.0914 0x152c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
20:51:19.0924 0x152c uagp35 - ok
20:51:20.0004 0x152c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:51:20.0036 0x152c udfs - ok
20:51:20.0116 0x152c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe
20:51:20.0146 0x152c UI0Detect - ok
20:51:20.0206 0x152c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:51:20.0216 0x152c uliagpkx - ok
20:51:20.0276 0x152c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:51:20.0286 0x152c umbus - ok
20:51:20.0346 0x152c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
20:51:20.0356 0x152c UmPass - ok
20:51:20.0446 0x152c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll
20:51:20.0508 0x152c upnphost - ok
20:51:20.0588 0x152c [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
20:51:20.0598 0x152c USBAAPL - ok
20:51:20.0668 0x152c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:51:20.0688 0x152c usbccgp - ok
20:51:20.0748 0x152c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys
20:51:20.0768 0x152c usbcir - ok
20:51:20.0818 0x152c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\windows\system32\drivers\usbehci.sys
20:51:20.0828 0x152c usbehci - ok
20:51:20.0918 0x152c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:51:20.0948 0x152c usbhub - ok
20:51:21.0013 0x152c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\windows\system32\drivers\usbohci.sys
20:51:21.0031 0x152c usbohci - ok
20:51:21.0093 0x152c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:51:21.0107 0x152c usbprint - ok
20:51:21.0164 0x152c [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:51:21.0177 0x152c usbscan - ok
20:51:21.0252 0x152c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:51:21.0262 0x152c USBSTOR - ok
20:51:21.0312 0x152c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:51:21.0322 0x152c usbuhci - ok
20:51:21.0402 0x152c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
20:51:21.0422 0x152c usbvideo - ok
20:51:21.0462 0x152c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll
20:51:21.0482 0x152c UxSms - ok
20:51:21.0522 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] VaultSvc C:\windows\system32\lsass.exe
20:51:21.0539 0x152c VaultSvc - ok
20:51:21.0584 0x152c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:51:21.0594 0x152c vdrvroot - ok
20:51:21.0694 0x152c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe
20:51:21.0764 0x152c vds - ok
20:51:21.0831 0x152c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:51:21.0843 0x152c vga - ok
20:51:21.0876 0x152c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys
20:51:21.0886 0x152c VgaSave - ok
20:51:21.0956 0x152c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:51:21.0976 0x152c vhdmp - ok
20:51:22.0032 0x152c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys
20:51:22.0041 0x152c viaagp - ok
20:51:22.0078 0x152c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
20:51:22.0088 0x152c ViaC7 - ok
20:51:22.0170 0x152c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys
20:51:22.0178 0x152c viaide - ok
20:51:22.0224 0x152c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:51:22.0236 0x152c volmgr - ok
20:51:22.0312 0x152c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:51:22.0332 0x152c volmgrx - ok
20:51:22.0392 0x152c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys
20:51:22.0422 0x152c volsnap - ok
20:51:22.0563 0x152c [ 5298DCF8D684DBBF24CDB622F8A7CB37, B9FE264930EDE11FFA0ABC81F70101E9CE800E4B700DF00D21159359E7406EA2 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
20:51:22.0593 0x152c vpnagent - ok
20:51:22.0633 0x152c [ 174268D44B24ECC79119634142F908AB, 8AC46C019CBA0081BA095B34DFF97C30284353FDEE32361A44849C7B7F4B6769 ] vpnva C:\windows\system32\DRIVERS\vpnva.sys
20:51:22.0643 0x152c vpnva - ok
20:51:22.0736 0x152c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
20:51:22.0761 0x152c vsmraid - ok
20:51:22.0905 0x152c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe
20:51:23.0005 0x152c VSS - ok
20:51:23.0105 0x152c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:51:23.0105 0x152c vwifibus - ok
20:51:23.0165 0x152c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:51:23.0175 0x152c vwififlt - ok
20:51:23.0245 0x152c [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:51:23.0245 0x152c vwifimp - ok
20:51:23.0335 0x152c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll
20:51:23.0385 0x152c W32Time - ok
20:51:23.0505 0x152c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
20:51:23.0515 0x152c WacomPen - ok
20:51:23.0590 0x152c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:51:23.0608 0x152c WANARP - ok
20:51:23.0643 0x152c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:51:23.0660 0x152c Wanarpv6 - ok
20:51:23.0917 0x152c [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:51:24.0047 0x152c WatAdminSvc - ok
20:51:24.0229 0x152c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe
20:51:24.0349 0x152c wbengine - ok
20:51:24.0439 0x152c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:51:24.0479 0x152c WbioSrvc - ok
20:51:24.0564 0x152c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll
20:51:24.0614 0x152c wcncsvc - ok
20:51:24.0659 0x152c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:51:24.0674 0x152c WcsPlugInService - ok
20:51:24.0711 0x152c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys
20:51:24.0711 0x152c Wd - ok
20:51:24.0801 0x152c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:51:24.0851 0x152c Wdf01000 - ok
20:51:24.0921 0x152c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\windows\system32\wdi.dll
20:51:24.0941 0x152c WdiServiceHost - ok
20:51:24.0961 0x152c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\windows\system32\wdi.dll
20:51:24.0981 0x152c WdiSystemHost - ok
20:51:25.0051 0x152c [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\windows\System32\webclnt.dll
20:51:25.0081 0x152c WebClient - ok
20:51:25.0151 0x152c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll
20:51:25.0171 0x152c Wecsvc - ok
20:51:25.0201 0x152c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:51:25.0221 0x152c wercplsupport - ok
20:51:25.0271 0x152c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll
20:51:25.0291 0x152c WerSvc - ok
20:51:25.0331 0x152c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:51:25.0331 0x152c WfpLwf - ok
20:51:25.0381 0x152c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:51:25.0381 0x152c WIMMount - ok
20:51:25.0501 0x152c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:51:25.0551 0x152c WinDefend - ok
20:51:25.0611 0x152c WinHttpAutoProxySvc - ok
20:51:25.0701 0x152c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:51:25.0721 0x152c Winmgmt - ok
20:51:25.0871 0x152c [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\windows\system32\WsmSvc.dll
20:51:25.0996 0x152c WinRM - ok
20:51:26.0083 0x152c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:51:26.0093 0x152c WinUsb - ok
20:51:26.0193 0x152c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll
20:51:26.0281 0x152c Wlansvc - ok
20:51:26.0471 0x152c [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:51:26.0591 0x152c wlidsvc - ok
20:51:26.0663 0x152c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:51:26.0663 0x152c WmiAcpi - ok
20:51:26.0733 0x152c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:51:26.0743 0x152c wmiApSrv - ok
20:51:26.0998 0x152c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:51:27.0139 0x152c WMPNetworkSvc - ok
20:51:27.0211 0x152c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll
20:51:27.0241 0x152c WPCSvc - ok
20:51:27.0301 0x152c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:51:27.0331 0x152c WPDBusEnum - ok
20:51:27.0381 0x152c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:51:27.0381 0x152c ws2ifsl - ok
20:51:27.0441 0x152c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\System32\wscsvc.dll
20:51:27.0471 0x152c wscsvc - ok
20:51:27.0541 0x152c [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
20:51:27.0551 0x152c WSDPrintDevice - ok
20:51:27.0571 0x152c WSearch - ok
20:51:27.0761 0x152c [ A583F4BF607EBC5709578433207A76A8, 679E54BECFE27F7A0573263494E5028E02DF9A9817B79EEF6B7C04DB27C1F56E ] WTGService C:\Program Files\Verbindungsassistent\wtgservice.exe
20:51:27.0811 0x152c WTGService - ok
20:51:28.0154 0x152c [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\windows\system32\wuaueng.dll
20:51:28.0387 0x152c wuauserv - ok
20:51:28.0477 0x152c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:51:28.0497 0x152c WudfPf - ok
20:51:28.0577 0x152c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:51:28.0597 0x152c WUDFRd - ok
20:51:28.0667 0x152c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:51:28.0707 0x152c wudfsvc - ok
20:51:28.0799 0x152c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\windows\System32\wwansvc.dll
20:51:28.0839 0x152c WwanSvc - ok
20:51:28.0971 0x152c ================ Scan global ===============================
20:51:29.0031 0x152c [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
20:51:29.0101 0x152c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
20:51:29.0181 0x152c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
20:51:29.0295 0x152c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
20:51:29.0405 0x152c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
20:51:29.0445 0x152c [ Global ] - ok
20:51:29.0455 0x152c ================ Scan MBR ==================================
20:51:29.0475 0x152c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:51:30.0065 0x152c \Device\Harddisk0\DR0 - ok
20:51:30.0065 0x152c ================ Scan VBR ==================================
20:51:30.0085 0x152c [ 257D18947DE5165B2B503ED0392F3C50 ] \Device\Harddisk0\DR0\Partition1
20:51:30.0095 0x152c \Device\Harddisk0\DR0\Partition1 - ok
20:51:30.0115 0x152c [ FC2C98DD2EC94A43BC19445F1C0DC14D ] \Device\Harddisk0\DR0\Partition2
20:51:30.0125 0x152c \Device\Harddisk0\DR0\Partition2 - ok
20:51:30.0135 0x152c ================ Scan generic autorun ======================
20:51:30.0409 0x152c [ 778B2333591E9D28063D491456DA18BE, B6EE1FDE2CC137C075E2AA5A588C9356F79690525B0587A97D63127768247717 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:51:30.0591 0x152c SynTPEnh - ok
20:51:30.0621 0x152c HotkeyMon - ok
20:51:30.0641 0x152c HotkeyService - ok
20:51:31.0105 0x152c [ 37DEB76A2CF005841C4E45DE2B94D84F, BB8F7BC57A4144A4489DB1DD7F2121346A2235EC478CE8F93CEB7E1773025FCA ] C:\Windows\AsScrPro.exe
20:51:31.0509 0x152c ASUS Screen Saver Protector - ok
20:51:31.0629 0x152c [ 95B5AB49BE07F27C63CC0BBCE34B8E22, A662A74F6209881982F922797A383845E0DFCBD1D2862A3BD992F9300945455F ] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
20:51:31.0669 0x152c Eee Docking - ok
20:51:31.0679 0x152c LiveUpdate - ok
20:51:31.0719 0x152c [ 822E6029CE5B3EBF31016860E81E2415, BE31A7F6A1F4601A8FC9E6C87C1762849829CA2ABBE1BE5B41E945648C662EC1 ] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
20:51:31.0729 0x152c SynAsusAcpi - ok
20:51:31.0929 0x152c [ 609615D2DC9459AE90293A71441F873F, 6FBA9C3A8B6313AF9A73510C1FA230E92409041387EC6EB48694220B5A8A4124 ] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
20:51:32.0111 0x152c EeeStorageBackup - ok
20:51:32.0131 0x152c SuperHybridEngine - ok
20:51:33.0231 0x152c [ 93190A2F166DB15FF8A9D7C260F2806F, 1FD555DE9690C9176BA1BCBE97893C01FA03425244E376FC83A72BAAA2A5AB07 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
20:51:34.0079 0x152c RtHDVCpl - ok
20:51:34.0179 0x152c [ E45ECE7E748F65E3A944C967C776320F, 8CF8F7EC1DC7BDE50C651AE91CB72F039B7C0A14B0506941713BA4ECB640A5E9 ] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk
20:51:34.0179 0x152c Boingo Wi-Fi - ok
20:51:34.0259 0x152c [ 7A329E85E5CA8A6DF0D5E315D096653F, 0E67C8994BFB1D0257F7E9CC441F1DE9CC4994D49CBA14837702A79EB08D5B53 ] C:\windows\system32\igfxtray.exe
20:51:34.0279 0x152c IgfxTray - ok
20:51:34.0349 0x152c [ D51C0A0315B4065E010233DDC12A07DC, A8AC7CDCE3139197E70817EFB2C641304804D9D4D78FC1B7AF76A6CC070C712F ] C:\windows\system32\hkcmd.exe
20:51:34.0389 0x152c HotKeysCmds - ok
20:51:34.0449 0x152c [ F40D8F396327000DDF50FD9DE5E28831, 8A2931F085FF5F677AAF7021D5C34D061612724395C87D7AE32E70A2DEE6F8F3 ] C:\windows\system32\IgfxExt.exe
20:51:34.0489 0x152c IgfxExt - ok
20:51:34.0581 0x152c [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:51:34.0591 0x152c APSDaemon - ok
20:51:34.0774 0x152c [ 6DE7D6413E5D0458882D3134D31C2446, 7605A7144165F784869A12887C80B0B49BF232146B70A94712C12D8521B9B9EF ] C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
20:51:34.0844 0x152c ASUSWebStorage - ok
20:51:35.0154 0x152c [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
20:51:35.0224 0x152c avgnt - ok
20:51:35.0494 0x152c [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:51:35.0606 0x152c Adobe ARM - ok
20:51:35.0716 0x152c [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
20:51:35.0736 0x152c iTunesHelper - ok
20:51:35.0871 0x152c [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
20:51:35.0908 0x152c QuickTime Task - ok
20:51:36.0028 0x152c [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
20:51:36.0048 0x152c HP Software Update - ok
20:51:36.0250 0x152c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:51:36.0395 0x152c Sidebar - ok
20:51:36.0474 0x152c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:51:36.0494 0x152c mctadmin - ok
20:51:36.0664 0x152c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:51:36.0784 0x152c Sidebar - ok
20:51:36.0824 0x152c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:51:36.0854 0x152c mctadmin - ok
20:51:36.0926 0x152c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:51:36.0926 0x152c swg - ok
20:51:36.0998 0x152c [ 5588812731C64305F2579DD8215037E0, 0FA8D3DE660670125C203B96FDA4DDF7A88B66C37F66E5F183C4BC7983E55709 ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
20:51:36.0998 0x152c LDM - ok
20:51:37.0261 0x152c [ 6B06FF37263E4B3978FD358F610FAB92, E5F60B147CD4AD35DDAE8CDC991BAF5F47394D21DF11B3FAE610A118DF764A01 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
20:51:37.0411 0x152c HP Officejet 6700 (NET) - ok
20:51:37.0541 0x152c [ B60F618B09FDC751902B7486F3A26E92, BDF0C33960C98445018CF48F78D66F643E5AA1EDBF7E0265CE10C75F828E85AF ] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
20:51:37.0551 0x152c iCloudServices - ok
20:51:37.0621 0x152c Skype - ok
20:51:37.0641 0x152c Waiting for KSN requests completion. In queue: 87
20:51:38.0643 0x152c Waiting for KSN requests completion. In queue: 87
20:51:39.0645 0x152c Waiting for KSN requests completion. In queue: 87
20:51:40.0645 0x152c Waiting for KSN requests completion. In queue: 87
20:51:41.0649 0x152c Waiting for KSN requests completion. In queue: 87
20:51:42.0653 0x152c Waiting for KSN requests completion. In queue: 87
20:51:43.0653 0x152c Waiting for KSN requests completion. In queue: 87
20:51:44.0653 0x152c Waiting for KSN requests completion. In queue: 87
20:51:45.0655 0x152c Waiting for KSN requests completion. In queue: 87
20:51:46.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:47.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:48.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:49.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:50.0667 0x152c Waiting for KSN requests completion. In queue: 87
20:51:51.0669 0x152c Waiting for KSN requests completion. In queue: 87
20:51:52.0763 0x152c AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41010 ( enabled : outofdate )
20:51:52.0783 0x152c Win FW state via NFP2: enabled
20:51:55.0438 0x152c ============================================================
20:51:55.0438 0x152c Scan finished
20:51:55.0438 0x152c ============================================================
20:51:55.0488 0x0ea8 Detected object count: 0
20:51:55.0488 0x0ea8 Actual detected object count: 0
|
|
30.03.2015, 20:45
| #6 |
| | Teil 1Code:
ATTFilter 20:49:44.0479 0x1290 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:49:50.0057 0x1290 ============================================================
20:49:50.0057 0x1290 Current date / time: 2015/03/30 20:49:50.0057
20:49:50.0057 0x1290 SystemInfo:
20:49:50.0057 0x1290
20:49:50.0057 0x1290 OS Version: 6.1.7601 ServicePack: 1.0
20:49:50.0057 0x1290 Product type: Workstation
20:49:50.0057 0x1290 ComputerName: KIRSTENNETBOOK
20:49:50.0057 0x1290 UserName: Kirsten Netbook
20:49:50.0057 0x1290 Windows directory: C:\windows
20:49:50.0057 0x1290 System windows directory: C:\windows
20:49:50.0057 0x1290 Processor architecture: Intel x86
20:49:50.0057 0x1290 Number of processors: 2
20:49:50.0057 0x1290 Page size: 0x1000
20:49:50.0057 0x1290 Boot type: Normal boot
20:49:50.0057 0x1290 ============================================================
20:50:06.0192 0x1290 KLMD registered as C:\windows\system32\drivers\96103999.sys
20:50:06.0603 0x1290 System UUID: {4B18D621-131F-83CD-8B43-482ED3F746CE}
20:50:08.0190 0x1290 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:50:08.0190 0x1290 ============================================================
20:50:08.0190 0x1290 \Device\Harddisk0\DR0:
20:50:08.0190 0x1290 MBR partitions:
20:50:08.0190 0x1290 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
20:50:08.0190 0x1290 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0xF5BB800
20:50:08.0190 0x1290 ============================================================
20:50:08.0230 0x1290 C: <-> \Device\Harddisk0\DR0\Partition1
20:50:08.0270 0x1290 D: <-> \Device\Harddisk0\DR0\Partition2
20:50:08.0270 0x1290 ============================================================
20:50:08.0270 0x1290 Initialize success
20:50:08.0270 0x1290 ============================================================
20:50:25.0329 0x152c ============================================================
20:50:25.0329 0x152c Scan started
20:50:25.0329 0x152c Mode: Manual;
20:50:25.0329 0x152c ============================================================
20:50:25.0329 0x152c KSN ping started
20:50:39.0145 0x152c KSN ping finished: true
20:50:40.0755 0x152c ================ Scan system memory ========================
20:50:40.0755 0x152c System memory - ok
20:50:40.0775 0x152c ================ Scan services =============================
20:50:41.0063 0x152c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:50:41.0080 0x152c 1394ohci - ok
20:50:41.0206 0x152c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
20:50:41.0232 0x152c ACPI - ok
20:50:41.0289 0x152c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:50:41.0289 0x152c AcpiPmi - ok
20:50:41.0481 0x152c [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:50:41.0491 0x152c AdobeARMservice - ok
20:50:41.0645 0x152c [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:50:41.0678 0x152c AdobeFlashPlayerUpdateSvc - ok
20:50:41.0797 0x152c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
20:50:41.0837 0x152c adp94xx - ok
20:50:41.0905 0x152c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
20:50:41.0934 0x152c adpahci - ok
20:50:41.0988 0x152c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
20:50:42.0002 0x152c adpu320 - ok
20:50:42.0065 0x152c [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:50:42.0069 0x152c AeLookupSvc - ok
20:50:42.0162 0x152c [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys
20:50:42.0196 0x152c AFD - ok
20:50:42.0253 0x152c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
20:50:42.0259 0x152c agp440 - ok
20:50:42.0321 0x152c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
20:50:42.0331 0x152c aic78xx - ok
20:50:42.0393 0x152c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
20:50:42.0403 0x152c ALG - ok
20:50:42.0451 0x152c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
20:50:42.0457 0x152c aliide - ok
20:50:42.0496 0x152c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
20:50:42.0503 0x152c amdagp - ok
20:50:42.0547 0x152c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
20:50:42.0550 0x152c amdide - ok
20:50:42.0615 0x152c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
20:50:42.0615 0x152c AmdK8 - ok
20:50:42.0645 0x152c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:50:42.0662 0x152c AmdPPM - ok
20:50:42.0719 0x152c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:50:42.0729 0x152c amdsata - ok
20:50:42.0779 0x152c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
20:50:42.0794 0x152c amdsbs - ok
20:50:42.0829 0x152c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:50:42.0833 0x152c amdxata - ok
20:50:43.0102 0x152c [ 3C355762D89401975EF86E6975FEC77C, D3F7DF98A40A57373B4C9325AB057D3A0A24B772499D0D6A2EC154A1D4CB57EA ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
20:50:43.0177 0x152c AntiVirMailService - ok
20:50:43.0331 0x152c [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:50:43.0385 0x152c AntiVirSchedulerService - ok
20:50:43.0511 0x152c [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:50:43.0578 0x152c AntiVirService - ok
20:50:43.0745 0x152c [ 7983B808D27CEFADD0BCBCAB30736B5B, 5E723476EF71F4C7AFC9E65113F6E78357DC908ED6E09F1142C4DB19B78DC5EF ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:50:43.0839 0x152c AntiVirWebService - ok
20:50:43.0905 0x152c [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\windows\system32\drivers\appid.sys
20:50:43.0915 0x152c AppID - ok
20:50:43.0960 0x152c [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\windows\System32\appidsvc.dll
20:50:43.0967 0x152c AppIDSvc - ok
20:50:44.0017 0x152c [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\windows\System32\appinfo.dll
20:50:44.0017 0x152c Appinfo - ok
20:50:44.0109 0x152c [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:50:44.0119 0x152c Apple Mobile Device - ok
20:50:44.0190 0x152c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
20:50:44.0198 0x152c arc - ok
20:50:44.0243 0x152c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
20:50:44.0253 0x152c arcsas - ok
20:50:44.0445 0x152c [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:50:44.0445 0x152c aspnet_state - ok
20:50:44.0504 0x152c [ A9A565C669786C402752F609AFDD0DD5, 7D64828DE5503AF4B4A80F4C08BB2659B277CD664AB33724FB9387948BE8765A ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
20:50:44.0507 0x152c AsUpIO - ok
20:50:44.0587 0x152c [ C4FB2613D3C75364BB159B9C23A00E7A, 945AD13620BBEFFC382EDC3B3337975D158C7EDB4E3782021FCBE3B49A8A1F57 ] AsusService C:\Windows\System32\AsusService.exe
20:50:44.0623 0x152c AsusService - ok
20:50:44.0689 0x152c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:50:44.0689 0x152c AsyncMac - ok
20:50:44.0751 0x152c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
20:50:44.0751 0x152c atapi - ok
20:50:44.0916 0x152c [ B01751CC563AECAC09BBE36AAA21FBEF, 453CAED322CC13155D3BD1F5BF9ABC9FA7F74D9C17E712DAEC63E9518F0E9229 ] athr C:\windows\system32\DRIVERS\athr.sys
20:50:45.0035 0x152c athr - ok
20:50:45.0157 0x152c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:50:45.0204 0x152c AudioEndpointBuilder - ok
20:50:45.0271 0x152c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\windows\System32\Audiosrv.dll
20:50:45.0317 0x152c Audiosrv - ok
20:50:45.0443 0x152c [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
20:50:45.0453 0x152c avgntflt - ok
20:50:45.0535 0x152c [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
20:50:45.0545 0x152c avipbb - ok
20:50:45.0616 0x152c [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
20:50:45.0617 0x152c avkmgr - ok
20:50:45.0705 0x152c [ E011CD533A4F67F194B43666AE05EDA9, F328BC48AE0DCD7CD5E05D0FA28751B6DAB7883A32ECEDE14E3FEBA926135457 ] avmike C:\Program Files\FRITZ!Fernzugang\avmike.exe
20:50:45.0729 0x152c avmike - ok
20:50:45.0799 0x152c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
20:50:45.0811 0x152c AxInstSV - ok
20:50:45.0919 0x152c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
20:50:45.0962 0x152c b06bdrv - ok
20:50:46.0027 0x152c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
20:50:46.0049 0x152c b57nd60x - ok
20:50:46.0121 0x152c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
20:50:46.0131 0x152c BDESVC - ok
20:50:46.0179 0x152c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
20:50:46.0182 0x152c Beep - ok
20:50:46.0285 0x152c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
20:50:46.0337 0x152c BFE - ok
20:50:46.0448 0x152c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\System32\qmgr.dll
20:50:46.0533 0x152c BITS - ok
20:50:46.0643 0x152c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:50:46.0648 0x152c blbdrive - ok
20:50:46.0764 0x152c [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:50:46.0800 0x152c Bonjour Service - ok
20:50:46.0847 0x152c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:50:46.0856 0x152c bowser - ok
20:50:46.0890 0x152c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
20:50:46.0894 0x152c BrFiltLo - ok
20:50:46.0935 0x152c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
20:50:46.0938 0x152c BrFiltUp - ok
20:50:46.0998 0x152c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
20:50:47.0009 0x152c Browser - ok
20:50:47.0084 0x152c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:50:47.0109 0x152c Brserid - ok
20:50:47.0158 0x152c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:50:47.0165 0x152c BrSerWdm - ok
20:50:47.0207 0x152c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:50:47.0210 0x152c BrUsbMdm - ok
20:50:47.0245 0x152c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:50:47.0248 0x152c BrUsbSer - ok
20:50:47.0312 0x152c [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
20:50:47.0317 0x152c BthEnum - ok
20:50:47.0375 0x152c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
20:50:47.0381 0x152c BTHMODEM - ok
20:50:47.0441 0x152c [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
20:50:47.0460 0x152c BthPan - ok
20:50:47.0563 0x152c [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
20:50:47.0633 0x152c BTHPORT - ok
20:50:47.0745 0x152c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
20:50:47.0755 0x152c bthserv - ok
20:50:47.0827 0x152c [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
20:50:47.0837 0x152c BTHUSB - ok
20:50:47.0867 0x152c btwaudio - ok
20:50:47.0914 0x152c btwavdt - ok
20:50:47.0944 0x152c btwl2cap - ok
20:50:47.0974 0x152c btwrchid - ok
20:50:48.0230 0x152c [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:50:48.0372 0x152c c2cautoupdatesvc - ok
20:50:48.0668 0x152c [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:50:48.0828 0x152c c2cpnrsvc - ok
20:50:48.0918 0x152c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:50:48.0927 0x152c cdfs - ok
20:50:49.0003 0x152c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\drivers\cdrom.sys
20:50:49.0013 0x152c cdrom - ok
20:50:49.0084 0x152c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
20:50:49.0096 0x152c CertPropSvc - ok
20:50:49.0145 0x152c [ 32416A00199B83F3CB19A504A226A519, 0090A0BB6DF2DCDA4A3255E896D132E47E82CEFF2884D813E8F6CF55C5AF6254 ] certsrv C:\Program Files\FRITZ!Fernzugang\certsrv.exe
20:50:49.0155 0x152c certsrv - ok
20:50:49.0217 0x152c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
20:50:49.0227 0x152c circlass - ok
20:50:49.0299 0x152c [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\windows\system32\CLFS.sys
20:50:49.0329 0x152c CLFS - ok
20:50:49.0431 0x152c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:50:49.0441 0x152c clr_optimization_v2.0.50727_32 - ok
20:50:49.0503 0x152c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:50:49.0513 0x152c clr_optimization_v4.0.30319_32 - ok
20:50:49.0592 0x152c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:50:49.0595 0x152c CmBatt - ok
20:50:49.0645 0x152c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
20:50:49.0649 0x152c cmdide - ok
20:50:49.0751 0x152c [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\windows\system32\Drivers\cng.sys
20:50:49.0786 0x152c CNG - ok
20:50:49.0834 0x152c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
20:50:49.0838 0x152c Compbatt - ok
20:50:49.0902 0x152c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
20:50:49.0907 0x152c CompositeBus - ok
20:50:49.0938 0x152c COMSysApp - ok
20:50:49.0998 0x152c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
20:50:50.0002 0x152c crcdisk - ok
20:50:50.0094 0x152c [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\windows\system32\cryptsvc.dll
20:50:50.0112 0x152c CryptSvc - ok
20:50:50.0208 0x152c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
20:50:50.0260 0x152c DcomLaunch - ok
20:50:50.0355 0x152c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
20:50:50.0385 0x152c defragsvc - ok
20:50:50.0456 0x152c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:50:50.0468 0x152c DfsC - ok
20:50:50.0558 0x152c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
20:50:50.0587 0x152c Dhcp - ok
20:50:50.0631 0x152c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
20:50:50.0638 0x152c discache - ok
20:50:50.0699 0x152c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
20:50:50.0709 0x152c Disk - ok
20:50:50.0773 0x152c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
20:50:50.0791 0x152c Dnscache - ok
20:50:50.0863 0x152c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
20:50:50.0883 0x152c dot3svc - ok
20:50:50.0953 0x152c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
20:50:50.0973 0x152c DPS - ok
20:50:51.0048 0x152c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:50:51.0052 0x152c drmkaud - ok
20:50:51.0177 0x152c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:50:51.0260 0x152c DXGKrnl - ok
20:50:51.0332 0x152c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
20:50:51.0348 0x152c EapHost - ok
20:50:51.0746 0x152c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
20:50:52.0095 0x152c ebdrv - ok
20:50:52.0176 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] EFS C:\windows\System32\lsass.exe
20:50:52.0195 0x152c EFS - ok
20:50:52.0323 0x152c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:50:52.0392 0x152c ehRecvr - ok
Code:
ATTFilter 20:50:52.0464 0x152c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
20:50:52.0476 0x152c ehSched - ok
20:50:52.0585 0x152c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
20:50:52.0641 0x152c elxstor - ok
20:50:52.0697 0x152c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
20:50:52.0697 0x152c ErrDev - ok
20:50:52.0799 0x152c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
20:50:52.0836 0x152c EventSystem - ok
20:50:52.0896 0x152c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
20:50:52.0913 0x152c exfat - ok
20:50:52.0967 0x152c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
20:50:52.0985 0x152c fastfat - ok
20:50:53.0110 0x152c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
20:50:53.0163 0x152c Fax - ok
20:50:53.0225 0x152c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
20:50:53.0235 0x152c fdc - ok
20:50:53.0303 0x152c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
20:50:53.0307 0x152c fdPHost - ok
20:50:53.0347 0x152c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
20:50:53.0358 0x152c FDResPub - ok
20:50:53.0396 0x152c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:50:53.0406 0x152c FileInfo - ok
20:50:53.0440 0x152c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:50:53.0449 0x152c Filetrace - ok
20:50:53.0487 0x152c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
20:50:53.0492 0x152c flpydisk - ok
20:50:53.0556 0x152c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:50:53.0578 0x152c FltMgr - ok
20:50:53.0727 0x152c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\windows\system32\FntCache.dll
20:50:53.0809 0x152c FontCache - ok
20:50:53.0921 0x152c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:50:53.0921 0x152c FontCache3.0.0.0 - ok
20:50:53.0971 0x152c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:50:53.0981 0x152c FsDepends - ok
20:50:54.0051 0x152c [ B74B0578FD1D3F897E95F2A2B69EA051, 64FCA8452CB37D55679AC8BEF221D6BA1D91E50680D37FFCFB81619ADAA5889C ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
20:50:54.0061 0x152c fssfltr - ok
20:50:54.0251 0x152c [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:50:54.0341 0x152c fsssvc - ok
20:50:54.0413 0x152c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:50:54.0423 0x152c Fs_Rec - ok
20:50:54.0513 0x152c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:50:54.0533 0x152c fvevol - ok
20:50:54.0603 0x152c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
20:50:54.0613 0x152c gagp30kx - ok
20:50:54.0663 0x152c [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:50:54.0673 0x152c GEARAspiWDM - ok
20:50:54.0826 0x152c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
20:50:54.0913 0x152c gpsvc - ok
20:50:55.0037 0x152c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:50:55.0057 0x152c gupdate - ok
20:50:55.0107 0x152c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:50:55.0127 0x152c gupdatem - ok
20:50:55.0227 0x152c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:50:55.0247 0x152c gusvc - ok
20:50:55.0317 0x152c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:50:55.0317 0x152c hcw85cir - ok
20:50:55.0427 0x152c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:50:55.0467 0x152c HdAudAddService - ok
20:50:55.0539 0x152c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
20:50:55.0562 0x152c HDAudBus - ok
20:50:55.0602 0x152c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
20:50:55.0613 0x152c HidBatt - ok
20:50:55.0669 0x152c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
20:50:55.0689 0x152c HidBth - ok
20:50:55.0729 0x152c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
20:50:55.0739 0x152c HidIr - ok
20:50:55.0799 0x152c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\system32\hidserv.dll
20:50:55.0809 0x152c hidserv - ok
20:50:55.0879 0x152c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\drivers\hidusb.sys
20:50:55.0894 0x152c HidUsb - ok
20:50:56.0001 0x152c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
20:50:56.0011 0x152c hkmsvc - ok
20:50:56.0071 0x152c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:50:56.0113 0x152c HomeGroupListener - ok
20:50:56.0183 0x152c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:50:56.0213 0x152c HomeGroupProvider - ok
20:50:56.0283 0x152c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:50:56.0293 0x152c HpSAMD - ok
20:50:56.0393 0x152c [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:50:56.0453 0x152c HTTP - ok
20:50:56.0545 0x152c [ 1720966D9C7EA5E2D78B6DB92D2F9171, B43521949F0557C9DC1DEC23A4A31D293FFBE721A937C90A2BCF6FCD1A216ADE ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
20:50:56.0565 0x152c hwdatacard - ok
20:50:56.0615 0x152c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:50:56.0625 0x152c hwpolicy - ok
20:50:56.0695 0x152c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
20:50:56.0705 0x152c i8042prt - ok
20:50:56.0815 0x152c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:50:56.0865 0x152c iaStorV - ok
20:50:57.0087 0x152c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:50:57.0197 0x152c idsvc - ok
20:50:57.0257 0x152c IEEtwCollectorService - ok
20:50:57.0417 0x152c [ BB418D3796D89EF0665450228287CB34, 56F18650BF2E09E99FBC8037EE395EC8AE357A837F4271E2E34763E801E13C3E ] igd C:\windows\system32\DRIVERS\igdkmd32.sys
20:50:57.0507 0x152c igd - ok
20:50:57.0609 0x152c [ BB418D3796D89EF0665450228287CB34, 56F18650BF2E09E99FBC8037EE395EC8AE357A837F4271E2E34763E801E13C3E ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
20:50:57.0679 0x152c igfx - ok
20:50:57.0749 0x152c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
20:50:57.0769 0x152c iirsp - ok
20:50:57.0919 0x152c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
20:50:58.0019 0x152c IKEEXT - ok
20:50:58.0457 0x152c [ DB96B8BD676BB24BD4F1DC53CA1F182C, 42E8A43E35520793A3A34BA6F70A631D629194C8C882EB62BBF296D9F731D6CD ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
20:50:58.0799 0x152c IntcAzAudAddService - ok
20:50:58.0903 0x152c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
20:50:58.0911 0x152c intelide - ok
20:50:58.0991 0x152c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
20:50:59.0003 0x152c intelppm - ok
20:50:59.0062 0x152c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:50:59.0075 0x152c IPBusEnum - ok
20:50:59.0105 0x152c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:50:59.0115 0x152c IpFilterDriver - ok
20:50:59.0225 0x152c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:50:59.0308 0x152c iphlpsvc - ok
20:50:59.0381 0x152c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:50:59.0391 0x152c IPMIDRV - ok
20:50:59.0461 0x152c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:50:59.0481 0x152c IPNAT - ok
20:50:59.0611 0x152c [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:50:59.0651 0x152c iPod Service - ok
20:50:59.0701 0x152c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
20:50:59.0701 0x152c IRENUM - ok
20:50:59.0771 0x152c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
20:50:59.0781 0x152c isapnp - ok
20:50:59.0851 0x152c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:50:59.0871 0x152c iScsiPrt - ok
20:50:59.0931 0x152c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
20:50:59.0941 0x152c kbdclass - ok
20:51:00.0001 0x152c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:51:00.0011 0x152c kbdhid - ok
20:51:00.0081 0x152c [ 3EB803312987FF44265C87CB960DF6AB, D6F44702F92089A0C847044A3933F7311D6A72C4647C3FECB35CDBF96A913A40 ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
20:51:00.0081 0x152c kbfiltr - ok
20:51:00.0131 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] KeyIso C:\windows\system32\lsass.exe
20:51:00.0141 0x152c KeyIso - ok
20:51:00.0201 0x152c [ 4DAC97CF81FAE4B2988AEF0DF40D04AE, 5560304972693DE5D5B21CE010A76067FA5B64AD5968122EE9F8248B3EA4878E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:51:00.0211 0x152c KSecDD - ok
20:51:00.0275 0x152c [ 9EED5E0B7BF784C491C2289A09920BDA, 9E82EB777A01AB32EDA2AE0420546602A82C850D68D2C0AEDB4EA5ADEDF835E6 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:51:00.0291 0x152c KSecPkg - ok
20:51:00.0373 0x152c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
20:51:00.0415 0x152c KtmRm - ok
20:51:00.0485 0x152c [ A158CEA8644B8A5C1EC0E9A81B70F65A, 70B4726BFB652CB41F06F60AE2A780A521E7B783F0B38BE55E8A566A915929F5 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
20:51:00.0495 0x152c L1C - ok
20:51:00.0535 0x152c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\system32\srvsvc.dll
20:51:00.0565 0x152c LanmanServer - ok
20:51:00.0625 0x152c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:51:00.0655 0x152c LanmanWorkstation - ok
20:51:00.0737 0x152c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:51:00.0747 0x152c lltdio - ok
20:51:00.0807 0x152c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:51:00.0837 0x152c lltdsvc - ok
20:51:00.0877 0x152c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
20:51:00.0887 0x152c lmhosts - ok
20:51:00.0967 0x152c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
20:51:00.0987 0x152c LSI_FC - ok
20:51:01.0037 0x152c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
20:51:01.0057 0x152c LSI_SAS - ok
20:51:01.0097 0x152c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
20:51:01.0107 0x152c LSI_SAS2 - ok
20:51:01.0147 0x152c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
20:51:01.0169 0x152c LSI_SCSI - ok
20:51:01.0219 0x152c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
20:51:01.0229 0x152c luafv - ok
20:51:01.0304 0x152c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:51:01.0327 0x152c Mcx2Svc - ok
20:51:01.0366 0x152c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
20:51:01.0377 0x152c megasas - ok
20:51:01.0461 0x152c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
20:51:01.0491 0x152c MegaSR - ok
20:51:01.0541 0x152c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
20:51:01.0551 0x152c MMCSS - ok
20:51:01.0581 0x152c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
20:51:01.0581 0x152c Modem - ok
20:51:01.0631 0x152c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:51:01.0641 0x152c monitor - ok
20:51:01.0691 0x152c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:51:01.0701 0x152c mouclass - ok
20:51:01.0761 0x152c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:51:01.0771 0x152c mouhid - ok
20:51:01.0831 0x152c [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:51:01.0851 0x152c mountmgr - ok
20:51:01.0930 0x152c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
20:51:01.0943 0x152c mpio - ok
20:51:02.0013 0x152c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:51:02.0033 0x152c mpsdrv - ok
20:51:02.0153 0x152c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
20:51:02.0245 0x152c MpsSvc - ok
20:51:02.0317 0x152c [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:51:02.0337 0x152c MRxDAV - ok
20:51:02.0417 0x152c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:51:02.0427 0x152c mrxsmb - ok
20:51:02.0517 0x152c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:51:02.0565 0x152c mrxsmb10 - ok
20:51:02.0619 0x152c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:51:02.0639 0x152c mrxsmb20 - ok
20:51:02.0689 0x152c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
20:51:02.0699 0x152c msahci - ok
20:51:02.0779 0x152c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:51:02.0799 0x152c msdsm - ok
20:51:02.0861 0x152c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
20:51:02.0891 0x152c MSDTC - ok
20:51:02.0991 0x152c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
20:51:02.0991 0x152c Msfs - ok
20:51:03.0031 0x152c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:51:03.0051 0x152c mshidkmdf - ok
20:51:03.0123 0x152c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:51:03.0133 0x152c msisadrv - ok
20:51:03.0203 0x152c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:51:03.0223 0x152c MSiSCSI - ok
20:51:03.0253 0x152c msiserver - ok
20:51:03.0313 0x152c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:51:03.0323 0x152c MSKSSRV - ok
20:51:03.0375 0x152c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:51:03.0385 0x152c MSPCLOCK - ok
20:51:03.0415 0x152c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:51:03.0425 0x152c MSPQM - ok
20:51:03.0485 0x152c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:51:03.0515 0x152c MsRPC - ok
20:51:03.0595 0x152c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
20:51:03.0595 0x152c mssmbios - ok
20:51:03.0645 0x152c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:51:03.0666 0x152c MSTEE - ok
20:51:03.0704 0x152c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
20:51:03.0713 0x152c MTConfig - ok
20:51:03.0777 0x152c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
20:51:03.0787 0x152c Mup - ok
20:51:03.0879 0x152c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
20:51:03.0919 0x152c napagent - ok
20:51:04.0009 0x152c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:51:04.0039 0x152c NativeWifiP - ok
20:51:04.0179 0x152c [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
20:51:04.0239 0x152c NDIS - ok
20:51:04.0289 0x152c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:51:04.0299 0x152c NdisCap - ok
20:51:04.0359 0x152c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:51:04.0369 0x152c NdisTapi - ok
20:51:04.0429 0x152c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:51:04.0439 0x152c Ndisuio - ok
20:51:04.0489 0x152c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:51:04.0509 0x152c NdisWan - ok
20:51:04.0549 0x152c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:51:04.0559 0x152c NDProxy - ok
20:51:04.0629 0x152c [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
20:51:04.0644 0x152c Net Driver HPZ12 - ok
20:51:04.0681 0x152c [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\windows\system32\DRIVERS\netaapl.sys
20:51:04.0691 0x152c Netaapl - ok
20:51:04.0741 0x152c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:51:04.0751 0x152c NetBIOS - ok
20:51:04.0833 0x152c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:51:04.0853 0x152c NetBT - ok
20:51:04.0893 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] Netlogon C:\windows\system32\lsass.exe
20:51:04.0903 0x152c Netlogon - ok
20:51:04.0983 0x152c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
20:51:05.0023 0x152c Netman - ok
20:51:05.0083 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0103 0x152c NetMsmqActivator - ok
20:51:05.0153 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0163 0x152c NetPipeActivator - ok
20:51:05.0243 0x152c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
20:51:05.0283 0x152c netprofm - ok
20:51:05.0323 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0343 0x152c NetTcpActivator - ok
20:51:05.0373 0x152c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:51:05.0393 0x152c NetTcpPortSharing - ok
20:51:05.0455 0x152c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
20:51:05.0465 0x152c nfrd960 - ok
20:51:05.0535 0x152c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\windows\System32\nlasvc.dll
20:51:05.0575 0x152c NlaSvc - ok
20:51:05.0615 0x152c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:51:05.0625 0x152c Npfs - ok
20:51:05.0685 0x152c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
20:51:05.0695 0x152c nsi - ok
20:51:05.0725 0x152c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:51:05.0735 0x152c nsiproxy - ok
20:51:05.0944 0x152c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:51:06.0064 0x152c Ntfs - ok
20:51:06.0114 0x152c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
20:51:06.0124 0x152c Null - ok
20:51:06.0184 0x152c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
20:51:06.0194 0x152c nvraid - ok
20:51:06.0274 0x152c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
20:51:06.0294 0x152c nvstor - ok
20:51:06.0334 0x152c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:51:06.0344 0x152c nv_agp - ok
20:51:06.0460 0x152c [ 4A0ADB15B198A1222EB6B9D31BF818FC, 7FA4DE9AEF466E4A5B8802A36C2163AD8434212D894B45C03BE6598D1F0EA5D5 ] NWIM C:\windows\system32\DRIVERS\avmnwim.sys
20:51:06.0500 0x152c NWIM - ok
20:51:06.0566 0x152c [ 93996AC3A64FB550506E1EA80DD334EB, 9FA8D2C5B40C11373835D1183BC92DE55504E57D4BC0347B837758EBF70FE5B8 ] nwtsrv C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
20:51:06.0586 0x152c nwtsrv - ok
20:51:06.0696 0x152c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:51:06.0746 0x152c odserv - ok
20:51:06.0806 0x152c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:51:06.0816 0x152c ohci1394 - ok
20:51:06.0888 0x152c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:51:06.0908 0x152c ose - ok
20:51:07.0018 0x152c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:51:07.0058 0x152c p2pimsvc - ok
20:51:07.0118 0x152c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
20:51:07.0158 0x152c p2psvc - ok
20:51:07.0218 0x152c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
20:51:07.0228 0x152c Parport - ok
20:51:07.0278 0x152c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
20:51:07.0288 0x152c partmgr - ok
20:51:07.0318 0x152c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
20:51:07.0328 0x152c Parvdm - ok
20:51:07.0388 0x152c [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\windows\System32\pcasvc.dll
20:51:07.0418 0x152c PcaSvc - ok
20:51:07.0468 0x152c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
20:51:07.0488 0x152c pci - ok
20:51:07.0538 0x152c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
20:51:07.0548 0x152c pciide - ok
20:51:07.0608 0x152c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
20:51:07.0628 0x152c pcmcia - ok
20:51:07.0668 0x152c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
20:51:07.0678 0x152c pcw - ok
20:51:07.0788 0x152c [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:51:07.0848 0x152c PEAUTH - ok
20:51:08.0110 0x152c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
20:51:08.0270 0x152c pla - ok
20:51:08.0370 0x152c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:51:08.0400 0x152c PlugPlay - ok
20:51:08.0490 0x152c [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
20:51:08.0500 0x152c Pml Driver HPZ12 - ok
20:51:08.0540 0x152c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:51:08.0560 0x152c PNRPAutoReg - ok
20:51:08.0620 0x152c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:51:08.0650 0x152c PNRPsvc - ok
20:51:08.0740 0x152c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:51:08.0780 0x152c PolicyAgent - ok
20:51:08.0850 0x152c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
20:51:08.0870 0x152c Power - ok
20:51:08.0940 0x152c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:51:08.0950 0x152c PptpMiniport - ok
20:51:09.0000 0x152c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
20:51:09.0013 0x152c Processor - ok
20:51:09.0082 0x152c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\windows\system32\profsvc.dll
20:51:09.0128 0x152c ProfSvc - ok
20:51:09.0164 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] ProtectedStorage C:\windows\system32\lsass.exe
20:51:09.0174 0x152c ProtectedStorage - ok
20:51:09.0224 0x152c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:51:09.0234 0x152c Psched - ok
20:51:09.0294 0x152c [ 40FEDD328F98245AD201CF5F9F311724, CE1582652B6A7CACE46D8B492CAA8E51EA46C3890EF640E8C5E1E053731A4D74 ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
20:51:09.0304 0x152c PxHelp20 - ok
20:51:09.0498 0x152c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
20:51:09.0626 0x152c ql2300 - ok
20:51:09.0686 0x152c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
20:51:09.0706 0x152c ql40xx - ok
20:51:09.0766 0x152c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
20:51:09.0796 0x152c QWAVE - ok
20:51:09.0846 0x152c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:51:09.0856 0x152c QWAVEdrv - ok
20:51:09.0886 0x152c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:51:09.0886 0x152c RasAcd - ok
20:51:09.0956 0x152c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:51:09.0956 0x152c RasAgileVpn - ok
20:51:10.0006 0x152c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
20:51:10.0038 0x152c RasAuto - ok
20:51:10.0088 0x152c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:51:10.0098 0x152c Rasl2tp - ok
20:51:10.0198 0x152c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
20:51:10.0250 0x152c RasMan - ok
20:51:10.0310 0x152c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:51:10.0320 0x152c RasPppoe - ok
20:51:10.0360 0x152c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:51:10.0376 0x152c RasSstp - ok
20:51:10.0432 0x152c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:51:10.0452 0x152c rdbss - ok
20:51:10.0502 0x152c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
20:51:10.0502 0x152c rdpbus - ok
20:51:10.0562 0x152c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:51:10.0562 0x152c RDPCDD - ok
20:51:10.0622 0x152c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:51:10.0632 0x152c RDPENCDD - ok
20:51:10.0672 0x152c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:51:10.0672 0x152c RDPREFMP - ok
20:51:10.0752 0x152c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:51:10.0772 0x152c RDPWD - ok
20:51:10.0859 0x152c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:51:10.0883 0x152c rdyboost - ok
20:51:10.0934 0x152c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
20:51:10.0944 0x152c RemoteAccess - ok
20:51:11.0004 0x152c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
20:51:11.0024 0x152c RemoteRegistry - ok
20:51:11.0104 0x152c [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
20:51:11.0124 0x152c RFCOMM - ok
20:51:11.0174 0x152c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:51:11.0194 0x152c RpcEptMapper - ok
20:51:11.0224 0x152c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
20:51:11.0234 0x152c RpcLocator - ok
20:51:11.0326 0x152c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
20:51:11.0378 0x152c RpcSs - ok
20:51:11.0428 0x152c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:51:11.0438 0x152c rspndr - ok
20:51:11.0478 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] SamSs C:\windows\system32\lsass.exe
20:51:11.0488 0x152c SamSs - ok
20:51:11.0542 0x152c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:51:11.0560 0x152c sbp2port - ok
20:51:11.0640 0x152c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
20:51:11.0660 0x152c SCardSvr - ok
20:51:11.0710 0x152c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:51:11.0720 0x152c scfilter - ok
20:51:11.0887 0x152c [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\windows\system32\schedsvc.dll
20:51:11.0962 0x152c Schedule - ok
20:51:12.0012 0x152c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
20:51:12.0028 0x152c SCPolicySvc - ok
20:51:12.0084 0x152c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:51:12.0104 0x152c SDRSVC - ok
20:51:12.0164 0x152c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:51:12.0174 0x152c secdrv - ok
20:51:12.0224 0x152c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
20:51:12.0244 0x152c seclogon - ok
20:51:12.0284 0x152c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\System32\sens.dll
20:51:12.0314 0x152c SENS - ok
20:51:12.0354 0x152c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:51:12.0418 0x152c SensrSvc - ok
20:51:12.0470 0x152c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
20:51:12.0481 0x152c Serenum - ok
20:51:12.0547 0x152c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
20:51:12.0565 0x152c Serial - ok
20:51:12.0636 0x152c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
20:51:12.0646 0x152c sermouse - ok
20:51:12.0766 0x152c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
20:51:12.0796 0x152c SessionEnv - ok
20:51:12.0856 0x152c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:51:12.0866 0x152c sffdisk - ok
20:51:12.0896 0x152c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:51:12.0906 0x152c sffp_mmc - ok
20:51:12.0946 0x152c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:51:12.0956 0x152c sffp_sd - ok
20:51:13.0008 0x152c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
20:51:13.0018 0x152c sfloppy - ok
20:51:13.0140 0x152c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
20:51:13.0190 0x152c SharedAccess - ok
20:51:13.0270 0x152c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:51:13.0320 0x152c ShellHWDetection - ok
20:51:13.0360 0x152c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
20:51:13.0380 0x152c sisagp - ok
20:51:13.0440 0x152c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
20:51:13.0450 0x152c SiSRaid2 - ok
20:51:13.0490 0x152c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
20:51:13.0510 0x152c SiSRaid4 - ok
20:51:13.0662 0x152c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:51:13.0710 0x152c SkypeUpdate - ok
20:51:13.0784 0x152c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:51:13.0804 0x152c Smb - ok
20:51:13.0904 0x152c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:51:13.0924 0x152c SNMPTRAP - ok
20:51:13.0954 0x152c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
20:51:13.0964 0x152c spldr - ok
20:51:14.0076 0x152c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
20:51:14.0126 0x152c Spooler - ok
20:51:14.0610 0x152c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
20:51:14.0994 0x152c sppsvc - ok
20:51:15.0096 0x152c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
20:51:15.0116 0x152c sppuinotify - ok
20:51:15.0206 0x152c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys
20:51:15.0246 0x152c srv - ok
20:51:15.0326 0x152c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:51:15.0366 0x152c srv2 - ok
20:51:15.0426 0x152c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:51:15.0446 0x152c srvnet - ok
20:51:15.0526 0x152c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:51:15.0566 0x152c SSDPSRV - ok
20:51:15.0638 0x152c [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
20:51:15.0648 0x152c ssmdrv - ok
20:51:15.0718 0x152c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll
20:51:15.0748 0x152c SstpSvc - ok
|
|
30.03.2015, 20:48
| #7 |
| | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglichCode:
ATTFilter 20:51:15.0806 0x152c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
20:51:15.0818 0x152c stexstor - ok
20:51:15.0889 0x152c [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\windows\system32\DRIVERS\serscan.sys
20:51:15.0903 0x152c StillCam - ok
20:51:16.0033 0x152c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll
20:51:16.0090 0x152c StiSvc - ok
20:51:16.0130 0x152c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys
20:51:16.0140 0x152c swenum - ok
20:51:16.0210 0x152c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll
20:51:16.0250 0x152c swprv - ok
20:51:16.0330 0x152c [ 8BD10DC8809DC69A1C5A795CB10ADD76, 92ED1BC580DC2BE539296D69775368C974FBB0145A5114BA250261E49E073960 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:51:16.0360 0x152c SynTP - ok
20:51:16.0510 0x152c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\windows\system32\sysmain.dll
20:51:16.0610 0x152c SysMain - ok
20:51:16.0722 0x152c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
20:51:16.0742 0x152c TabletInputService - ok
20:51:16.0842 0x152c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll
20:51:16.0879 0x152c TapiSrv - ok
20:51:16.0934 0x152c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll
20:51:16.0954 0x152c TBS - ok
20:51:17.0136 0x152c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:51:17.0266 0x152c Tcpip - ok
20:51:17.0436 0x152c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:51:17.0548 0x152c TCPIP6 - ok
20:51:17.0670 0x152c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:51:17.0680 0x152c tcpipreg - ok
20:51:17.0750 0x152c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:51:17.0750 0x152c TDPIPE - ok
20:51:17.0800 0x152c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:51:17.0810 0x152c TDTCP - ok
20:51:17.0870 0x152c [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:51:17.0890 0x152c tdx - ok
20:51:18.0452 0x152c [ 7F4DFE2297AE542CE5BCC88553A541F6, 490FE8EAD232082B53C7FCBD632C816DA18754B9E19AC2AC388F76C0041F89B5 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
20:51:18.0786 0x152c TeamViewer7 - ok
20:51:18.0876 0x152c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys
20:51:18.0886 0x152c TermDD - ok
20:51:19.0041 0x152c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\windows\System32\termsrv.dll
20:51:19.0154 0x152c TermService - ok
20:51:19.0242 0x152c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll
20:51:19.0267 0x152c Themes - ok
20:51:19.0327 0x152c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll
20:51:19.0345 0x152c THREADORDER - ok
20:51:19.0400 0x152c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll
20:51:19.0420 0x152c TrkWks - ok
20:51:19.0510 0x152c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:51:19.0540 0x152c TrustedInstaller - ok
20:51:19.0622 0x152c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:51:19.0632 0x152c tssecsrv - ok
20:51:19.0702 0x152c [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:51:19.0722 0x152c TsUsbFlt - ok
20:51:19.0802 0x152c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:51:19.0832 0x152c tunnel - ok
20:51:19.0914 0x152c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
20:51:19.0924 0x152c uagp35 - ok
20:51:20.0004 0x152c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:51:20.0036 0x152c udfs - ok
20:51:20.0116 0x152c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe
20:51:20.0146 0x152c UI0Detect - ok
20:51:20.0206 0x152c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:51:20.0216 0x152c uliagpkx - ok
20:51:20.0276 0x152c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:51:20.0286 0x152c umbus - ok
20:51:20.0346 0x152c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
20:51:20.0356 0x152c UmPass - ok
20:51:20.0446 0x152c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll
20:51:20.0508 0x152c upnphost - ok
20:51:20.0588 0x152c [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
20:51:20.0598 0x152c USBAAPL - ok
20:51:20.0668 0x152c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:51:20.0688 0x152c usbccgp - ok
20:51:20.0748 0x152c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys
20:51:20.0768 0x152c usbcir - ok
20:51:20.0818 0x152c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\windows\system32\drivers\usbehci.sys
20:51:20.0828 0x152c usbehci - ok
20:51:20.0918 0x152c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:51:20.0948 0x152c usbhub - ok
20:51:21.0013 0x152c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\windows\system32\drivers\usbohci.sys
20:51:21.0031 0x152c usbohci - ok
20:51:21.0093 0x152c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:51:21.0107 0x152c usbprint - ok
20:51:21.0164 0x152c [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:51:21.0177 0x152c usbscan - ok
20:51:21.0252 0x152c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:51:21.0262 0x152c USBSTOR - ok
20:51:21.0312 0x152c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:51:21.0322 0x152c usbuhci - ok
20:51:21.0402 0x152c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
20:51:21.0422 0x152c usbvideo - ok
20:51:21.0462 0x152c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll
20:51:21.0482 0x152c UxSms - ok
20:51:21.0522 0x152c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] VaultSvc C:\windows\system32\lsass.exe
20:51:21.0539 0x152c VaultSvc - ok
20:51:21.0584 0x152c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:51:21.0594 0x152c vdrvroot - ok
20:51:21.0694 0x152c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe
20:51:21.0764 0x152c vds - ok
20:51:21.0831 0x152c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:51:21.0843 0x152c vga - ok
20:51:21.0876 0x152c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys
20:51:21.0886 0x152c VgaSave - ok
20:51:21.0956 0x152c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:51:21.0976 0x152c vhdmp - ok
20:51:22.0032 0x152c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys
20:51:22.0041 0x152c viaagp - ok
20:51:22.0078 0x152c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
20:51:22.0088 0x152c ViaC7 - ok
20:51:22.0170 0x152c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys
20:51:22.0178 0x152c viaide - ok
20:51:22.0224 0x152c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:51:22.0236 0x152c volmgr - ok
20:51:22.0312 0x152c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:51:22.0332 0x152c volmgrx - ok
20:51:22.0392 0x152c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys
20:51:22.0422 0x152c volsnap - ok
20:51:22.0563 0x152c [ 5298DCF8D684DBBF24CDB622F8A7CB37, B9FE264930EDE11FFA0ABC81F70101E9CE800E4B700DF00D21159359E7406EA2 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
20:51:22.0593 0x152c vpnagent - ok
20:51:22.0633 0x152c [ 174268D44B24ECC79119634142F908AB, 8AC46C019CBA0081BA095B34DFF97C30284353FDEE32361A44849C7B7F4B6769 ] vpnva C:\windows\system32\DRIVERS\vpnva.sys
20:51:22.0643 0x152c vpnva - ok
20:51:22.0736 0x152c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
20:51:22.0761 0x152c vsmraid - ok
20:51:22.0905 0x152c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe
20:51:23.0005 0x152c VSS - ok
20:51:23.0105 0x152c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:51:23.0105 0x152c vwifibus - ok
20:51:23.0165 0x152c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:51:23.0175 0x152c vwififlt - ok
20:51:23.0245 0x152c [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:51:23.0245 0x152c vwifimp - ok
20:51:23.0335 0x152c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll
20:51:23.0385 0x152c W32Time - ok
20:51:23.0505 0x152c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
20:51:23.0515 0x152c WacomPen - ok
20:51:23.0590 0x152c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:51:23.0608 0x152c WANARP - ok
20:51:23.0643 0x152c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:51:23.0660 0x152c Wanarpv6 - ok
20:51:23.0917 0x152c [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:51:24.0047 0x152c WatAdminSvc - ok
20:51:24.0229 0x152c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe
20:51:24.0349 0x152c wbengine - ok
20:51:24.0439 0x152c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:51:24.0479 0x152c WbioSrvc - ok
20:51:24.0564 0x152c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll
20:51:24.0614 0x152c wcncsvc - ok
20:51:24.0659 0x152c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:51:24.0674 0x152c WcsPlugInService - ok
20:51:24.0711 0x152c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys
20:51:24.0711 0x152c Wd - ok
20:51:24.0801 0x152c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:51:24.0851 0x152c Wdf01000 - ok
20:51:24.0921 0x152c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\windows\system32\wdi.dll
20:51:24.0941 0x152c WdiServiceHost - ok
20:51:24.0961 0x152c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\windows\system32\wdi.dll
20:51:24.0981 0x152c WdiSystemHost - ok
20:51:25.0051 0x152c [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\windows\System32\webclnt.dll
20:51:25.0081 0x152c WebClient - ok
20:51:25.0151 0x152c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll
20:51:25.0171 0x152c Wecsvc - ok
20:51:25.0201 0x152c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:51:25.0221 0x152c wercplsupport - ok
20:51:25.0271 0x152c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll
20:51:25.0291 0x152c WerSvc - ok
20:51:25.0331 0x152c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:51:25.0331 0x152c WfpLwf - ok
20:51:25.0381 0x152c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:51:25.0381 0x152c WIMMount - ok
20:51:25.0501 0x152c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:51:25.0551 0x152c WinDefend - ok
20:51:25.0611 0x152c WinHttpAutoProxySvc - ok
20:51:25.0701 0x152c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:51:25.0721 0x152c Winmgmt - ok
20:51:25.0871 0x152c [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\windows\system32\WsmSvc.dll
20:51:25.0996 0x152c WinRM - ok
20:51:26.0083 0x152c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:51:26.0093 0x152c WinUsb - ok
20:51:26.0193 0x152c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll
20:51:26.0281 0x152c Wlansvc - ok
20:51:26.0471 0x152c [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:51:26.0591 0x152c wlidsvc - ok
20:51:26.0663 0x152c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:51:26.0663 0x152c WmiAcpi - ok
20:51:26.0733 0x152c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:51:26.0743 0x152c wmiApSrv - ok
20:51:26.0998 0x152c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:51:27.0139 0x152c WMPNetworkSvc - ok
20:51:27.0211 0x152c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll
20:51:27.0241 0x152c WPCSvc - ok
20:51:27.0301 0x152c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:51:27.0331 0x152c WPDBusEnum - ok
20:51:27.0381 0x152c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:51:27.0381 0x152c ws2ifsl - ok
20:51:27.0441 0x152c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\System32\wscsvc.dll
20:51:27.0471 0x152c wscsvc - ok
20:51:27.0541 0x152c [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
20:51:27.0551 0x152c WSDPrintDevice - ok
20:51:27.0571 0x152c WSearch - ok
20:51:27.0761 0x152c [ A583F4BF607EBC5709578433207A76A8, 679E54BECFE27F7A0573263494E5028E02DF9A9817B79EEF6B7C04DB27C1F56E ] WTGService C:\Program Files\Verbindungsassistent\wtgservice.exe
20:51:27.0811 0x152c WTGService - ok
20:51:28.0154 0x152c [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\windows\system32\wuaueng.dll
20:51:28.0387 0x152c wuauserv - ok
20:51:28.0477 0x152c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:51:28.0497 0x152c WudfPf - ok
20:51:28.0577 0x152c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:51:28.0597 0x152c WUDFRd - ok
20:51:28.0667 0x152c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:51:28.0707 0x152c wudfsvc - ok
20:51:28.0799 0x152c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\windows\System32\wwansvc.dll
20:51:28.0839 0x152c WwanSvc - ok
20:51:28.0971 0x152c ================ Scan global ===============================
20:51:29.0031 0x152c [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
20:51:29.0101 0x152c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
20:51:29.0181 0x152c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
20:51:29.0295 0x152c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
20:51:29.0405 0x152c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
20:51:29.0445 0x152c [ Global ] - ok
20:51:29.0455 0x152c ================ Scan MBR ==================================
20:51:29.0475 0x152c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:51:30.0065 0x152c \Device\Harddisk0\DR0 - ok
20:51:30.0065 0x152c ================ Scan VBR ==================================
20:51:30.0085 0x152c [ 257D18947DE5165B2B503ED0392F3C50 ] \Device\Harddisk0\DR0\Partition1
20:51:30.0095 0x152c \Device\Harddisk0\DR0\Partition1 - ok
20:51:30.0115 0x152c [ FC2C98DD2EC94A43BC19445F1C0DC14D ] \Device\Harddisk0\DR0\Partition2
20:51:30.0125 0x152c \Device\Harddisk0\DR0\Partition2 - ok
20:51:30.0135 0x152c ================ Scan generic autorun ======================
20:51:30.0409 0x152c [ 778B2333591E9D28063D491456DA18BE, B6EE1FDE2CC137C075E2AA5A588C9356F79690525B0587A97D63127768247717 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:51:30.0591 0x152c SynTPEnh - ok
20:51:30.0621 0x152c HotkeyMon - ok
20:51:30.0641 0x152c HotkeyService - ok
20:51:31.0105 0x152c [ 37DEB76A2CF005841C4E45DE2B94D84F, BB8F7BC57A4144A4489DB1DD7F2121346A2235EC478CE8F93CEB7E1773025FCA ] C:\Windows\AsScrPro.exe
20:51:31.0509 0x152c ASUS Screen Saver Protector - ok
20:51:31.0629 0x152c [ 95B5AB49BE07F27C63CC0BBCE34B8E22, A662A74F6209881982F922797A383845E0DFCBD1D2862A3BD992F9300945455F ] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
20:51:31.0669 0x152c Eee Docking - ok
20:51:31.0679 0x152c LiveUpdate - ok
20:51:31.0719 0x152c [ 822E6029CE5B3EBF31016860E81E2415, BE31A7F6A1F4601A8FC9E6C87C1762849829CA2ABBE1BE5B41E945648C662EC1 ] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
20:51:31.0729 0x152c SynAsusAcpi - ok
20:51:31.0929 0x152c [ 609615D2DC9459AE90293A71441F873F, 6FBA9C3A8B6313AF9A73510C1FA230E92409041387EC6EB48694220B5A8A4124 ] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
20:51:32.0111 0x152c EeeStorageBackup - ok
20:51:32.0131 0x152c SuperHybridEngine - ok
20:51:33.0231 0x152c [ 93190A2F166DB15FF8A9D7C260F2806F, 1FD555DE9690C9176BA1BCBE97893C01FA03425244E376FC83A72BAAA2A5AB07 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
20:51:34.0079 0x152c RtHDVCpl - ok
20:51:34.0179 0x152c [ E45ECE7E748F65E3A944C967C776320F, 8CF8F7EC1DC7BDE50C651AE91CB72F039B7C0A14B0506941713BA4ECB640A5E9 ] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk
20:51:34.0179 0x152c Boingo Wi-Fi - ok
20:51:34.0259 0x152c [ 7A329E85E5CA8A6DF0D5E315D096653F, 0E67C8994BFB1D0257F7E9CC441F1DE9CC4994D49CBA14837702A79EB08D5B53 ] C:\windows\system32\igfxtray.exe
20:51:34.0279 0x152c IgfxTray - ok
20:51:34.0349 0x152c [ D51C0A0315B4065E010233DDC12A07DC, A8AC7CDCE3139197E70817EFB2C641304804D9D4D78FC1B7AF76A6CC070C712F ] C:\windows\system32\hkcmd.exe
20:51:34.0389 0x152c HotKeysCmds - ok
20:51:34.0449 0x152c [ F40D8F396327000DDF50FD9DE5E28831, 8A2931F085FF5F677AAF7021D5C34D061612724395C87D7AE32E70A2DEE6F8F3 ] C:\windows\system32\IgfxExt.exe
20:51:34.0489 0x152c IgfxExt - ok
20:51:34.0581 0x152c [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:51:34.0591 0x152c APSDaemon - ok
20:51:34.0774 0x152c [ 6DE7D6413E5D0458882D3134D31C2446, 7605A7144165F784869A12887C80B0B49BF232146B70A94712C12D8521B9B9EF ] C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
20:51:34.0844 0x152c ASUSWebStorage - ok
20:51:35.0154 0x152c [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
20:51:35.0224 0x152c avgnt - ok
20:51:35.0494 0x152c [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:51:35.0606 0x152c Adobe ARM - ok
20:51:35.0716 0x152c [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
20:51:35.0736 0x152c iTunesHelper - ok
20:51:35.0871 0x152c [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
20:51:35.0908 0x152c QuickTime Task - ok
20:51:36.0028 0x152c [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
20:51:36.0048 0x152c HP Software Update - ok
20:51:36.0250 0x152c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:51:36.0395 0x152c Sidebar - ok
20:51:36.0474 0x152c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:51:36.0494 0x152c mctadmin - ok
20:51:36.0664 0x152c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:51:36.0784 0x152c Sidebar - ok
20:51:36.0824 0x152c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:51:36.0854 0x152c mctadmin - ok
20:51:36.0926 0x152c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:51:36.0926 0x152c swg - ok
20:51:36.0998 0x152c [ 5588812731C64305F2579DD8215037E0, 0FA8D3DE660670125C203B96FDA4DDF7A88B66C37F66E5F183C4BC7983E55709 ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
20:51:36.0998 0x152c LDM - ok
20:51:37.0261 0x152c [ 6B06FF37263E4B3978FD358F610FAB92, E5F60B147CD4AD35DDAE8CDC991BAF5F47394D21DF11B3FAE610A118DF764A01 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
20:51:37.0411 0x152c HP Officejet 6700 (NET) - ok
20:51:37.0541 0x152c [ B60F618B09FDC751902B7486F3A26E92, BDF0C33960C98445018CF48F78D66F643E5AA1EDBF7E0265CE10C75F828E85AF ] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
20:51:37.0551 0x152c iCloudServices - ok
20:51:37.0621 0x152c Skype - ok
20:51:37.0641 0x152c Waiting for KSN requests completion. In queue: 87
20:51:38.0643 0x152c Waiting for KSN requests completion. In queue: 87
20:51:39.0645 0x152c Waiting for KSN requests completion. In queue: 87
20:51:40.0645 0x152c Waiting for KSN requests completion. In queue: 87
20:51:41.0649 0x152c Waiting for KSN requests completion. In queue: 87
20:51:42.0653 0x152c Waiting for KSN requests completion. In queue: 87
20:51:43.0653 0x152c Waiting for KSN requests completion. In queue: 87
20:51:44.0653 0x152c Waiting for KSN requests completion. In queue: 87
20:51:45.0655 0x152c Waiting for KSN requests completion. In queue: 87
20:51:46.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:47.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:48.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:49.0662 0x152c Waiting for KSN requests completion. In queue: 87
20:51:50.0667 0x152c Waiting for KSN requests completion. In queue: 87
20:51:51.0669 0x152c Waiting for KSN requests completion. In queue: 87
20:51:52.0763 0x152c AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41010 ( enabled : outofdate )
20:51:52.0783 0x152c Win FW state via NFP2: enabled
20:51:55.0438 0x152c ============================================================
20:51:55.0438 0x152c Scan finished
20:51:55.0438 0x152c ============================================================
20:51:55.0488 0x0ea8 Detected object count: 0
20:51:55.0488 0x0ea8 Actual detected object count: 0
20:57:47.0559 0x1400 ============================================================
20:57:47.0559 0x1400 Scan started
20:57:47.0559 0x1400 Mode: Manual; SigCheck; TDLFS;
20:57:47.0559 0x1400 ============================================================
20:57:47.0559 0x1400 KSN ping started
20:58:02.0231 0x1400 KSN ping finished: true
20:58:03.0687 0x1400 ================ Scan system memory ========================
20:58:03.0687 0x1400 System memory - ok
20:58:03.0687 0x1400 ================ Scan services =============================
20:58:03.0969 0x1400 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:58:04.0381 0x1400 1394ohci - ok
20:58:04.0461 0x1400 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
20:58:04.0571 0x1400 ACPI - ok
20:58:04.0651 0x1400 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:58:04.0821 0x1400 AcpiPmi - ok
20:58:04.0981 0x1400 [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:58:05.0081 0x1400 AdobeARMservice - ok
20:58:05.0181 0x1400 [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:58:05.0271 0x1400 AdobeFlashPlayerUpdateSvc - ok
20:58:05.0382 0x1400 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
20:58:05.0554 0x1400 adp94xx - ok
20:58:05.0644 0x1400 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
20:58:05.0756 0x1400 adpahci - ok
20:58:05.0816 0x1400 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
20:58:05.0928 0x1400 adpu320 - ok
20:58:05.0998 0x1400 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:58:06.0178 0x1400 AeLookupSvc - ok
20:58:06.0268 0x1400 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys
20:58:06.0448 0x1400 AFD - ok
20:58:06.0508 0x1400 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
20:58:06.0588 0x1400 agp440 - ok
20:58:06.0648 0x1400 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
20:58:06.0743 0x1400 aic78xx - ok
20:58:06.0862 0x1400 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
20:58:07.0004 0x1400 ALG - ok
20:58:07.0056 0x1400 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
20:58:07.0126 0x1400 aliide - ok
20:58:07.0166 0x1400 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
20:58:07.0269 0x1400 amdagp - ok
20:58:07.0348 0x1400 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
20:58:07.0437 0x1400 amdide - ok
20:58:07.0490 0x1400 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
20:58:07.0590 0x1400 AmdK8 - ok
20:58:07.0630 0x1400 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:58:07.0740 0x1400 AmdPPM - ok
20:58:07.0814 0x1400 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:58:07.0894 0x1400 amdsata - ok
20:58:07.0964 0x1400 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
20:58:08.0074 0x1400 amdsbs - ok
20:58:08.0154 0x1400 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:58:08.0234 0x1400 amdxata - ok
20:58:08.0486 0x1400 [ 3C355762D89401975EF86E6975FEC77C, D3F7DF98A40A57373B4C9325AB057D3A0A24B772499D0D6A2EC154A1D4CB57EA ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
20:58:08.0696 0x1400 AntiVirMailService - ok
20:58:08.0826 0x1400 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:58:08.0950 0x1400 AntiVirSchedulerService - ok
20:58:09.0143 0x1400 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:58:09.0262 0x1400 AntiVirService - ok
20:58:09.0494 0x1400 [ 7983B808D27CEFADD0BCBCAB30736B5B, 5E723476EF71F4C7AFC9E65113F6E78357DC908ED6E09F1142C4DB19B78DC5EF ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:58:09.0664 0x1400 AntiVirWebService - ok
20:58:09.0756 0x1400 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\windows\system32\drivers\appid.sys
20:58:09.0926 0x1400 AppID - ok
20:58:09.0978 0x1400 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\windows\System32\appidsvc.dll
20:58:10.0068 0x1400 AppIDSvc - ok
20:58:10.0118 0x1400 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\windows\System32\appinfo.dll
20:58:10.0280 0x1400 Appinfo - ok
20:58:10.0370 0x1400 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:58:10.0450 0x1400 Apple Mobile Device - ok
20:58:10.0512 0x1400 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
20:58:10.0592 0x1400 arc - ok
20:58:10.0642 0x1400 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
20:58:10.0734 0x1400 arcsas - ok
20:58:10.0984 0x1400 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:58:11.0064 0x1400 aspnet_state - ok
20:58:11.0104 0x1400 [ A9A565C669786C402752F609AFDD0DD5, 7D64828DE5503AF4B4A80F4C08BB2659B277CD664AB33724FB9387948BE8765A ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
20:58:11.0194 0x1400 AsUpIO - ok
20:58:11.0286 0x1400 [ C4FB2613D3C75364BB159B9C23A00E7A, 945AD13620BBEFFC382EDC3B3337975D158C7EDB4E3782021FCBE3B49A8A1F57 ] AsusService C:\Windows\System32\AsusService.exe
20:58:11.0358 0x1400 AsusService - detected UnsignedFile.Multi.Generic ( 1 )
20:58:11.0358 0x1400 Detect skipped due to KSN trusted
20:58:11.0358 0x1400 AsusService - ok
20:58:11.0418 0x1400 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:58:11.0700 0x1400 AsyncMac - ok
20:58:11.0762 0x1400 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
20:58:11.0832 0x1400 atapi - ok
20:58:12.0032 0x1400 [ B01751CC563AECAC09BBE36AAA21FBEF, 453CAED322CC13155D3BD1F5BF9ABC9FA7F74D9C17E712DAEC63E9518F0E9229 ] athr C:\windows\system32\DRIVERS\athr.sys
20:58:12.0354 0x1400 athr - ok
20:58:12.0556 0x1400 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:58:12.0727 0x1400 AudioEndpointBuilder - ok
20:58:12.0828 0x1400 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\windows\System32\Audiosrv.dll
20:58:13.0002 0x1400 Audiosrv - ok
20:58:13.0102 0x1400 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
20:58:13.0182 0x1400 avgntflt - ok
20:58:13.0242 0x1400 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
20:58:13.0322 0x1400 avipbb - ok
20:58:13.0382 0x1400 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
20:58:13.0462 0x1400 avkmgr - ok
20:58:13.0562 0x1400 [ E011CD533A4F67F194B43666AE05EDA9, F328BC48AE0DCD7CD5E05D0FA28751B6DAB7883A32ECEDE14E3FEBA926135457 ] avmike C:\Program Files\FRITZ!Fernzugang\avmike.exe
20:58:13.0654 0x1400 avmike - ok
20:58:13.0776 0x1400 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
20:58:13.0946 0x1400 AxInstSV - ok
20:58:14.0046 0x1400 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
20:58:14.0246 0x1400 b06bdrv - ok
20:58:14.0329 0x1400 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
20:58:14.0459 0x1400 b57nd60x - ok
20:58:14.0549 0x1400 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
20:58:14.0712 0x1400 BDESVC - ok
20:58:14.0781 0x1400 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
20:58:14.0951 0x1400 Beep - ok
20:58:15.0121 0x1400 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
20:58:15.0301 0x1400 BFE - ok
20:58:15.0411 0x1400 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\System32\qmgr.dll
20:58:15.0855 0x1400 BITS - ok
20:58:15.0965 0x1400 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:58:16.0065 0x1400 blbdrive - ok
20:58:16.0185 0x1400 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:58:16.0302 0x1400 Bonjour Service - ok
20:58:16.0337 0x1400 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:58:16.0469 0x1400 bowser - ok
20:58:16.0509 0x1400 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
20:58:16.0681 0x1400 BrFiltLo - ok
20:58:16.0731 0x1400 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
20:58:16.0833 0x1400 BrFiltUp - ok
20:58:16.0985 0x1400 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
20:58:17.0107 0x1400 Browser - ok
20:58:17.0177 0x1400 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:58:17.0337 0x1400 Brserid - ok
20:58:17.0377 0x1400 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:58:17.0497 0x1400 BrSerWdm - ok
20:58:17.0589 0x1400 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:58:17.0691 0x1400 BrUsbMdm - ok
20:58:17.0721 0x1400 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:58:17.0823 0x1400 BrUsbSer - ok
20:58:17.0873 0x1400 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
20:58:18.0016 0x1400 BthEnum - ok
20:58:18.0076 0x1400 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
20:58:18.0166 0x1400 BTHMODEM - ok
20:58:18.0206 0x1400 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
20:58:18.0286 0x1400 BthPan - ok
20:58:18.0376 0x1400 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
20:58:18.0486 0x1400 BTHPORT - ok
20:58:18.0546 0x1400 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
20:58:18.0696 0x1400 bthserv - ok
20:58:18.0746 0x1400 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
20:58:18.0826 0x1400 BTHUSB - ok
20:58:18.0856 0x1400 btwaudio - ok
20:58:18.0876 0x1400 btwavdt - ok
20:58:18.0906 0x1400 btwl2cap - ok
20:58:18.0936 0x1400 btwrchid - ok
20:58:19.0150 0x1400 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:58:19.0350 0x1400 c2cautoupdatesvc - ok
20:58:19.0582 0x1400 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:58:19.0822 0x1400 c2cpnrsvc - ok
20:58:19.0902 0x1400 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:58:20.0042 0x1400 cdfs - ok
20:58:20.0172 0x1400 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\drivers\cdrom.sys
20:58:20.0272 0x1400 cdrom - ok
20:58:20.0332 0x1400 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
20:58:20.0492 0x1400 CertPropSvc - ok
20:58:20.0542 0x1400 [ 32416A00199B83F3CB19A504A226A519, 0090A0BB6DF2DCDA4A3255E896D132E47E82CEFF2884D813E8F6CF55C5AF6254 ] certsrv C:\Program Files\FRITZ!Fernzugang\certsrv.exe
20:58:20.0614 0x1400 certsrv - ok
20:58:20.0674 0x1400 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
20:58:20.0774 0x1400 circlass - ok
Code:
ATTFilter 20:58:20.0854 0x1400 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\windows\system32\CLFS.sys
20:58:20.0954 0x1400 CLFS - ok
20:58:21.0104 0x1400 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:58:21.0214 0x1400 clr_optimization_v2.0.50727_32 - ok
20:58:21.0295 0x1400 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:58:21.0388 0x1400 clr_optimization_v4.0.30319_32 - ok
20:58:21.0438 0x1400 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:58:21.0538 0x1400 CmBatt - ok
20:58:21.0588 0x1400 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
20:58:21.0668 0x1400 cmdide - ok
20:58:21.0758 0x1400 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\windows\system32\Drivers\cng.sys
20:58:21.0920 0x1400 CNG - ok
20:58:21.0960 0x1400 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
20:58:22.0030 0x1400 Compbatt - ok
20:58:22.0090 0x1400 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
20:58:22.0210 0x1400 CompositeBus - ok
20:58:22.0258 0x1400 COMSysApp - ok
20:58:22.0381 0x1400 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
20:58:22.0463 0x1400 crcdisk - ok
20:58:22.0522 0x1400 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\windows\system32\cryptsvc.dll
20:58:22.0622 0x1400 CryptSvc - ok
20:58:22.0732 0x1400 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
20:58:22.0936 0x1400 DcomLaunch - ok
20:58:23.0092 0x1400 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
20:58:23.0252 0x1400 defragsvc - ok
20:58:23.0302 0x1400 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:58:23.0462 0x1400 DfsC - ok
20:58:23.0532 0x1400 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
20:58:23.0705 0x1400 Dhcp - ok
20:58:23.0757 0x1400 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
20:58:23.0907 0x1400 discache - ok
20:58:23.0957 0x1400 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
20:58:24.0027 0x1400 Disk - ok
20:58:24.0089 0x1400 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
20:58:24.0209 0x1400 Dnscache - ok
20:58:24.0279 0x1400 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
20:58:24.0441 0x1400 dot3svc - ok
20:58:24.0491 0x1400 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
20:58:24.0671 0x1400 DPS - ok
20:58:24.0721 0x1400 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:58:24.0821 0x1400 drmkaud - ok
20:58:24.0971 0x1400 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:58:25.0171 0x1400 DXGKrnl - ok
20:58:25.0241 0x1400 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
20:58:25.0433 0x1400 EapHost - ok
20:58:25.0917 0x1400 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
20:58:26.0347 0x1400 ebdrv - ok
20:58:26.0429 0x1400 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] EFS C:\windows\System32\lsass.exe
20:58:26.0529 0x1400 EFS - ok
20:58:26.0683 0x1400 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:58:26.0953 0x1400 ehRecvr - ok
20:58:27.0013 0x1400 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
20:58:27.0173 0x1400 ehSched - ok
20:58:27.0283 0x1400 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
20:58:27.0413 0x1400 elxstor - ok
20:58:27.0483 0x1400 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
20:58:27.0573 0x1400 ErrDev - ok
20:58:27.0683 0x1400 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
20:58:27.0986 0x1400 EventSystem - ok
20:58:28.0078 0x1400 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
20:58:28.0240 0x1400 exfat - ok
20:58:28.0360 0x1400 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
20:58:28.0562 0x1400 fastfat - ok
20:58:28.0733 0x1400 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
20:58:28.0951 0x1400 Fax - ok
20:58:29.0009 0x1400 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
20:58:29.0107 0x1400 fdc - ok
20:58:29.0177 0x1400 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
20:58:29.0377 0x1400 fdPHost - ok
20:58:29.0447 0x1400 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
20:58:29.0627 0x1400 FDResPub - ok
20:58:29.0677 0x1400 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:58:29.0769 0x1400 FileInfo - ok
20:58:29.0799 0x1400 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:58:29.0981 0x1400 Filetrace - ok
20:58:30.0071 0x1400 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
20:58:30.0183 0x1400 flpydisk - ok
20:58:30.0255 0x1400 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:58:30.0345 0x1400 FltMgr - ok
20:58:30.0575 0x1400 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\windows\system32\FntCache.dll
20:58:30.0855 0x1400 FontCache - ok
20:58:30.0947 0x1400 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:58:31.0017 0x1400 FontCache3.0.0.0 - ok
20:58:31.0077 0x1400 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:58:31.0200 0x1400 FsDepends - ok
20:58:31.0269 0x1400 [ B74B0578FD1D3F897E95F2A2B69EA051, 64FCA8452CB37D55679AC8BEF221D6BA1D91E50680D37FFCFB81619ADAA5889C ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
20:58:31.0329 0x1400 fssfltr - ok
20:58:31.0529 0x1400 [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:58:31.0689 0x1400 fsssvc - ok
20:58:31.0771 0x1400 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:58:31.0851 0x1400 Fs_Rec - ok
20:58:31.0931 0x1400 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:58:32.0043 0x1400 fvevol - ok
20:58:32.0163 0x1400 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
20:58:32.0255 0x1400 gagp30kx - ok
20:58:32.0327 0x1400 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:58:32.0377 0x1400 GEARAspiWDM - ok
20:58:32.0527 0x1400 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
20:58:32.0759 0x1400 gpsvc - ok
20:58:32.0889 0x1400 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:58:32.0970 0x1400 gupdate - ok
20:58:33.0011 0x1400 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:58:33.0125 0x1400 gupdatem - ok
20:58:33.0213 0x1400 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:58:33.0273 0x1400 gusvc - ok
20:58:33.0323 0x1400 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:58:33.0433 0x1400 hcw85cir - ok
20:58:33.0523 0x1400 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:58:33.0633 0x1400 HdAudAddService - ok
20:58:33.0683 0x1400 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
20:58:33.0783 0x1400 HDAudBus - ok
20:58:33.0833 0x1400 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
20:58:33.0923 0x1400 HidBatt - ok
20:58:33.0973 0x1400 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
20:58:34.0043 0x1400 HidBth - ok
20:58:34.0083 0x1400 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
20:58:34.0173 0x1400 HidIr - ok
20:58:34.0223 0x1400 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\system32\hidserv.dll
20:58:34.0373 0x1400 hidserv - ok
20:58:34.0423 0x1400 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\drivers\hidusb.sys
20:58:34.0545 0x1400 HidUsb - ok
20:58:34.0605 0x1400 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
20:58:34.0735 0x1400 hkmsvc - ok
20:58:34.0785 0x1400 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:58:34.0905 0x1400 HomeGroupListener - ok
20:58:34.0975 0x1400 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:58:35.0105 0x1400 HomeGroupProvider - ok
20:58:35.0145 0x1400 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:58:35.0235 0x1400 HpSAMD - ok
20:58:35.0367 0x1400 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:58:35.0649 0x1400 HTTP - ok
20:58:35.0729 0x1400 [ 1720966D9C7EA5E2D78B6DB92D2F9171, B43521949F0557C9DC1DEC23A4A31D293FFBE721A937C90A2BCF6FCD1A216ADE ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
20:58:35.0859 0x1400 hwdatacard - ok
20:58:35.0909 0x1400 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:58:36.0012 0x1400 hwpolicy - ok
20:58:36.0171 0x1400 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
20:58:36.0269 0x1400 i8042prt - ok
20:58:36.0373 0x1400 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:58:36.0508 0x1400 iaStorV - ok
20:58:36.0707 0x1400 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:58:36.0905 0x1400 idsvc - ok
20:58:36.0945 0x1400 IEEtwCollectorService - ok
20:58:37.0085 0x1400 [ BB418D3796D89EF0665450228287CB34, 56F18650BF2E09E99FBC8037EE395EC8AE357A837F4271E2E34763E801E13C3E ] igd C:\windows\system32\DRIVERS\igdkmd32.sys
20:58:37.0295 0x1400 igd - ok
20:58:37.0417 0x1400 [ BB418D3796D89EF0665450228287CB34, 56F18650BF2E09E99FBC8037EE395EC8AE357A837F4271E2E34763E801E13C3E ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
20:58:37.0582 0x1400 igfx - ok
20:58:37.0662 0x1400 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
20:58:37.0769 0x1400 iirsp - ok
20:58:37.0904 0x1400 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
20:58:38.0116 0x1400 IKEEXT - ok
20:58:38.0590 0x1400 [ DB96B8BD676BB24BD4F1DC53CA1F182C, 42E8A43E35520793A3A34BA6F70A631D629194C8C882EB62BBF296D9F731D6CD ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
20:58:39.0052 0x1400 IntcAzAudAddService - ok
20:58:39.0132 0x1400 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
20:58:39.0182 0x1400 intelide - ok
20:58:39.0232 0x1400 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
20:58:39.0302 0x1400 intelppm - ok
20:58:39.0352 0x1400 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:58:39.0552 0x1400 IPBusEnum - ok
20:58:39.0654 0x1400 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:58:39.0836 0x1400 IpFilterDriver - ok
20:58:40.0018 0x1400 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:58:40.0190 0x1400 iphlpsvc - ok
20:58:40.0260 0x1400 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:58:40.0372 0x1400 IPMIDRV - ok
20:58:40.0442 0x1400 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:58:40.0644 0x1400 IPNAT - ok
20:58:40.0834 0x1400 [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:58:40.0964 0x1400 iPod Service - ok
20:58:41.0052 0x1400 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
20:58:41.0186 0x1400 IRENUM - ok
20:58:41.0236 0x1400 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
20:58:41.0326 0x1400 isapnp - ok
20:58:41.0408 0x1400 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:58:41.0518 0x1400 iScsiPrt - ok
20:58:41.0558 0x1400 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
20:58:41.0638 0x1400 kbdclass - ok
20:58:41.0708 0x1400 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:58:41.0798 0x1400 kbdhid - ok
20:58:41.0868 0x1400 [ 3EB803312987FF44265C87CB960DF6AB, D6F44702F92089A0C847044A3933F7311D6A72C4647C3FECB35CDBF96A913A40 ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
20:58:41.0928 0x1400 kbfiltr - ok
20:58:41.0968 0x1400 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] KeyIso C:\windows\system32\lsass.exe
20:58:42.0068 0x1400 KeyIso - ok
20:58:42.0140 0x1400 [ 4DAC97CF81FAE4B2988AEF0DF40D04AE, 5560304972693DE5D5B21CE010A76067FA5B64AD5968122EE9F8248B3EA4878E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:58:42.0232 0x1400 KSecDD - ok
20:58:42.0352 0x1400 [ 9EED5E0B7BF784C491C2289A09920BDA, 9E82EB777A01AB32EDA2AE0420546602A82C850D68D2C0AEDB4EA5ADEDF835E6 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:58:42.0432 0x1400 KSecPkg - ok
20:58:42.0592 0x1400 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
20:58:42.0802 0x1400 KtmRm - ok
20:58:42.0872 0x1400 [ A158CEA8644B8A5C1EC0E9A81B70F65A, 70B4726BFB652CB41F06F60AE2A780A521E7B783F0B38BE55E8A566A915929F5 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
20:58:42.0952 0x1400 L1C - ok
20:58:43.0012 0x1400 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\system32\srvsvc.dll
20:58:43.0235 0x1400 LanmanServer - ok
20:58:43.0376 0x1400 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:58:43.0618 0x1400 LanmanWorkstation - ok
20:58:43.0738 0x1400 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:58:43.0940 0x1400 lltdio - ok
20:58:44.0070 0x1400 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:58:44.0282 0x1400 lltdsvc - ok
20:58:44.0357 0x1400 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
20:58:44.0546 0x1400 lmhosts - ok
20:58:44.0658 0x1400 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
20:58:44.0737 0x1400 LSI_FC - ok
20:58:44.0860 0x1400 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
20:58:44.0930 0x1400 LSI_SAS - ok
20:58:44.0960 0x1400 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
20:58:45.0020 0x1400 LSI_SAS2 - ok
20:58:45.0060 0x1400 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
20:58:45.0130 0x1400 LSI_SCSI - ok
20:58:45.0180 0x1400 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
20:58:45.0320 0x1400 luafv - ok
20:58:45.0370 0x1400 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:58:45.0470 0x1400 Mcx2Svc - ok
20:58:45.0532 0x1400 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
20:58:45.0582 0x1400 megasas - ok
20:58:45.0652 0x1400 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
20:58:45.0722 0x1400 MegaSR - ok
20:58:45.0772 0x1400 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
20:58:45.0932 0x1400 MMCSS - ok
20:58:46.0052 0x1400 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
20:58:46.0172 0x1400 Modem - ok
20:58:46.0212 0x1400 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:58:46.0292 0x1400 monitor - ok
20:58:46.0352 0x1400 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:58:46.0412 0x1400 mouclass - ok
20:58:46.0452 0x1400 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:58:46.0532 0x1400 mouhid - ok
20:58:46.0599 0x1400 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:58:46.0664 0x1400 mountmgr - ok
20:58:46.0714 0x1400 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
20:58:46.0774 0x1400 mpio - ok
20:58:46.0824 0x1400 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:58:47.0032 0x1400 mpsdrv - ok
20:58:47.0161 0x1400 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
20:58:47.0468 0x1400 MpsSvc - ok
20:58:47.0542 0x1400 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:58:47.0669 0x1400 MRxDAV - ok
20:58:47.0742 0x1400 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:58:47.0866 0x1400 mrxsmb - ok
20:58:47.0948 0x1400 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:58:48.0060 0x1400 mrxsmb10 - ok
20:58:48.0121 0x1400 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:58:48.0214 0x1400 mrxsmb20 - ok
20:58:48.0292 0x1400 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
20:58:48.0354 0x1400 msahci - ok
20:58:48.0454 0x1400 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:58:48.0525 0x1400 msdsm - ok
20:58:48.0607 0x1400 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
20:58:48.0724 0x1400 MSDTC - ok
20:58:48.0858 0x1400 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
20:58:49.0039 0x1400 Msfs - ok
20:58:49.0097 0x1400 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:58:49.0245 0x1400 mshidkmdf - ok
20:58:49.0308 0x1400 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:58:49.0348 0x1400 msisadrv - ok
20:58:49.0398 0x1400 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:58:49.0518 0x1400 MSiSCSI - ok
20:58:49.0538 0x1400 msiserver - ok
20:58:49.0578 0x1400 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:58:49.0710 0x1400 MSKSSRV - ok
20:58:49.0740 0x1400 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:58:49.0850 0x1400 MSPCLOCK - ok
20:58:49.0890 0x1400 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:58:50.0012 0x1400 MSPQM - ok
20:58:50.0052 0x1400 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:58:50.0112 0x1400 MsRPC - ok
20:58:50.0172 0x1400 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
20:58:50.0222 0x1400 mssmbios - ok
20:58:50.0262 0x1400 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:58:50.0372 0x1400 MSTEE - ok
20:58:50.0412 0x1400 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
20:58:50.0492 0x1400 MTConfig - ok
20:58:50.0522 0x1400 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
20:58:50.0562 0x1400 Mup - ok
20:58:50.0652 0x1400 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
20:58:50.0792 0x1400 napagent - ok
20:58:50.0862 0x1400 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:58:50.0962 0x1400 NativeWifiP - ok
20:58:51.0084 0x1400 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
20:58:51.0205 0x1400 NDIS - ok
20:58:51.0256 0x1400 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:58:51.0356 0x1400 NdisCap - ok
20:58:51.0376 0x1400 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:58:51.0496 0x1400 NdisTapi - ok
20:58:51.0536 0x1400 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:58:51.0626 0x1400 Ndisuio - ok
20:58:51.0696 0x1400 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:58:51.0796 0x1400 NdisWan - ok
20:58:51.0826 0x1400 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:58:51.0936 0x1400 NDProxy - ok
20:58:51.0996 0x1400 [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
20:58:52.0026 0x1400 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:58:52.0026 0x1400 Detect skipped due to KSN trusted
20:58:52.0026 0x1400 Net Driver HPZ12 - ok
20:58:52.0077 0x1400 [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\windows\system32\DRIVERS\netaapl.sys
20:58:52.0100 0x1400 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
20:58:52.0101 0x1400 Detect skipped due to KSN trusted
20:58:52.0101 0x1400 Netaapl - ok
20:58:52.0138 0x1400 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:58:52.0277 0x1400 NetBIOS - ok
20:58:52.0330 0x1400 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:58:52.0440 0x1400 NetBT - ok
20:58:52.0490 0x1400 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] Netlogon C:\windows\system32\lsass.exe
20:58:52.0550 0x1400 Netlogon - ok
20:58:52.0620 0x1400 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
20:58:52.0770 0x1400 Netman - ok
20:58:52.0820 0x1400 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:58:52.0870 0x1400 NetMsmqActivator - ok
20:58:52.0900 0x1400 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:58:52.0960 0x1400 NetPipeActivator - ok
20:58:53.0020 0x1400 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
20:58:53.0185 0x1400 netprofm - ok
20:58:53.0212 0x1400 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:58:53.0262 0x1400 NetTcpActivator - ok
20:58:53.0292 0x1400 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:58:53.0352 0x1400 NetTcpPortSharing - ok
20:58:53.0402 0x1400 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
20:58:53.0442 0x1400 nfrd960 - ok
20:58:53.0517 0x1400 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\windows\System32\nlasvc.dll
20:58:53.0627 0x1400 NlaSvc - ok
20:58:53.0657 0x1400 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:58:53.0789 0x1400 Npfs - ok
20:58:53.0849 0x1400 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
20:58:53.0949 0x1400 nsi - ok
20:58:53.0979 0x1400 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:58:54.0099 0x1400 nsiproxy - ok
20:58:54.0271 0x1400 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:58:54.0411 0x1400 Ntfs - ok
20:58:54.0471 0x1400 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
20:58:54.0591 0x1400 Null - ok
20:58:54.0631 0x1400 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
20:58:54.0681 0x1400 nvraid - ok
20:58:54.0751 0x1400 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
20:58:54.0801 0x1400 nvstor - ok
20:58:54.0841 0x1400 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:58:54.0891 0x1400 nv_agp - ok
20:58:54.0971 0x1400 [ 4A0ADB15B198A1222EB6B9D31BF818FC, 7FA4DE9AEF466E4A5B8802A36C2163AD8434212D894B45C03BE6598D1F0EA5D5 ] NWIM C:\windows\system32\DRIVERS\avmnwim.sys
20:58:55.0031 0x1400 NWIM - ok
20:58:55.0091 0x1400 [ 93996AC3A64FB550506E1EA80DD334EB, 9FA8D2C5B40C11373835D1183BC92DE55504E57D4BC0347B837758EBF70FE5B8 ] nwtsrv C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
20:58:55.0131 0x1400 nwtsrv - ok
20:58:55.0251 0x1400 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:58:55.0403 0x1400 odserv - ok
20:58:55.0473 0x1400 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:58:55.0585 0x1400 ohci1394 - ok
20:58:55.0665 0x1400 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:58:55.0745 0x1400 ose - ok
20:58:55.0855 0x1400 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:58:56.0005 0x1400 p2pimsvc - ok
20:58:56.0085 0x1400 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
20:58:56.0225 0x1400 p2psvc - ok
20:58:56.0295 0x1400 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
20:58:56.0422 0x1400 Parport - ok
20:58:56.0497 0x1400 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
20:58:56.0577 0x1400 partmgr - ok
20:58:56.0617 0x1400 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
20:58:56.0697 0x1400 Parvdm - ok
20:58:56.0777 0x1400 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\windows\System32\pcasvc.dll
20:58:56.0939 0x1400 PcaSvc - ok
20:58:56.0999 0x1400 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
20:58:57.0100 0x1400 pci - ok
20:58:57.0151 0x1400 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
20:58:57.0221 0x1400 pciide - ok
20:58:57.0301 0x1400 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
20:58:57.0393 0x1400 pcmcia - ok
20:58:57.0443 0x1400 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
20:58:57.0569 0x1400 pcw - ok
20:58:57.0685 0x1400 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:58:57.0867 0x1400 PEAUTH - ok
20:58:58.0187 0x1400 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
20:58:58.0623 0x1400 pla - ok
20:58:58.0751 0x1400 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:58:58.0907 0x1400 PlugPlay - ok
20:58:58.0943 0x1400 [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
20:58:58.0993 0x1400 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:58:58.0993 0x1400 Detect skipped due to KSN trusted
20:58:58.0993 0x1400 Pml Driver HPZ12 - ok
20:58:59.0033 0x1400 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:58:59.0103 0x1400 PNRPAutoReg - ok
20:58:59.0163 0x1400 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:58:59.0273 0x1400 PNRPsvc - ok
20:58:59.0363 0x1400 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:58:59.0543 0x1400 PolicyAgent - ok
20:58:59.0655 0x1400 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
20:58:59.0847 0x1400 Power - ok
20:58:59.0905 0x1400 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:59:00.0039 0x1400 PptpMiniport - ok
20:59:00.0099 0x1400 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
20:59:00.0179 0x1400 Processor - ok
20:59:00.0259 0x1400 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\windows\system32\profsvc.dll
20:59:00.0389 0x1400 ProfSvc - ok
20:59:00.0429 0x1400 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] ProtectedStorage C:\windows\system32\lsass.exe
20:59:00.0521 0x1400 ProtectedStorage - ok
20:59:00.0581 0x1400 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:59:00.0793 0x1400 Psched - ok
20:59:00.0855 0x1400 [ 40FEDD328F98245AD201CF5F9F311724, CE1582652B6A7CACE46D8B492CAA8E51EA46C3890EF640E8C5E1E053731A4D74 ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
20:59:01.0077 0x1400 PxHelp20 - ok
20:59:01.0289 0x1400 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
20:59:01.0569 0x1400 ql2300 - ok
20:59:01.0659 0x1400 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
20:59:01.0739 0x1400 ql40xx - ok
20:59:01.0809 0x1400 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
20:59:02.0014 0x1400 QWAVE - ok
20:59:02.0061 0x1400 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:59:02.0162 0x1400 QWAVEdrv - ok
20:59:02.0193 0x1400 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:59:02.0363 0x1400 RasAcd - ok
20:59:02.0423 0x1400 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:59:02.0593 0x1400 RasAgileVpn - ok
20:59:02.0653 0x1400 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
20:59:02.0833 0x1400 RasAuto - ok
20:59:02.0903 0x1400 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:59:03.0100 0x1400 Rasl2tp - ok
20:59:03.0197 0x1400 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
20:59:03.0417 0x1400 RasMan - ok
20:59:03.0469 0x1400 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:59:03.0629 0x1400 RasPppoe - ok
20:59:03.0679 0x1400 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:59:03.0871 0x1400 RasSstp - ok
20:59:03.0971 0x1400 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:59:04.0250 0x1400 rdbss - ok
20:59:04.0315 0x1400 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
20:59:04.0395 0x1400 rdpbus - ok
20:59:04.0445 0x1400 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:59:04.0587 0x1400 RDPCDD - ok
20:59:04.0647 0x1400 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:59:04.0767 0x1400 RDPENCDD - ok
20:59:04.0807 0x1400 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:59:04.0917 0x1400 RDPREFMP - ok
20:59:04.0977 0x1400 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:59:05.0087 0x1400 RDPWD - ok
20:59:05.0167 0x1400 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:59:05.0259 0x1400 rdyboost - ok
20:59:05.0339 0x1400 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
20:59:05.0553 0x1400 RemoteAccess - ok
20:59:05.0653 0x1400 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
20:59:05.0853 0x1400 RemoteRegistry - ok
20:59:05.0923 0x1400 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
20:59:06.0055 0x1400 RFCOMM - ok
20:59:06.0105 0x1400 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:59:06.0277 0x1400 RpcEptMapper - ok
20:59:06.0297 0x1400 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
20:59:06.0387 0x1400 RpcLocator - ok
20:59:06.0490 0x1400 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
20:59:06.0679 0x1400 RpcSs - ok
20:59:06.0739 0x1400 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:59:06.0889 0x1400 rspndr - ok
20:59:06.0929 0x1400 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] SamSs C:\windows\system32\lsass.exe
20:59:07.0011 0x1400 SamSs - ok
20:59:07.0051 0x1400 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:59:07.0111 0x1400 sbp2port - ok
20:59:07.0151 0x1400 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
20:59:07.0291 0x1400 SCardSvr - ok
20:59:07.0331 0x1400 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:59:07.0441 0x1400 scfilter - ok
20:59:07.0561 0x1400 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\windows\system32\schedsvc.dll
20:59:07.0813 0x1400 Schedule - ok
20:59:07.0874 0x1400 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
20:59:08.0047 0x1400 SCPolicySvc - ok
20:59:08.0117 0x1400 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:59:08.0308 0x1400 SDRSVC - ok
20:59:08.0361 0x1400 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:59:08.0581 0x1400 secdrv - ok
20:59:08.0631 0x1400 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
20:59:08.0861 0x1400 seclogon - ok
20:59:08.0947 0x1400 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\System32\sens.dll
20:59:09.0194 0x1400 SENS - ok
20:59:09.0269 0x1400 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:59:09.0466 0x1400 SensrSvc - ok
20:59:09.0537 0x1400 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
20:59:09.0659 0x1400 Serenum - ok
20:59:09.0699 0x1400 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
20:59:09.0791 0x1400 Serial - ok
20:59:09.0821 0x1400 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
20:59:09.0881 0x1400 sermouse - ok
20:59:09.0991 0x1400 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
20:59:10.0203 0x1400 SessionEnv - ok
20:59:10.0243 0x1400 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:59:10.0313 0x1400 sffdisk - ok
20:59:10.0343 0x1400 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:59:10.0446 0x1400 sffp_mmc - ok
20:59:10.0480 0x1400 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:59:10.0624 0x1400 sffp_sd - ok
20:59:10.0669 0x1400 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
20:59:10.0719 0x1400 sfloppy - ok
20:59:10.0779 0x1400 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
20:59:10.0931 0x1400 SharedAccess - ok
20:59:11.0001 0x1400 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:59:11.0257 0x1400 ShellHWDetection - ok
20:59:11.0319 0x1400 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
20:59:11.0363 0x1400 sisagp - ok
20:59:11.0393 0x1400 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
20:59:11.0433 0x1400 SiSRaid2 - ok
20:59:11.0473 0x1400 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
20:59:11.0523 0x1400 SiSRaid4 - ok
20:59:11.0623 0x1400 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:59:11.0683 0x1400 SkypeUpdate - ok
20:59:11.0743 0x1400 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:59:11.0954 0x1400 Smb - ok
20:59:12.0085 0x1400 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:59:12.0165 0x1400 SNMPTRAP - ok
20:59:12.0175 0x1400 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
20:59:12.0225 0x1400 spldr - ok
20:59:12.0295 0x1400 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
20:59:12.0395 0x1400 Spooler - ok
20:59:12.0705 0x1400 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
20:59:13.0105 0x1400 sppsvc - ok
20:59:13.0195 0x1400 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
20:59:13.0315 0x1400 sppuinotify - ok
20:59:13.0395 0x1400 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys
20:59:13.0515 0x1400 srv - ok
20:59:13.0575 0x1400 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:59:13.0699 0x1400 srv2 - ok
20:59:13.0737 0x1400 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:59:13.0817 0x1400 srvnet - ok
20:59:13.0887 0x1400 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:59:14.0060 0x1400 SSDPSRV - ok
20:59:14.0128 0x1400 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
20:59:14.0209 0x1400 ssmdrv - ok
20:59:14.0279 0x1400 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll
20:59:14.0525 0x1400 SstpSvc - ok
20:59:14.0565 0x1400 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
20:59:14.0615 0x1400 stexstor - ok
20:59:14.0645 0x1400 [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\windows\system32\DRIVERS\serscan.sys
20:59:14.0725 0x1400 StillCam - ok
20:59:14.0815 0x1400 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll
20:59:15.0107 0x1400 StiSvc - ok
20:59:15.0177 0x1400 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys
20:59:15.0348 0x1400 swenum - ok
20:59:15.0511 0x1400 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll
20:59:15.0750 0x1400 swprv - ok
20:59:15.0871 0x1400 [ 8BD10DC8809DC69A1C5A795CB10ADD76, 92ED1BC580DC2BE539296D69775368C974FBB0145A5114BA250261E49E073960 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:59:15.0953 0x1400 SynTP - ok
20:59:16.0103 0x1400 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\windows\system32\sysmain.dll
20:59:16.0355 0x1400 SysMain - ok
20:59:16.0415 0x1400 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
20:59:16.0638 0x1400 TabletInputService - ok
20:59:16.0739 0x1400 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll
20:59:16.0991 0x1400 TapiSrv - ok
20:59:17.0041 0x1400 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll
20:59:17.0161 0x1400 TBS - ok
20:59:17.0371 0x1400 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:59:17.0631 0x1400 Tcpip - ok
20:59:17.0863 0x1400 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:59:18.0123 0x1400 TCPIP6 - ok
20:59:18.0223 0x1400 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:59:18.0293 0x1400 tcpipreg - ok
20:59:18.0363 0x1400 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:59:18.0453 0x1400 TDPIPE - ok
20:59:18.0493 0x1400 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:59:18.0563 0x1400 TDTCP - ok
20:59:18.0613 0x1400 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:59:18.0713 0x1400 tdx - ok
20:59:19.0245 0x1400 [ 7F4DFE2297AE542CE5BCC88553A541F6, 490FE8EAD232082B53C7FCBD632C816DA18754B9E19AC2AC388F76C0041F89B5 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
20:59:19.0627 0x1400 TeamViewer7 - ok
20:59:19.0717 0x1400 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys
20:59:19.0767 0x1400 TermDD - ok
20:59:19.0857 0x1400 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\windows\System32\termsrv.dll
20:59:20.0029 0x1400 TermService - ok
20:59:20.0079 0x1400 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll
20:59:20.0159 0x1400 Themes - ok
20:59:20.0199 0x1400 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll
20:59:20.0299 0x1400 THREADORDER - ok
20:59:20.0339 0x1400 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll
20:59:20.0469 0x1400 TrkWks - ok
20:59:20.0569 0x1400 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:59:20.0689 0x1400 TrustedInstaller - ok
20:59:20.0739 0x1400 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:59:20.0799 0x1400 tssecsrv - ok
20:59:20.0859 0x1400 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:59:20.0949 0x1400 TsUsbFlt - ok
20:59:21.0011 0x1400 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:59:21.0211 0x1400 tunnel - ok
20:59:21.0281 0x1400 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
20:59:21.0361 0x1400 uagp35 - ok
20:59:21.0448 0x1400 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:59:21.0633 0x1400 udfs - ok
|
|
30.03.2015, 20:51
| #8 |
| | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglichCode:
ATTFilter 20:59:21.0895 0x1400 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe
20:59:22.0109 0x1400 UI0Detect - ok
20:59:22.0209 0x1400 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:59:22.0308 0x1400 uliagpkx - ok
20:59:22.0371 0x1400 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:59:22.0441 0x1400 umbus - ok
20:59:22.0491 0x1400 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
20:59:22.0561 0x1400 UmPass - ok
20:59:22.0643 0x1400 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll
20:59:22.0915 0x1400 upnphost - ok
20:59:22.0975 0x1400 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
20:59:23.0005 0x1400 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
20:59:23.0005 0x1400 Detect skipped due to KSN trusted
20:59:23.0005 0x1400 USBAAPL - ok
20:59:23.0055 0x1400 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:59:23.0175 0x1400 usbccgp - ok
20:59:23.0225 0x1400 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys
20:59:23.0367 0x1400 usbcir - ok
20:59:23.0419 0x1400 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\windows\system32\drivers\usbehci.sys
20:59:23.0539 0x1400 usbehci - ok
20:59:23.0599 0x1400 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:59:23.0739 0x1400 usbhub - ok
20:59:23.0789 0x1400 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\windows\system32\drivers\usbohci.sys
20:59:23.0899 0x1400 usbohci - ok
20:59:23.0939 0x1400 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:59:24.0039 0x1400 usbprint - ok
20:59:24.0089 0x1400 [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:59:24.0211 0x1400 usbscan - ok
20:59:24.0271 0x1400 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:59:24.0504 0x1400 USBSTOR - ok
20:59:24.0575 0x1400 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:59:24.0680 0x1400 usbuhci - ok
20:59:24.0767 0x1400 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
20:59:24.0945 0x1400 usbvideo - ok
20:59:25.0009 0x1400 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll
20:59:25.0109 0x1400 UxSms - ok
20:59:25.0149 0x1400 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] VaultSvc C:\windows\system32\lsass.exe
20:59:25.0241 0x1400 VaultSvc - ok
20:59:25.0331 0x1400 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:59:25.0443 0x1400 vdrvroot - ok
20:59:25.0553 0x1400 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe
20:59:25.0703 0x1400 vds - ok
20:59:25.0753 0x1400 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:59:25.0823 0x1400 vga - ok
20:59:25.0878 0x1400 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys
20:59:25.0985 0x1400 VgaSave - ok
20:59:26.0025 0x1400 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:59:26.0085 0x1400 vhdmp - ok
20:59:26.0115 0x1400 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys
20:59:26.0165 0x1400 viaagp - ok
20:59:26.0195 0x1400 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
20:59:26.0245 0x1400 ViaC7 - ok
20:59:26.0285 0x1400 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys
20:59:26.0325 0x1400 viaide - ok
20:59:26.0355 0x1400 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:59:26.0405 0x1400 volmgr - ok
20:59:26.0465 0x1400 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:59:26.0545 0x1400 volmgrx - ok
20:59:26.0620 0x1400 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys
20:59:26.0687 0x1400 volsnap - ok
20:59:26.0787 0x1400 [ 5298DCF8D684DBBF24CDB622F8A7CB37, B9FE264930EDE11FFA0ABC81F70101E9CE800E4B700DF00D21159359E7406EA2 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
20:59:26.0867 0x1400 vpnagent - ok
20:59:26.0917 0x1400 [ 174268D44B24ECC79119634142F908AB, 8AC46C019CBA0081BA095B34DFF97C30284353FDEE32361A44849C7B7F4B6769 ] vpnva C:\windows\system32\DRIVERS\vpnva.sys
20:59:27.0019 0x1400 vpnva - ok
20:59:27.0089 0x1400 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
20:59:27.0179 0x1400 vsmraid - ok
20:59:27.0359 0x1400 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe
20:59:27.0738 0x1400 VSS - ok
20:59:27.0783 0x1400 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:59:27.0873 0x1400 vwifibus - ok
20:59:27.0923 0x1400 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:59:28.0045 0x1400 vwififlt - ok
20:59:28.0095 0x1400 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:59:28.0205 0x1400 vwifimp - ok
20:59:28.0287 0x1400 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll
20:59:28.0669 0x1400 W32Time - ok
20:59:28.0729 0x1400 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
20:59:28.0822 0x1400 WacomPen - ok
20:59:28.0851 0x1400 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:59:29.0001 0x1400 WANARP - ok
20:59:29.0031 0x1400 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:59:29.0282 0x1400 Wanarpv6 - ok
20:59:29.0515 0x1400 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:59:29.0675 0x1400 WatAdminSvc - ok
20:59:29.0870 0x1400 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe
20:59:30.0054 0x1400 wbengine - ok
20:59:30.0114 0x1400 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:59:30.0223 0x1400 WbioSrvc - ok
20:59:30.0276 0x1400 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll
20:59:30.0396 0x1400 wcncsvc - ok
20:59:30.0426 0x1400 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:59:30.0536 0x1400 WcsPlugInService - ok
20:59:30.0576 0x1400 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys
20:59:30.0616 0x1400 Wd - ok
20:59:30.0706 0x1400 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:59:30.0796 0x1400 Wdf01000 - ok
20:59:30.0866 0x1400 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\windows\system32\wdi.dll
20:59:30.0948 0x1400 WdiServiceHost - ok
20:59:30.0968 0x1400 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\windows\system32\wdi.dll
20:59:31.0038 0x1400 WdiSystemHost - ok
20:59:31.0108 0x1400 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\windows\System32\webclnt.dll
20:59:31.0198 0x1400 WebClient - ok
20:59:31.0258 0x1400 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll
20:59:31.0388 0x1400 Wecsvc - ok
20:59:31.0428 0x1400 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:59:31.0620 0x1400 wercplsupport - ok
20:59:31.0670 0x1400 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll
20:59:32.0001 0x1400 WerSvc - ok
20:59:32.0142 0x1400 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:59:32.0282 0x1400 WfpLwf - ok
20:59:32.0332 0x1400 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:59:32.0392 0x1400 WIMMount - ok
20:59:32.0522 0x1400 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:59:32.0672 0x1400 WinDefend - ok
20:59:32.0712 0x1400 WinHttpAutoProxySvc - ok
20:59:32.0802 0x1400 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:59:32.0932 0x1400 Winmgmt - ok
20:59:33.0102 0x1400 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\windows\system32\WsmSvc.dll
20:59:33.0324 0x1400 WinRM - ok
20:59:33.0404 0x1400 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:59:33.0464 0x1400 WinUsb - ok
20:59:33.0584 0x1400 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll
20:59:33.0797 0x1400 Wlansvc - ok
20:59:34.0106 0x1400 [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:59:34.0583 0x1400 wlidsvc - ok
20:59:34.0708 0x1400 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:59:34.0778 0x1400 WmiAcpi - ok
20:59:34.0849 0x1400 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:59:34.0930 0x1400 wmiApSrv - ok
20:59:35.0341 0x1400 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:59:35.0546 0x1400 WMPNetworkSvc - ok
20:59:35.0586 0x1400 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll
20:59:35.0676 0x1400 WPCSvc - ok
20:59:35.0768 0x1400 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:59:35.0961 0x1400 WPDBusEnum - ok
20:59:35.0992 0x1400 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:59:36.0112 0x1400 ws2ifsl - ok
20:59:36.0162 0x1400 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\System32\wscsvc.dll
20:59:36.0252 0x1400 wscsvc - ok
20:59:36.0302 0x1400 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
20:59:36.0362 0x1400 WSDPrintDevice - ok
20:59:36.0382 0x1400 WSearch - ok
20:59:36.0482 0x1400 [ A583F4BF607EBC5709578433207A76A8, 679E54BECFE27F7A0573263494E5028E02DF9A9817B79EEF6B7C04DB27C1F56E ] WTGService C:\Program Files\Verbindungsassistent\wtgservice.exe
20:59:36.0564 0x1400 WTGService - ok
20:59:36.0764 0x1400 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\windows\system32\wuaueng.dll
20:59:36.0986 0x1400 wuauserv - ok
20:59:37.0066 0x1400 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:59:37.0146 0x1400 WudfPf - ok
20:59:37.0186 0x1400 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:59:37.0246 0x1400 WUDFRd - ok
20:59:37.0296 0x1400 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:59:37.0366 0x1400 wudfsvc - ok
20:59:37.0436 0x1400 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\windows\System32\wwansvc.dll
20:59:37.0611 0x1400 WwanSvc - ok
20:59:37.0718 0x1400 ================ Scan global ===============================
20:59:37.0778 0x1400 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
20:59:37.0868 0x1400 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
20:59:37.0938 0x1400 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
20:59:38.0028 0x1400 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
20:59:38.0138 0x1400 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
20:59:38.0178 0x1400 [ Global ] - ok
20:59:38.0188 0x1400 ================ Scan MBR ==================================
20:59:38.0208 0x1400 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:59:38.0918 0x1400 \Device\Harddisk0\DR0 - ok
20:59:38.0918 0x1400 ================ Scan VBR ==================================
20:59:38.0948 0x1400 [ 257D18947DE5165B2B503ED0392F3C50 ] \Device\Harddisk0\DR0\Partition1
20:59:38.0948 0x1400 \Device\Harddisk0\DR0\Partition1 - ok
20:59:38.0988 0x1400 [ FC2C98DD2EC94A43BC19445F1C0DC14D ] \Device\Harddisk0\DR0\Partition2
20:59:38.0998 0x1400 \Device\Harddisk0\DR0\Partition2 - ok
20:59:38.0998 0x1400 ================ Scan generic autorun ======================
20:59:39.0248 0x1400 [ 778B2333591E9D28063D491456DA18BE, B6EE1FDE2CC137C075E2AA5A588C9356F79690525B0587A97D63127768247717 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:59:39.0518 0x1400 SynTPEnh - ok
20:59:39.0538 0x1400 HotkeyMon - ok
20:59:39.0558 0x1400 HotkeyService - ok
20:59:40.0085 0x1400 [ 37DEB76A2CF005841C4E45DE2B94D84F, BB8F7BC57A4144A4489DB1DD7F2121346A2235EC478CE8F93CEB7E1773025FCA ] C:\Windows\AsScrPro.exe
20:59:40.0540 0x1400 ASUS Screen Saver Protector - ok
20:59:40.0699 0x1400 [ 95B5AB49BE07F27C63CC0BBCE34B8E22, A662A74F6209881982F922797A383845E0DFCBD1D2862A3BD992F9300945455F ] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
20:59:40.0802 0x1400 Eee Docking - detected UnsignedFile.Multi.Generic ( 1 )
20:59:40.0812 0x1400 Detect skipped due to KSN trusted
20:59:40.0812 0x1400 Eee Docking - ok
20:59:40.0832 0x1400 LiveUpdate - ok
20:59:40.0952 0x1400 [ 822E6029CE5B3EBF31016860E81E2415, BE31A7F6A1F4601A8FC9E6C87C1762849829CA2ABBE1BE5B41E945648C662EC1 ] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
20:59:41.0012 0x1400 SynAsusAcpi - ok
20:59:41.0262 0x1400 [ 609615D2DC9459AE90293A71441F873F, 6FBA9C3A8B6313AF9A73510C1FA230E92409041387EC6EB48694220B5A8A4124 ] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
20:59:41.0686 0x1400 EeeStorageBackup - detected UnsignedFile.Multi.Generic ( 1 )
20:59:41.0686 0x1400 Detect skipped due to KSN trusted
20:59:41.0686 0x1400 EeeStorageBackup - ok
20:59:41.0696 0x1400 SuperHybridEngine - ok
20:59:42.0712 0x1400 [ 93190A2F166DB15FF8A9D7C260F2806F, 1FD555DE9690C9176BA1BCBE97893C01FA03425244E376FC83A72BAAA2A5AB07 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
20:59:43.0534 0x1400 RtHDVCpl - ok
20:59:43.0624 0x1400 [ E45ECE7E748F65E3A944C967C776320F, 8CF8F7EC1DC7BDE50C651AE91CB72F039B7C0A14B0506941713BA4ECB640A5E9 ] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk
20:59:43.0954 0x1400 Boingo Wi-Fi - detected UnsignedFile.Multi.Generic ( 1 )
20:59:44.0489 0x1400 Boingo Wi-Fi ( UnsignedFile.Multi.Generic ) - warning
20:59:44.0489 0x1400 Force sending object to P2P due to detect: C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk
20:59:58.0481 0x1400 Object send P2P result: true
21:00:01.0265 0x1400 [ 7A329E85E5CA8A6DF0D5E315D096653F, 0E67C8994BFB1D0257F7E9CC441F1DE9CC4994D49CBA14837702A79EB08D5B53 ] C:\windows\system32\igfxtray.exe
21:00:01.0355 0x1400 IgfxTray - ok
21:00:01.0425 0x1400 [ D51C0A0315B4065E010233DDC12A07DC, A8AC7CDCE3139197E70817EFB2C641304804D9D4D78FC1B7AF76A6CC070C712F ] C:\windows\system32\hkcmd.exe
21:00:01.0535 0x1400 HotKeysCmds - ok
21:00:01.0595 0x1400 [ F40D8F396327000DDF50FD9DE5E28831, 8A2931F085FF5F677AAF7021D5C34D061612724395C87D7AE32E70A2DEE6F8F3 ] C:\windows\system32\IgfxExt.exe
21:00:01.0707 0x1400 IgfxExt - ok
21:00:01.0817 0x1400 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:00:01.0897 0x1400 APSDaemon - ok
21:00:02.0047 0x1400 [ 6DE7D6413E5D0458882D3134D31C2446, 7605A7144165F784869A12887C80B0B49BF232146B70A94712C12D8521B9B9EF ] C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe
21:00:02.0237 0x1400 ASUSWebStorage - ok
21:00:02.0517 0x1400 [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
21:00:02.0677 0x1400 avgnt - ok
21:00:02.0909 0x1400 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:00:03.0139 0x1400 Adobe ARM - ok
21:00:03.0239 0x1400 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
21:00:03.0319 0x1400 iTunesHelper - ok
21:00:03.0439 0x1400 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
21:00:03.0539 0x1400 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
21:00:03.0539 0x1400 Detect skipped due to KSN trusted
21:00:03.0539 0x1400 QuickTime Task - ok
21:00:03.0629 0x1400 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
21:00:03.0699 0x1400 HP Software Update - ok
21:00:03.0931 0x1400 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:00:04.0241 0x1400 Sidebar - ok
21:00:04.0303 0x1400 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:00:04.0423 0x1400 mctadmin - ok
21:00:04.0603 0x1400 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:00:04.0845 0x1400 Sidebar - ok
21:00:04.0909 0x1400 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:00:05.0027 0x1400 mctadmin - ok
21:00:05.0087 0x1400 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:00:05.0137 0x1400 swg - ok
21:00:05.0197 0x1400 [ 5588812731C64305F2579DD8215037E0, 0FA8D3DE660670125C203B96FDA4DDF7A88B66C37F66E5F183C4BC7983E55709 ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
21:00:05.0227 0x1400 LDM - detected UnsignedFile.Multi.Generic ( 1 )
21:00:05.0227 0x1400 Detect skipped due to KSN trusted
21:00:05.0227 0x1400 LDM - ok
21:00:05.0539 0x1400 [ 6B06FF37263E4B3978FD358F610FAB92, E5F60B147CD4AD35DDAE8CDC991BAF5F47394D21DF11B3FAE610A118DF764A01 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
21:00:05.0921 0x1400 HP Officejet 6700 (NET) - ok
21:00:06.0051 0x1400 [ B60F618B09FDC751902B7486F3A26E92, BDF0C33960C98445018CF48F78D66F643E5AA1EDBF7E0265CE10C75F828E85AF ] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
21:00:06.0101 0x1400 iCloudServices - ok
21:00:06.0161 0x1400 Skype - ok
21:00:06.0211 0x1400 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41010 ( enabled : outofdate )
21:00:06.0231 0x1400 Win FW state via NFP2: enabled
21:00:08.0935 0x1400 ============================================================
21:00:08.0935 0x1400 Scan finished
21:00:08.0935 0x1400 ============================================================
21:00:08.0965 0x0648 Detected object count: 1
21:00:08.0965 0x0648 Actual detected object count: 1
21:01:11.0248 0x0648 Boingo Wi-Fi ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:11.0248 0x0648 Boingo Wi-Fi ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:01:51.0383 0x0c50 Deinitialize success
habe dir die Logfiles gepostet. Beim ersten Lauf hat er nichts gefunden. Nachdem ich die Parameter angepasst habe, hat er einen Fund angezeigt. Das letzte Logfile musste ich aufsplitten. Gruß Golfkirsi |
|
31.03.2015, 05:24
| #9 |
| /// the machine /// TB-Ausbilder | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglich hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.03.2015, 21:46
| #10 |
| | Combofix- LogfileCode:
ATTFilter ComboFix 15-04-01.01 - Kirsten Netbook 31.03.2015 20:44:29.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.2038.999 [GMT 2:00]
ausgeführt von:: c:\users\Kirsten Netbook\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kirsten Netbook\Favorites\Games.url
c:\windows\system32\roboot.exe
c:\windows\system32\Thumbs.db
c:\windows\unin0407.exe
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-28 bis 2015-03-31 ))))))))))))))))))))))))))))))
.
.
2015-03-31 19:28 . 2015-03-31 19:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-31 18:44 . 2015-03-31 18:44 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69BD2460-AD1D-470B-B851-3D2FDE7C3477}\offreg.dll
2015-03-31 17:59 . 2015-03-14 10:06 9119072 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69BD2460-AD1D-470B-B851-3D2FDE7C3477}\mpengine.dll
2015-03-30 17:33 . 2015-03-30 17:33 -------- d-----w- c:\programdata\Malwarebytes
2015-03-30 17:31 . 2015-03-30 18:29 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-03-30 17:31 . 2015-03-30 17:31 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-30 17:27 . 2015-03-30 17:27 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-29 16:05 . 2015-03-29 16:21 -------- d-----w- C:\FRST
2015-03-28 17:28 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2015-03-28 17:28 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2015-03-28 15:59 . 2014-12-08 02:46 308224 ----a-w- c:\windows\system32\scesrv.dll
2015-03-22 16:59 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-03-22 16:59 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2015-03-22 16:59 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2015-03-22 16:56 . 2015-02-21 00:27 772608 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-03-22 16:56 . 2015-02-20 01:23 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-03-22 16:56 . 2015-02-20 02:06 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-03-22 16:56 . 2015-02-20 01:37 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-03-22 16:56 . 2015-02-20 02:09 503296 ----a-w- c:\windows\system32\vbscript.dll
2015-03-22 16:56 . 2015-02-20 01:30 4300288 ----a-w- c:\windows\system32\jscript9.dll
2015-03-22 16:55 . 2015-02-03 03:12 171520 ----a-w- c:\windows\system32\ubpm.dll
2015-03-22 16:55 . 2015-02-20 04:13 26624 ----a-w- c:\windows\system32\lpk.dll
2015-03-22 16:55 . 2015-02-20 03:09 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-03-22 16:55 . 2015-02-20 04:13 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-03-22 16:55 . 2015-02-20 04:13 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-03-22 16:55 . 2015-02-20 04:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-03-22 16:53 . 2015-02-04 02:54 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-22 16:51 . 2015-02-03 03:12 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-03-22 16:51 . 2015-02-03 03:12 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-03-22 16:51 . 2015-02-03 03:12 8192 ----a-w- c:\windows\system32\spwmp.dll
2015-03-22 16:51 . 2015-02-03 03:10 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-03-22 16:51 . 2015-02-03 03:08 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-03-22 16:51 . 2015-02-03 03:11 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2015-03-22 16:51 . 2015-02-03 03:09 2048 ----a-w- c:\windows\system32\mferror.dll
2015-03-22 16:50 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-22 16:50 . 2015-01-17 02:30 828928 ----a-w- c:\windows\system32\msctf.dll
2015-03-22 15:07 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-03-22 14:08 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2015-03-22 14:08 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2015-03-22 14:07 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2015-03-22 14:07 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-03-22 12:28 . 2015-03-22 12:28 -------- d-s---w- c:\windows\system32\CompatTel
2015-03-22 12:28 . 2015-03-22 12:28 -------- d-----w- c:\windows\system32\appraiser
2015-03-05 07:23 . 2014-10-04 01:42 3221504 ----a-w- c:\windows\system32\mstscax.dll
2015-03-05 07:23 . 2014-10-04 01:42 131584 ----a-w- c:\windows\system32\aaclient.dll
2015-03-05 07:23 . 2014-11-26 03:32 571904 ----a-w- c:\windows\system32\oleaut32.dll
2015-03-05 07:21 . 2015-01-27 23:36 1167520 ----a-w- c:\windows\system32\aitstatic.exe
2015-03-05 07:21 . 2015-02-04 02:54 482304 ----a-w- c:\windows\system32\generaltel.dll
2015-03-05 07:21 . 2015-02-04 02:53 325632 ----a-w- c:\windows\system32\devinv.dll
2015-03-05 07:21 . 2015-02-04 02:53 621056 ----a-w- c:\windows\system32\invagent.dll
2015-03-05 07:21 . 2015-02-04 02:53 159744 ----a-w- c:\windows\system32\aepic.dll
2015-03-05 07:21 . 2015-02-04 02:49 886784 ----a-w- c:\windows\system32\aeinv.dll
2015-03-05 07:21 . 2015-02-04 02:53 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-03-05 07:21 . 2014-12-19 01:34 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-03-04 17:59 . 2015-03-28 16:55 -------- d-----w- c:\users\Kirsten Netbook\AppData\Roaming\elsterformular
2015-03-04 17:52 . 2015-03-28 16:57 -------- d-----w- c:\programdata\elsterformular
2015-03-04 17:05 . 2015-03-28 16:55 -------- d-----w- c:\program files\ElsterFormular
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-29 17:52 . 2012-07-22 17:33 778928 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-03-29 17:52 . 2011-06-19 17:27 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-22 14:38 . 2013-05-19 09:04 37896 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-03-22 14:38 . 2012-11-11 18:06 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-03-22 14:38 . 2012-11-11 18:06 105864 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-02-24 02:23 . 2010-02-02 23:23 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
2013-11-02 17:16 . 2013-11-02 17:16 50053120 ----a-w- c:\program files\GUT7EF0.tmp
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
2012-08-03 09:39 1476480 ----a-w- c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
2012-08-03 09:39 1476480 ----a-w- c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-08-03 09:39 1476480 ----a-w- c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-07 39408]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2012-02-25 32768]
"HP Officejet 6700 (NET)"="c:\program files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" [2011-09-09 1804648]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-10-31 59720]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-12-11 30872168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"HotkeyMon"="AsusSender.exe" [2011-07-13 34728]
"HotkeyService"="AsusSender.exe" [2011-07-13 34728]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-12-07 3058304]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-09-25 402608]
"LiveUpdate"="AsusSender.exe" [2011-07-13 34728]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240]
"EeeStorageBackup"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"SuperHybridEngine"="AsusSender.exe" [2011-07-13 34728]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-29 7744032]
"Boingo Wi-Fi"="c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk" [2012-01-25 2429]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-15 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-15 354840]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe" [2012-08-03 740736]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2015-03-22 704512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-10-02 421888]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\users\Kirsten Netbook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-10-27 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LDM"=c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE"
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1343400]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-02-09 11832]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-12-06 37352]
S2 AntiVirMailService;Avira Email Schutz;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2015-03-22 804600]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2015-03-22 432888]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2015-03-22 992504]
S2 avmike;AVM FRITZ!Fernzugang IKE Service;c:\program files\FRITZ!Fernzugang\avmike.exe [2010-03-30 254328]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 certsrv;AVM FRITZ!Fernzugang Cert Service;c:\program files\FRITZ!Fernzugang\certsrv.exe [2010-03-30 121720]
S2 nwtsrv;AVM FRITZ!Fernzugang Client;c:\program files\FRITZ!Fernzugang\nwtsrv.exe [2010-03-30 153464]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2015-02-16 2869040]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2008-05-19 370872]
S2 WTGService;WTGService;c:\program files\Verbindungsassistent\wtgservice.exe [2011-06-27 330696]
S3 igd;igd;c:\windows\system32\DRIVERS\igdkmd32.sys [2009-10-10 635552]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 NWIM;AVM VPN Miniport;c:\windows\system32\DRIVERS\avmnwim.sys [2010-03-30 335224]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-22 17:52]
.
2015-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 16:05]
.
2015-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 16:05]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://go.web.de/suchbox/webdesuche?su=%s
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-03-31 22:40:39
ComboFix-quarantined-files.txt 2015-03-31 20:40
.
Vor Suchlauf: 11 Verzeichnis(se), 46.991.183.872 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 46.658.715.648 Bytes frei
.
- - End Of File - - 9325A5673CBA425B76CE6D798E53751C
A36C5E4F47E84449FF07ED3517B43A31
Erbitte neue Anweisungen. Vielen Dank Golfkirsi |
|
01.04.2015, 08:49
| #11 |
| /// the machine /// TB-Ausbilder | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglich Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.04.2015, 13:35
| #12 |
| | ADWCleaner logfileCode:
ATTFilter # AdwCleaner v4.200 - Bericht erstellt 02/04/2015 um 12:06:15
# Aktualisiert 29/03/2015 von Xplode
# Datenbank : 2015-03-29.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Kirsten Netbook - KIRSTENNETBOOK
# Gestarted von : C:\Users\Kirsten Netbook\Desktop\AdwCleaner_4.200.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files\Babylon
[x] Nicht Gelöscht : C:\windows\Ap
[x] Nicht Gelöscht : C:\Users\Kirsten Netbook\AppData\Local\PackageAware
[x] Nicht Gelöscht : C:\Users\Kirsten Netbook\AppData\Roaming\PerformerSoft
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1460988
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [2107 Bytes] - [02/04/2015 11:51:42]
AdwCleaner[S0].txt - [2036 Bytes] - [02/04/2015 12:06:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2095 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 02.04.2015 Suchlauf-Zeit: 10:34:13 Logdatei: mbar.txt Administrator: Ja Version: 2.01.4.1018 Malware Datenbank: v2015.04.02.02 Rootkit Datenbank: v2015.03.31.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Kirsten Netbook Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 343256 Verstrichene Zeit: 51 Min, 6 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 3 PUP.Optional.Babylon.A, HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [be0c7ee9eb9ffd393f71c7680003619f], PUP.Optional.SpeedAnalysis2.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dgjkhjdcljddbedokogakmmdjgnbeanf, In Quarantäne, [62682146206ae1552d942bf4b74edd23], PUP.Optional.VideoPerformer.A, HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\SOFTWARE\PERFORMERSOFT LLC\Video Performer, In Quarantäne, [00caf671cdbda88e046a0cd8ab588080], Registrierungswerte: 4 PUP.Optional.SpeedTestAnalysis.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis02@SpeedAnalysis.com, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantäne, [5b6f2d3a2a6046f03ecc556fc93a03fd] PUP.Optional.Babylon.A, HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|DisplayName, Search the web (Babylon), In Quarantäne, [0cbe8ed9deaccc6a1ec7e46ace37a25e] PUP.Optional.Babylon.A, HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch, In Quarantäne, [98320d5a7e0c67cf71742925996c2bd5] PUP.Optional.SpeedTestAnalysis.A, HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis02@SpeedAnalysis.com, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantäne, [edddc0a766246cca1cefe0e47192a35d] Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 9 PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\SpeedAnalysis2, In Quarantäne, [3991c3a42f5b082e9e442eef51b45ca4], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\mz, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], Dateien: 48 PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx, In Quarantäne, [3991c3a42f5b082e9e442eef51b45ca4], PUP.Optional.SpeedAnalysis2.A, C:\Users\Kirsten Netbook\AppData\Roaming\speedanalysis.ico, In Quarantäne, [6d5d5a0d23676cca1f9061bf6a9b6997], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\background.html, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\bg.js, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\button.xml, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\config.js, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\content.js, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.js, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.xul, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon128.png, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon16.png, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.ico, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.png, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.ico, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.png, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.ico, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.png, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon48.png, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\jquery-1.6.2.min.js, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\options.xul, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\settings.json, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\background.js, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\content.js, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\framework.css, In Quarantäne, [b1193235ee9c93a37adae9c641c28b75], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\background.html, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\bg.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\ci.bg.pack.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\ci.browser.helper.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\ci.content.pack.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\content.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon128.png, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon16.png, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon18.ico, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon18.png, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon24.ico, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon24.png, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon32.ico, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon32.png, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\icon48.png, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\jquery-1.6.2.min.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\jquery.uuid.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\manifest.json, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\popup.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\settings.json, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\mz\background.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], PUP.Optional.SpeedAnalysis.A, C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.0\mz\content.js, In Quarantäne, [93376007b9d1c274e570f2bd7093ef11], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.1 (04.02.2015:1)
OS: Windows 7 Home Premium x86
Ran by Kirsten Netbook on 02.04.2015 at 13:01:34,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Kirsten Netbook\AppData\Roaming\performersoft"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.04.2015 at 13:16:39,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Kirsten Netbook (administrator) on KIRSTENNETBOOK on 02-04-2015 14:26:56 Running from C:\Users\Kirsten Netbook\Desktop Loaded Profiles: Kirsten Netbook (Available profiles: Kirsten Netbook) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ASUS) C:\Windows\AsScrPro.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe () C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS Cloud Corporation) C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe () C:\Windows\System32\AsusService.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe (AsusTek Computer Inc.) C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Verbindungsassistent\WTGService.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Thisisu) C:\Users\Kirsten Netbook\Desktop\JRT.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated) HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.) HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1021424 2009-10-17] (ASUSTeK Computer Inc.) HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2009-12-07] (ASUS) HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [402608 2009-09-26] () HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.) HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated) HKLM\...\Run: [EeeStorageBackup] => C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1732608 2009-11-26] () HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-27] (ASUSTeK Computer Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032 2009-09-29] (Realtek Semiconductor) HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2012-01-25] () HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-22] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-02-07] (Google Inc.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768 2012-02-25] (Logitech) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.) Startup: C:\Users\Kirsten Netbook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {2056C5CD-58DC-4BAA-8A40-394CDC65FF63} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {A3A0D795-C88A-4280-A52C-47B031A6634C} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {F998415F-72B7-4022-88E4-5BFD2AF313C2} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-09] (RealPlayer) BHO: Asz.Citavi.IEPicker.IEPickerButton -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) Toolbar: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://webvpn.fernuni-hagen.de/+CSCOL+/relayp.cab DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://webvpn.fernuni-hagen.de/CACHE/stc/1/binaries/vpnweb.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: bw+0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw+0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw-0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw-0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw00 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw00s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw10 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw10s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw20 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw20s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw30 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw30s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw40 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw40s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw50 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw50s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw60 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw60s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw70 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw70s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw80 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw80s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw90 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw90s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwa0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwa0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwb0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwb0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwc0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwc0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwd0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwd0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwe0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwe0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwf0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwf0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwg0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwg0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwh0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwh0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwi0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwi0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwj0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwj0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwk0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwk0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwl0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwl0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwm0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwm0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwn0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwn0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwo0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwo0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwp0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwp0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwq0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwq0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwr0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwr0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bws0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bws0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwt0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwt0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwu0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwu0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwv0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwv0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bww0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bww0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwx0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwx0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwy0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwy0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwz0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwz0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: offline-8876480 - {A83C21FA-BB10-4C67-A5E1-0E25BD1FA872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-26] FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext Chrome: ======= CHR Profile: C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-12-22] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [804600 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed] R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin) R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 WTGService; C:\Program Files\Verbindungsassistent\wtgservice.exe [330696 2011-06-27] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] () R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-06] (Avira Operations GmbH & Co. KG) R3 igd; C:\windows\System32\DRIVERS\igdkmd32.sys [635552 2009-10-10] (Intel Corporation) R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( ) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation) S3 Netaapl; C:\windows\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [File not signed] R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin) R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2012-11-11] (Avira GmbH) S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed] U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 btwaudio; system32\drivers\btwaudio.sys [X] S3 btwavdt; \SystemRoot\system32\DRIVERS\btwavdt.sys [X] S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X] S3 btwrchid; \SystemRoot\system32\DRIVERS\btwrchid.sys [X] S3 catchme; \??\C:\Users\KIRSTE~1\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-02 13:16 - 2015-04-02 13:16 - 00000726 _____ () C:\Users\Kirsten Netbook\Desktop\JRT.txt 2015-04-02 13:01 - 2015-04-02 13:01 - 00000207 _____ () C:\windows\tweaking.com-regbackup-KIRSTENNETBOOK-Windows-7-Home-Premium-(32-bit).dat 2015-04-02 13:01 - 2015-04-02 13:01 - 00000000 ____D () C:\RegBackup 2015-04-02 12:36 - 2015-04-02 12:36 - 02690981 _____ (Thisisu) C:\Users\Kirsten Netbook\Desktop\JRT.exe 2015-04-02 11:51 - 2015-04-02 12:06 - 00000000 ____D () C:\AdwCleaner 2015-04-02 11:39 - 2015-04-02 11:39 - 02208768 _____ () C:\Users\Kirsten Netbook\Desktop\AdwCleaner_4.200.exe 2015-04-02 11:34 - 2015-04-02 11:34 - 00014462 _____ () C:\mbar.txt 2015-04-02 08:04 - 2015-04-02 08:04 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-04-02 08:04 - 2015-04-02 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-04-02 08:04 - 2015-04-02 08:04 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2015-04-02 08:04 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-04-02 08:04 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-04-02 07:53 - 2015-04-02 07:54 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Kirsten Netbook\Desktop\mbam-setup-2.1.4.1018.exe 2015-03-31 22:40 - 2015-03-31 22:40 - 00017037 _____ () C:\ComboFix.txt 2015-03-31 20:36 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe 2015-03-31 20:36 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe 2015-03-31 20:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe 2015-03-31 20:34 - 2015-03-31 22:40 - 00000000 ____D () C:\Qoobox 2015-03-31 20:32 - 2015-03-31 22:36 - 00000000 ____D () C:\windows\erdnt 2015-03-31 20:30 - 2015-03-31 20:30 - 05617096 ____R (Swearware) C:\Users\Kirsten Netbook\Desktop\ComboFix.exe 2015-03-30 20:34 - 2015-03-30 20:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Kirsten Netbook\Desktop\tdsskiller.exe 2015-03-30 19:33 - 2015-04-02 08:04 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-30 19:31 - 2015-04-02 12:57 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-30 19:31 - 2015-03-30 20:29 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-03-30 19:27 - 2015-03-30 20:29 - 00000000 ____D () C:\Users\Kirsten Netbook\Desktop\mbar 2015-03-30 19:27 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-03-30 19:25 - 2015-03-30 19:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kirsten Netbook\Desktop\mbar-1.09.1.1004.exe 2015-03-29 18:13 - 2015-03-29 18:21 - 00037936 _____ () C:\Users\Kirsten Netbook\Desktop\Addition.txt 2015-03-29 18:05 - 2015-04-02 14:28 - 00035346 _____ () C:\Users\Kirsten Netbook\Desktop\FRST.txt 2015-03-29 18:05 - 2015-04-02 14:27 - 00000000 ____D () C:\FRST 2015-03-29 18:04 - 2015-03-29 18:05 - 01135104 _____ (Farbar) C:\Users\Kirsten Netbook\Desktop\FRST.exe 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL 2015-03-28 17:59 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll 2015-03-22 18:59 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll 2015-03-22 18:59 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll 2015-03-22 18:59 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll 2015-03-22 18:57 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-03-22 18:57 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-03-22 18:57 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-03-22 18:57 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-03-22 18:57 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-03-22 18:57 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-03-22 18:57 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-03-22 18:57 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-03-22 18:57 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-03-22 18:57 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-03-22 18:57 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-03-22 18:57 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-03-22 18:57 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-03-22 18:57 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-03-22 18:57 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-03-22 18:57 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-03-22 18:57 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-03-22 18:57 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-03-22 18:57 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-03-22 18:57 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-03-22 18:56 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-03-22 18:56 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-03-22 18:56 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-03-22 18:56 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-03-22 18:56 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-03-22 18:56 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-03-22 18:56 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-03-22 18:56 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-03-22 18:56 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-03-22 18:56 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2015-03-22 18:55 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2015-03-22 18:55 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll 2015-03-22 18:53 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll 2015-03-22 18:52 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe 2015-03-22 18:52 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-03-22 18:52 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys 2015-03-22 18:52 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-03-22 18:52 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll 2015-03-22 18:52 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe 2015-03-22 18:52 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys 2015-03-22 18:52 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys 2015-03-22 18:52 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2015-03-22 18:52 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe 2015-03-22 18:52 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe 2015-03-22 18:52 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll 2015-03-22 18:51 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll 2015-03-22 18:51 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx 2015-03-22 18:51 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll 2015-03-22 18:51 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL 2015-03-22 18:51 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll 2015-03-22 18:51 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll 2015-03-22 18:51 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-03-22 18:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll 2015-03-22 18:50 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll 2015-03-22 18:49 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-03-22 18:49 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-03-22 18:49 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-03-22 18:49 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-03-22 18:49 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-03-22 18:49 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-03-22 18:49 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-03-22 18:49 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-03-22 18:49 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-03-22 18:49 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-03-22 17:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll 2015-03-22 16:58 - 2015-03-22 16:58 - 00057060 _____ () C:\Users\Kirsten Netbook\Documents\AVSCAN-20150322-144821-6E1AC39D.LOG 2015-03-22 16:56 - 2015-03-22 16:56 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2015-03-22 16:08 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll 2015-03-22 16:08 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll 2015-03-22 16:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe 2015-03-22 16:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe 2015-03-22 14:28 - 2015-03-22 14:28 - 00000000 ___SD () C:\windows\system32\CompatTel 2015-03-22 14:28 - 2015-03-22 14:28 - 00000000 ____D () C:\windows\system32\appraiser 2015-03-05 10:43 - 2015-01-09 01:44 - 00419936 _____ () C:\windows\system32\locale.nls 2015-03-05 09:23 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll 2015-03-05 09:23 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2015-03-05 09:23 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll 2015-03-05 09:21 - 2015-02-04 04:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2015-03-05 09:21 - 2015-02-04 04:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-03-05 09:21 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe 2015-03-05 09:21 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2015-03-05 08:50 - 2015-04-02 12:09 - 00000616 _____ () C:\windows\setupact.log 2015-03-05 08:50 - 2015-03-05 08:50 - 00000000 _____ () C:\windows\setuperr.log 2015-03-05 08:48 - 2015-04-02 10:06 - 00002228 _____ () C:\windows\PFRO.log 2015-03-04 23:25 - 2015-03-04 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-03-04 22:02 - 2015-03-04 22:02 - 00007611 _____ () C:\Users\Kirsten Netbook\AppData\Local\Resmon.ResmonCfg 2015-03-04 20:06 - 2015-03-04 20:06 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk 2015-03-04 20:06 - 2015-03-04 20:06 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 7.lnk 2015-03-04 19:59 - 2015-03-28 18:55 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\elsterformular 2015-03-04 19:52 - 2015-03-28 18:57 - 00000000 ____D () C:\ProgramData\elsterformular 2015-03-04 19:05 - 2015-03-28 18:55 - 00000000 ____D () C:\Program Files\ElsterFormular 2015-03-04 18:36 - 2015-03-04 18:46 - 205863960 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kirsten Netbook\Downloads\ElsterFormular-16.0.20150211k.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-02 13:51 - 2013-11-02 19:24 - 01903361 _____ () C:\windows\WindowsUpdate.log 2015-04-02 13:32 - 2010-02-12 01:30 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-02 13:30 - 2012-07-22 19:33 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-04-02 12:21 - 2009-07-14 06:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-02 12:21 - 2009-07-14 06:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-02 12:18 - 2010-02-03 01:30 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\Skype 2015-04-02 12:09 - 2010-03-11 18:34 - 00065536 _____ () C:\windows\system32\Ikeext.etl 2015-04-02 12:09 - 2010-02-12 01:30 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-02 12:09 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-04-02 11:34 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\tracing 2015-03-31 22:40 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2015-03-31 21:29 - 2009-07-14 04:04 - 00000215 _____ () C:\windows\system.ini 2015-03-30 19:24 - 2009-07-26 23:56 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI 2015-03-29 20:07 - 2011-02-23 20:32 - 00000000 ____D () C:\Program Files\Real 2015-03-29 20:06 - 2011-02-23 20:32 - 00000000 ____D () C:\ProgramData\Real 2015-03-29 20:05 - 2014-12-29 13:33 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-29 20:04 - 2011-02-23 20:32 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\Real 2015-03-29 19:53 - 2010-02-03 00:47 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Local\Adobe 2015-03-29 19:52 - 2012-07-22 19:33 - 00778928 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2015-03-29 19:52 - 2011-06-19 19:27 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2015-03-29 19:41 - 2009-07-14 06:33 - 00418496 _____ () C:\windows\system32\FNTCACHE.DAT 2015-03-29 12:59 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE 2015-03-29 12:54 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET 2015-03-28 20:30 - 2009-12-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-28 20:04 - 2013-09-07 20:07 - 00000000 ____D () C:\windows\system32\MRT 2015-03-28 19:49 - 2010-02-04 00:43 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-03-22 18:05 - 2010-06-16 00:07 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-03-22 18:02 - 2009-07-14 09:49 - 00000000 ____D () C:\Program Files\Windows Journal 2015-03-22 16:38 - 2013-05-19 11:04 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys 2015-03-22 16:38 - 2012-11-11 20:06 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys 2015-03-22 16:38 - 2012-11-11 20:06 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2015-03-22 15:56 - 2010-06-17 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-03-22 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat 2015-03-04 23:21 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache ==================== Files in the root of some directories ======= 2013-11-02 19:16 - 2013-11-02 19:16 - 50053120 _____ () C:\Program Files\GUT7EF0.tmp 2010-02-03 01:31 - 2010-02-03 01:31 - 0000000 _____ () C:\Users\Kirsten Netbook\AppData\Roaming\wklnhst.dat 2011-02-22 12:07 - 2011-02-22 12:07 - 0003584 _____ () C:\Users\Kirsten Netbook\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-04 22:02 - 2015-03-04 22:02 - 0007611 _____ () C:\Users\Kirsten Netbook\AppData\Local\Resmon.ResmonCfg 2013-08-02 20:43 - 2013-08-02 20:43 - 0000057 _____ () C:\ProgramData\Ament.ini 2010-05-18 16:34 - 2010-05-18 16:34 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Some content of TEMP: ==================== C:\Users\Kirsten Netbook\AppData\Local\Temp\avgnt.exe C:\Users\Kirsten Netbook\AppData\Local\Temp\Quarantine.exe C:\Users\Kirsten Netbook\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\windows\explorer.exe => File is digitally signed C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-02 12:56 ==================== End Of Log ============================ --- --- --- |
|
02.04.2015, 13:38
| #13 |
| | neues frst file FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Kirsten Netbook (administrator) on KIRSTENNETBOOK on 02-04-2015 14:26:56 Running from C:\Users\Kirsten Netbook\Desktop Loaded Profiles: Kirsten Netbook (Available profiles: Kirsten Netbook) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ASUS) C:\Windows\AsScrPro.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe () C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS Cloud Corporation) C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe () C:\Windows\System32\AsusService.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe (AsusTek Computer Inc.) C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe (ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Verbindungsassistent\WTGService.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Thisisu) C:\Users\Kirsten Netbook\Desktop\JRT.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated) HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.) HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1021424 2009-10-17] (ASUSTeK Computer Inc.) HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2009-12-07] (ASUS) HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [402608 2009-09-26] () HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.) HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated) HKLM\...\Run: [EeeStorageBackup] => C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1732608 2009-11-26] () HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-27] (ASUSTeK Computer Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032 2009-09-29] (Realtek Semiconductor) HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2012-01-25] () HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-22] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-02-07] (Google Inc.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768 2012-02-25] (Logitech) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.) Startup: C:\Users\Kirsten Netbook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {2056C5CD-58DC-4BAA-8A40-394CDC65FF63} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {A3A0D795-C88A-4280-A52C-47B031A6634C} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> {F998415F-72B7-4022-88E4-5BFD2AF313C2} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-09] (RealPlayer) BHO: Asz.Citavi.IEPicker.IEPickerButton -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) Toolbar: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://webvpn.fernuni-hagen.de/+CSCOL+/relayp.cab DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://webvpn.fernuni-hagen.de/CACHE/stc/1/binaries/vpnweb.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: bw+0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw+0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw-0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw-0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw00 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw00s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw10 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw10s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw20 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw20s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw30 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw30s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw40 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw40s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw50 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw50s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw60 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw60s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw70 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw70s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw80 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw80s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw90 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bw90s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwa0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwa0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwb0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwb0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwc0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwc0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwd0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwd0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwe0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwe0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwf0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwf0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwg0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwg0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwh0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwh0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwi0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwi0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwj0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwj0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwk0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwk0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwl0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwl0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwm0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwm0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwn0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwn0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwo0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwo0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwp0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwp0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwq0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwq0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwr0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwr0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bws0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bws0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwt0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwt0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwu0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwu0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwv0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwv0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bww0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bww0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwx0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwx0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwy0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwy0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwz0 - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: bwz0s - {a83c21fa-bb10-4c67-a5e1-0e25bd1fa872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: offline-8876480 - {A83C21FA-BB10-4C67-A5E1-0E25BD1FA872} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [2012-02-25] (BackWeb Technologies Inc. ) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-04] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-26] FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext Chrome: ======= CHR Profile: C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kirsten Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-12-22] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [804600 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-22] (Avira Operations GmbH & Co. KG) R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed] R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin) R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 WTGService; C:\Program Files\Verbindungsassistent\wtgservice.exe [330696 2011-06-27] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] () R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-06] (Avira Operations GmbH & Co. KG) R3 igd; C:\windows\System32\DRIVERS\igdkmd32.sys [635552 2009-10-10] (Intel Corporation) R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( ) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation) S3 Netaapl; C:\windows\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [File not signed] R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin) R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2012-11-11] (Avira GmbH) S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed] U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 btwaudio; system32\drivers\btwaudio.sys [X] S3 btwavdt; \SystemRoot\system32\DRIVERS\btwavdt.sys [X] S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X] S3 btwrchid; \SystemRoot\system32\DRIVERS\btwrchid.sys [X] S3 catchme; \??\C:\Users\KIRSTE~1\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-02 13:16 - 2015-04-02 13:16 - 00000726 _____ () C:\Users\Kirsten Netbook\Desktop\JRT.txt 2015-04-02 13:01 - 2015-04-02 13:01 - 00000207 _____ () C:\windows\tweaking.com-regbackup-KIRSTENNETBOOK-Windows-7-Home-Premium-(32-bit).dat 2015-04-02 13:01 - 2015-04-02 13:01 - 00000000 ____D () C:\RegBackup 2015-04-02 12:36 - 2015-04-02 12:36 - 02690981 _____ (Thisisu) C:\Users\Kirsten Netbook\Desktop\JRT.exe 2015-04-02 11:51 - 2015-04-02 12:06 - 00000000 ____D () C:\AdwCleaner 2015-04-02 11:39 - 2015-04-02 11:39 - 02208768 _____ () C:\Users\Kirsten Netbook\Desktop\AdwCleaner_4.200.exe 2015-04-02 11:34 - 2015-04-02 11:34 - 00014462 _____ () C:\mbar.txt 2015-04-02 08:04 - 2015-04-02 08:04 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-04-02 08:04 - 2015-04-02 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-04-02 08:04 - 2015-04-02 08:04 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2015-04-02 08:04 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-04-02 08:04 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-04-02 07:53 - 2015-04-02 07:54 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Kirsten Netbook\Desktop\mbam-setup-2.1.4.1018.exe 2015-03-31 22:40 - 2015-03-31 22:40 - 00017037 _____ () C:\ComboFix.txt 2015-03-31 20:36 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe 2015-03-31 20:36 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe 2015-03-31 20:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe 2015-03-31 20:36 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe 2015-03-31 20:34 - 2015-03-31 22:40 - 00000000 ____D () C:\Qoobox 2015-03-31 20:32 - 2015-03-31 22:36 - 00000000 ____D () C:\windows\erdnt 2015-03-31 20:30 - 2015-03-31 20:30 - 05617096 ____R (Swearware) C:\Users\Kirsten Netbook\Desktop\ComboFix.exe 2015-03-30 20:34 - 2015-03-30 20:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Kirsten Netbook\Desktop\tdsskiller.exe 2015-03-30 19:33 - 2015-04-02 08:04 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-30 19:31 - 2015-04-02 12:57 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-30 19:31 - 2015-03-30 20:29 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-03-30 19:27 - 2015-03-30 20:29 - 00000000 ____D () C:\Users\Kirsten Netbook\Desktop\mbar 2015-03-30 19:27 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-03-30 19:25 - 2015-03-30 19:25 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kirsten Netbook\Desktop\mbar-1.09.1.1004.exe 2015-03-29 18:13 - 2015-03-29 18:21 - 00037936 _____ () C:\Users\Kirsten Netbook\Desktop\Addition.txt 2015-03-29 18:05 - 2015-04-02 14:28 - 00035346 _____ () C:\Users\Kirsten Netbook\Desktop\FRST.txt 2015-03-29 18:05 - 2015-04-02 14:27 - 00000000 ____D () C:\FRST 2015-03-29 18:04 - 2015-03-29 18:05 - 01135104 _____ (Farbar) C:\Users\Kirsten Netbook\Desktop\FRST.exe 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL 2015-03-28 19:28 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL 2015-03-28 17:59 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll 2015-03-22 18:59 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll 2015-03-22 18:59 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll 2015-03-22 18:59 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll 2015-03-22 18:57 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-03-22 18:57 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-03-22 18:57 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-03-22 18:57 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-03-22 18:57 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-03-22 18:57 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-03-22 18:57 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-03-22 18:57 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-03-22 18:57 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-03-22 18:57 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-03-22 18:57 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-03-22 18:57 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-03-22 18:57 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-03-22 18:57 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-03-22 18:57 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-03-22 18:57 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-03-22 18:57 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-03-22 18:57 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-03-22 18:57 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-03-22 18:57 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-03-22 18:56 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-03-22 18:56 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-03-22 18:56 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-03-22 18:56 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-03-22 18:56 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-03-22 18:56 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-03-22 18:56 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-03-22 18:56 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-03-22 18:56 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-03-22 18:56 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2015-03-22 18:55 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2015-03-22 18:55 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2015-03-22 18:55 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll 2015-03-22 18:53 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll 2015-03-22 18:52 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe 2015-03-22 18:52 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-03-22 18:52 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys 2015-03-22 18:52 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-03-22 18:52 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll 2015-03-22 18:52 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll 2015-03-22 18:52 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe 2015-03-22 18:52 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe 2015-03-22 18:52 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys 2015-03-22 18:52 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys 2015-03-22 18:52 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2015-03-22 18:52 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe 2015-03-22 18:52 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe 2015-03-22 18:52 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll 2015-03-22 18:51 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll 2015-03-22 18:51 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx 2015-03-22 18:51 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll 2015-03-22 18:51 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL 2015-03-22 18:51 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll 2015-03-22 18:51 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll 2015-03-22 18:51 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-03-22 18:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll 2015-03-22 18:50 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll 2015-03-22 18:49 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-03-22 18:49 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-03-22 18:49 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-03-22 18:49 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-03-22 18:49 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-03-22 18:49 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-03-22 18:49 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-03-22 18:49 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-03-22 18:49 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-03-22 18:49 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-03-22 18:49 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-03-22 17:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll 2015-03-22 16:58 - 2015-03-22 16:58 - 00057060 _____ () C:\Users\Kirsten Netbook\Documents\AVSCAN-20150322-144821-6E1AC39D.LOG 2015-03-22 16:56 - 2015-03-22 16:56 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2015-03-22 16:08 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll 2015-03-22 16:08 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll 2015-03-22 16:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe 2015-03-22 16:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe 2015-03-22 14:28 - 2015-03-22 14:28 - 00000000 ___SD () C:\windows\system32\CompatTel 2015-03-22 14:28 - 2015-03-22 14:28 - 00000000 ____D () C:\windows\system32\appraiser 2015-03-05 10:43 - 2015-01-09 01:44 - 00419936 _____ () C:\windows\system32\locale.nls 2015-03-05 09:23 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll 2015-03-05 09:23 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2015-03-05 09:23 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll 2015-03-05 09:21 - 2015-02-04 04:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-03-05 09:21 - 2015-02-04 04:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2015-03-05 09:21 - 2015-02-04 04:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-03-05 09:21 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe 2015-03-05 09:21 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2015-03-05 08:50 - 2015-04-02 12:09 - 00000616 _____ () C:\windows\setupact.log 2015-03-05 08:50 - 2015-03-05 08:50 - 00000000 _____ () C:\windows\setuperr.log 2015-03-05 08:48 - 2015-04-02 10:06 - 00002228 _____ () C:\windows\PFRO.log 2015-03-04 23:25 - 2015-03-04 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-03-04 22:02 - 2015-03-04 22:02 - 00007611 _____ () C:\Users\Kirsten Netbook\AppData\Local\Resmon.ResmonCfg 2015-03-04 20:06 - 2015-03-04 20:06 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk 2015-03-04 20:06 - 2015-03-04 20:06 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 7.lnk 2015-03-04 19:59 - 2015-03-28 18:55 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\elsterformular 2015-03-04 19:52 - 2015-03-28 18:57 - 00000000 ____D () C:\ProgramData\elsterformular 2015-03-04 19:05 - 2015-03-28 18:55 - 00000000 ____D () C:\Program Files\ElsterFormular 2015-03-04 18:36 - 2015-03-04 18:46 - 205863960 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kirsten Netbook\Downloads\ElsterFormular-16.0.20150211k.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-02 13:51 - 2013-11-02 19:24 - 01903361 _____ () C:\windows\WindowsUpdate.log 2015-04-02 13:32 - 2010-02-12 01:30 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-02 13:30 - 2012-07-22 19:33 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-04-02 12:21 - 2009-07-14 06:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-02 12:21 - 2009-07-14 06:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-02 12:18 - 2010-02-03 01:30 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\Skype 2015-04-02 12:09 - 2010-03-11 18:34 - 00065536 _____ () C:\windows\system32\Ikeext.etl 2015-04-02 12:09 - 2010-02-12 01:30 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-02 12:09 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-04-02 11:34 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\tracing 2015-03-31 22:40 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2015-03-31 21:29 - 2009-07-14 04:04 - 00000215 _____ () C:\windows\system.ini 2015-03-30 19:24 - 2009-07-26 23:56 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI 2015-03-29 20:07 - 2011-02-23 20:32 - 00000000 ____D () C:\Program Files\Real 2015-03-29 20:06 - 2011-02-23 20:32 - 00000000 ____D () C:\ProgramData\Real 2015-03-29 20:05 - 2014-12-29 13:33 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-29 20:04 - 2011-02-23 20:32 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Roaming\Real 2015-03-29 19:53 - 2010-02-03 00:47 - 00000000 ____D () C:\Users\Kirsten Netbook\AppData\Local\Adobe 2015-03-29 19:52 - 2012-07-22 19:33 - 00778928 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe 2015-03-29 19:52 - 2011-06-19 19:27 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl 2015-03-29 19:41 - 2009-07-14 06:33 - 00418496 _____ () C:\windows\system32\FNTCACHE.DAT 2015-03-29 12:59 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE 2015-03-29 12:54 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET 2015-03-28 20:30 - 2009-12-07 16:27 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-28 20:04 - 2013-09-07 20:07 - 00000000 ____D () C:\windows\system32\MRT 2015-03-28 19:49 - 2010-02-04 00:43 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-03-22 18:05 - 2010-06-16 00:07 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-03-22 18:02 - 2009-07-14 09:49 - 00000000 ____D () C:\Program Files\Windows Journal 2015-03-22 16:38 - 2013-05-19 11:04 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys 2015-03-22 16:38 - 2012-11-11 20:06 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys 2015-03-22 16:38 - 2012-11-11 20:06 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2015-03-22 15:56 - 2010-06-17 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-03-22 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat 2015-03-04 23:21 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache ==================== Files in the root of some directories ======= 2013-11-02 19:16 - 2013-11-02 19:16 - 50053120 _____ () C:\Program Files\GUT7EF0.tmp 2010-02-03 01:31 - 2010-02-03 01:31 - 0000000 _____ () C:\Users\Kirsten Netbook\AppData\Roaming\wklnhst.dat 2011-02-22 12:07 - 2011-02-22 12:07 - 0003584 _____ () C:\Users\Kirsten Netbook\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-04 22:02 - 2015-03-04 22:02 - 0007611 _____ () C:\Users\Kirsten Netbook\AppData\Local\Resmon.ResmonCfg 2013-08-02 20:43 - 2013-08-02 20:43 - 0000057 _____ () C:\ProgramData\Ament.ini 2010-05-18 16:34 - 2010-05-18 16:34 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Some content of TEMP: ==================== C:\Users\Kirsten Netbook\AppData\Local\Temp\avgnt.exe C:\Users\Kirsten Netbook\AppData\Local\Temp\Quarantine.exe C:\Users\Kirsten Netbook\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\windows\explorer.exe => File is digitally signed C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-02 12:56 ==================== End Of Log ============================ --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Kirsten Netbook at 2015-04-02 14:30:23
Running from C:\Users\Kirsten Netbook\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.5 (HKLM\...\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}) (Version: 3.5.1 - Adobe)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Antivirus Pro (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.04 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
b-Cards 3.2 Version 3.2 (Vista/Win7) (HKLM\...\{BAE1F999-4707-4E17-8294-273DF3037E6F}_is1) (Version: 3.2 (Vista/Win7) - Birdigee)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
CDRWIN 7 (HKLM\...\{389BE10D-555B-495B-A83E-E3D94B66D26A}) (Version: 7.0.8.527 - S.A.D.)
Cisco AnyConnect VPN Client (HKLM\...\{96C6C69B-B21D-48D9-8ACC-52AE3EB361A2}) (Version: 2.2.0133 - Cisco Systems, Inc.)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 2.5 (HKLM\...\Citavi) (Version: 2.5.2.0 - Academic Software Zurich)
Citrix Presentation Server Client - Nur Web (HKLM\...\{23E8D2D6-F7C8-4A35-816C-6C914EE0A601}) (Version: 10.150.58643 - Citrix Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.3 - )
Eee Docking 3.3.0 (HKLM\...\Eee Docking_is1) (Version: 3.3.0 - ASUSTek Computer Inc.)
FILEminimizer Pictures (HKLM\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
FileOpen Client (HKLM\...\{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}) (Version: 3.0.16.879 - FileOpen Systems, Inc.)
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.15 - AsusTek Computer)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{87B2E9C6-8AC1-43EF-9072-DB2EF0A49680}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 9.7.3 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version: - Intel Corporation)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_19 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142190}) (Version: 1.4.2_19 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.29 - AsusTek Computer Inc.)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.01.02 - Logitech, Inc.)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{26257879-B20D-4D30-A429-B387A4890929}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Communicator 2007 (HKLM\...\{0FCA0973-24C0-48EA-8CF6-71B53C135C09}) (Version: 2.0.6362.0 - Microsoft Corporation)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM\...\OMUI.nl-nl) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - French/Français (HKLM\...\OMUI.fr-fr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Italian/Italiano (HKLM\...\OMUI.it-it) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0 - RealNetworks) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0130 - REALTEK Semiconductor Corp.)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1800 - SRS Labs, Inc.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.39049 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
Verbindungsassistent (HKLM\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Kirsten Netbook\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Kirsten Netbook\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
==================== Restore Points =========================
28-03-2015 18:00:00 Windows-Sicherung
28-03-2015 18:02:32 Windows Update
29-03-2015 12:36:07 Windows Update
29-03-2015 15:10:56 Removed ebi.BookReader3J
29-03-2015 17:56:05 Removed ebi.BookReader3J
29-03-2015 19:00:45 Windows-Sicherung
29-03-2015 20:13:53 Removed ebi.BookReader3J
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2015-03-31 21:28 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {079519C7-79CD-4826-AC43-8C37A87AAA9F} - System32\Tasks\{19F80B1B-01D7-4B38-8D93-A092DBA51E5D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {11432A0C-F225-4641-B405-6F1314D3ECBA} - System32\Tasks\{AF5831CF-F5CC-4167-9005-87540502B82C} => pcalua.exe -a E:\Verbindungsassistent\setup.exe -d E:\Verbindungsassistent
Task: {222B8AC3-BF54-4A05-9716-AFD9D413B1E2} - System32\Tasks\{50E22A1D-2377-44FA-95F5-E6147F031453} => pcalua.exe -a "C:\Program Files\Verbindungsassistent\Uninstaller.exe"
Task: {2390EBDB-2951-435E-80B5-489BDC9527C0} - System32\Tasks\{D79687B4-7E68-40A5-906A-ED7D12EC442F} => pcalua.exe -a "E:\Avira AntiVir Premium\avira_antivirus_premium_de.exe" -d "E:\Avira AntiVir Premium"
Task: {2B5CB29C-793C-4CAD-8284-DF6A6E3FB9A3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {4D8CA824-41F0-430D-8960-7E872C97E861} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {5A7E1106-B2AC-4B16-8211-3410E271948C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5FECBC36-3FC4-4C2A-A6FE-2062A4759F33} - System32\Tasks\Update- und Informations-Manager => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2012-02-25] (Logitech)
Task: {61316885-6202-415E-997F-BFC360241E0F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe
Task: {6A1B19B0-838C-40C8-83FB-1F6310205B63} - System32\Tasks\{7F93A435-B317-4DB2-9350-73A97D7059AE} => pcalua.exe -a "C:\Program Files\ElsterFormular\bin\installationsverwaltung.exe" -d "C:\Program Files\ElsterFormular\bin" -c --zeigeDlg
Task: {75DAEAAA-31E9-4CEC-B201-CAE8A8504572} - System32\Tasks\{230793ED-72EA-48A0-A706-41A6CB6B1213} => pcalua.exe -a E:\Radiotracker\Radiotracker6.exe -d E:\Radiotracker
Task: {78FE2AE6-098D-4013-9270-90EC4649790A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {80695B6C-60FB-49BC-B39F-782E8F90455F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {83C6AADB-8B32-4BCF-9344-347A093032E3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-29] (Adobe Systems Incorporated)
Task: {8FC2B7D0-D141-457F-A838-9A7700700617} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {C5E21B80-4D26-43FE-9C56-72B74D6D571C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {CCDC2DBC-C152-4E95-B107-3A3926EC7660} - System32\Tasks\Festplatte reinigen => C:\Windows\System32\cleanmgr.exe [2009-07-14] (Microsoft Corporation)
Task: {DA1E871B-5210-4887-8829-850517EE6EE5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {E3798267-96D1-40C7-ADDD-F54C9B241069} - System32\Tasks\{EFB8FC22-DB0F-4EF5-B9A8-DDBEDAD7B3FA} => pcalua.exe -a "C:\Users\Kirsten Netbook\Downloads\vpnclient-win-msi-5.0.exe" -d "C:\Users\Kirsten Netbook\Downloads"
Task: {F4C4E744-5087-4C09-81D2-137241617607} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {FB92EDBC-96ED-4C75-B4E7-026AAE88A910} - System32\Tasks\Logitech-Online-Aktualisierungsprogramm => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-02-25] (Logitech)
Task: {FC7CF5D3-9096-4533-B181-F0823768783B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2009-11-26 15:52 - 2009-11-26 15:52 - 01732608 _____ () C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-05 09:19 - 2011-09-05 09:19 - 00028672 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll
2009-12-07 16:19 - 2009-08-19 03:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe
2011-07-13 09:38 - 2011-07-13 09:38 - 00181664 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2011-01-24 10:20 - 2011-06-27 22:38 - 00330696 _____ () C:\Program Files\Verbindungsassistent\wtgservice.exe
2009-12-07 16:50 - 2009-09-26 00:02 - 00402608 _____ () C:\Program Files\Asus\Eee Docking\Eee Docking.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kirsten Netbook\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1967279032-2498529286-1251811412-500 - Administrator - Disabled)
Gast (S-1-5-21-1967279032-2498529286-1251811412-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1967279032-2498529286-1251811412-1006 - Limited - Enabled)
Kirsten Netbook (S-1-5-21-1967279032-2498529286-1251811412-1000 - Administrator - Enabled) => C:\Users\Kirsten Netbook
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (04/02/2015 02:30:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU Z520 @ 1.33GHz
Percentage of memory in use: 54%
Total physical RAM: 2037.93 MB
Available physical RAM: 919.77 MB
Total Pagefile: 4075.86 MB
Available Pagefile: 2436.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:43.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:122.87 GB) (Free:25.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: ABF319E9)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=122.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=1B)
Partition 4: (Not Active) - (Size=17 MB) - (Type=EF)
==================== End Of Log ============================
bitte weitere Anweisungen. Vielen Dank und schöne Ostern Golfkirsi |
|
02.04.2015, 20:44
| #14 |
| /// the machine /// TB-Ausbilder | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglichESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.04.2015, 07:51
| #15 |
| | Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglichCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=216c0614b51bd54cb8b21d3de5e159d6
# engine=23214
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-03 02:10:58
# local_time=2015-04-03 04:10:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 21658 179701449 0 0
# scanned=163814
# found=4
# cleaned=0
# scan_time=20226
sh=2DC2C6B0AE2199F896D3D16532F1063BDAF37221 ft=1 fh=90be0dd3d63bee14 vn="Variante von Win32/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\System32\roboot.exe.vir"
sh=8F9CFC7CDF4B21C0BD186E0F0B0BB0FBDE688B6D ft=0 fh=0000000000000000 vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="D:\KIRSTENNETBOOK\Backup Set 2013-09-25 145516\Backup Files 2013-09-25 145516\Backup files 4.zip"
sh=3BB496D846720F18B6CDD6E9A027ED0FEE8E2F3B ft=0 fh=0000000000000000 vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="D:\KIRSTENNETBOOK\Backup Set 2014-12-07 170353\Backup Files 2014-12-07 170353\Backup files 12.zip"
sh=292CF04A51B011F7FC14302A95AA7DC592BB5B37 ft=0 fh=0000000000000000 vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="D:\KIRSTENNETBOOK\Backup Set 2015-01-25 182630\Backup Files 2015-01-25 182630\Backup files 12.zip"
Code:
ATTFilter Results of screen317's Security Check version 0.99.99 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` CCleaner Java 2 Runtime Environment, SE v1.4.2_19 Java version 32-bit out of Date! Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Erbitte neue Anweisungen Danke und frohe Ostern Golfkirsi Code:
ATTFilter Results of screen317's Security Check version 0.99.99 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` CCleaner Java 2 Runtime Environment, SE v1.4.2_19 Java version 32-bit out of Date! Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Kirsten Netbook at 2015-04-04 01:06:53
Running from C:\Users\Kirsten Netbook\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.5 (HKLM\...\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}) (Version: 3.5.1 - Adobe)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Antivirus Pro (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.04 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
b-Cards 3.2 Version 3.2 (Vista/Win7) (HKLM\...\{BAE1F999-4707-4E17-8294-273DF3037E6F}_is1) (Version: 3.2 (Vista/Win7) - Birdigee)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
CDRWIN 7 (HKLM\...\{389BE10D-555B-495B-A83E-E3D94B66D26A}) (Version: 7.0.8.527 - S.A.D.)
Cisco AnyConnect VPN Client (HKLM\...\{96C6C69B-B21D-48D9-8ACC-52AE3EB361A2}) (Version: 2.2.0133 - Cisco Systems, Inc.)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 2.5 (HKLM\...\Citavi) (Version: 2.5.2.0 - Academic Software Zurich)
Citrix Presentation Server Client - Nur Web (HKLM\...\{23E8D2D6-F7C8-4A35-816C-6C914EE0A601}) (Version: 10.150.58643 - Citrix Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.3 - )
Eee Docking 3.3.0 (HKLM\...\Eee Docking_is1) (Version: 3.3.0 - ASUSTek Computer Inc.)
FILEminimizer Pictures (HKLM\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
FileOpen Client (HKLM\...\{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}) (Version: 3.0.16.879 - FileOpen Systems, Inc.)
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.15 - AsusTek Computer)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{87B2E9C6-8AC1-43EF-9072-DB2EF0A49680}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 9.7.3 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version: - Intel Corporation)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_19 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142190}) (Version: 1.4.2_19 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.29 - AsusTek Computer Inc.)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.01.02 - Logitech, Inc.)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{26257879-B20D-4D30-A429-B387A4890929}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Communicator 2007 (HKLM\...\{0FCA0973-24C0-48EA-8CF6-71B53C135C09}) (Version: 2.0.6362.0 - Microsoft Corporation)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM\...\OMUI.nl-nl) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - French/Français (HKLM\...\OMUI.fr-fr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Italian/Italiano (HKLM\...\OMUI.it-it) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0 - RealNetworks) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0130 - REALTEK Semiconductor Corp.)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1800 - SRS Labs, Inc.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.39049 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
Verbindungsassistent (HKLM\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Kirsten Netbook\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\Kirsten Netbook\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1967279032-2498529286-1251811412-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
==================== Restore Points =========================
29-03-2015 17:56:05 Removed ebi.BookReader3J
29-03-2015 19:00:45 Windows-Sicherung
29-03-2015 20:13:53 Removed ebi.BookReader3J
03-04-2015 10:08:57 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2015-03-31 21:28 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {079519C7-79CD-4826-AC43-8C37A87AAA9F} - System32\Tasks\{19F80B1B-01D7-4B38-8D93-A092DBA51E5D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {11432A0C-F225-4641-B405-6F1314D3ECBA} - System32\Tasks\{AF5831CF-F5CC-4167-9005-87540502B82C} => pcalua.exe -a E:\Verbindungsassistent\setup.exe -d E:\Verbindungsassistent
Task: {222B8AC3-BF54-4A05-9716-AFD9D413B1E2} - System32\Tasks\{50E22A1D-2377-44FA-95F5-E6147F031453} => pcalua.exe -a "C:\Program Files\Verbindungsassistent\Uninstaller.exe"
Task: {2390EBDB-2951-435E-80B5-489BDC9527C0} - System32\Tasks\{D79687B4-7E68-40A5-906A-ED7D12EC442F} => pcalua.exe -a "E:\Avira AntiVir Premium\avira_antivirus_premium_de.exe" -d "E:\Avira AntiVir Premium"
Task: {2B5CB29C-793C-4CAD-8284-DF6A6E3FB9A3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {4D8CA824-41F0-430D-8960-7E872C97E861} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {5A7E1106-B2AC-4B16-8211-3410E271948C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5FECBC36-3FC4-4C2A-A6FE-2062A4759F33} - System32\Tasks\Update- und Informations-Manager => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2012-02-25] (Logitech)
Task: {61316885-6202-415E-997F-BFC360241E0F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe
Task: {6A1B19B0-838C-40C8-83FB-1F6310205B63} - System32\Tasks\{7F93A435-B317-4DB2-9350-73A97D7059AE} => pcalua.exe -a "C:\Program Files\ElsterFormular\bin\installationsverwaltung.exe" -d "C:\Program Files\ElsterFormular\bin" -c --zeigeDlg
Task: {75DAEAAA-31E9-4CEC-B201-CAE8A8504572} - System32\Tasks\{230793ED-72EA-48A0-A706-41A6CB6B1213} => pcalua.exe -a E:\Radiotracker\Radiotracker6.exe -d E:\Radiotracker
Task: {78FE2AE6-098D-4013-9270-90EC4649790A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {80695B6C-60FB-49BC-B39F-782E8F90455F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {83C6AADB-8B32-4BCF-9344-347A093032E3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-29] (Adobe Systems Incorporated)
Task: {8FC2B7D0-D141-457F-A838-9A7700700617} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {C5E21B80-4D26-43FE-9C56-72B74D6D571C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {CCDC2DBC-C152-4E95-B107-3A3926EC7660} - System32\Tasks\Festplatte reinigen => C:\Windows\System32\cleanmgr.exe [2009-07-14] (Microsoft Corporation)
Task: {DA1E871B-5210-4887-8829-850517EE6EE5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {E3798267-96D1-40C7-ADDD-F54C9B241069} - System32\Tasks\{EFB8FC22-DB0F-4EF5-B9A8-DDBEDAD7B3FA} => pcalua.exe -a "C:\Users\Kirsten Netbook\Downloads\vpnclient-win-msi-5.0.exe" -d "C:\Users\Kirsten Netbook\Downloads"
Task: {F4C4E744-5087-4C09-81D2-137241617607} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1967279032-2498529286-1251811412-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {FB92EDBC-96ED-4C75-B4E7-026AAE88A910} - System32\Tasks\Logitech-Online-Aktualisierungsprogramm => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-02-25] (Logitech)
Task: {FC7CF5D3-9096-4533-B181-F0823768783B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2010-08-07 17:07 - 2009-08-20 01:19 - 00074984 _____ () C:\Program Files\FILEminimizer Pictures\FILEMShell.dll
2009-03-02 04:08 - 2009-03-02 04:08 - 00003584 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.PropSheetExtensionHelper.dll
2011-09-05 09:19 - 2011-09-05 09:19 - 00003584 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\LogicNP.PropSheetExtensionHelper.dll
2009-12-07 16:50 - 2009-09-26 00:02 - 00402608 _____ () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
2009-11-26 15:52 - 2009-11-26 15:52 - 01732608 _____ () C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-07 16:19 - 2009-08-19 03:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe
2011-07-13 09:38 - 2011-07-13 09:38 - 00181664 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll
2011-09-05 09:19 - 2011-09-05 09:19 - 00028672 _____ () C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AxInterop.ShockwaveFlashObjects.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2011-01-24 10:20 - 2011-06-27 22:38 - 00330696 _____ () C:\Program Files\Verbindungsassistent\wtgservice.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1967279032-2498529286-1251811412-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kirsten Netbook\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1967279032-2498529286-1251811412-500 - Administrator - Disabled)
Gast (S-1-5-21-1967279032-2498529286-1251811412-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1967279032-2498529286-1251811412-1006 - Limited - Enabled)
Kirsten Netbook (S-1-5-21-1967279032-2498529286-1251811412-1000 - Administrator - Enabled) => C:\Users\Kirsten Netbook
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2015 00:27:07 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (04/03/2015 08:55:52 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
System errors:
=============
Error: (04/03/2015 10:00:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iPod-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/03/2015 10:00:39 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
Error: (04/03/2015 10:00:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst iPod-Dienst erreicht.
Error: (04/03/2015 10:00:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (04/03/2015 09:56:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/02/2015 02:41:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (04/02/2015 02:30:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU Z520 @ 1.33GHz
Percentage of memory in use: 54%
Total physical RAM: 2037.93 MB
Available physical RAM: 927.65 MB
Total Pagefile: 4075.86 MB
Available Pagefile: 2163.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100 GB) (Free:42.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:122.87 GB) (Free:25.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: ABF319E9)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=122.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=1B)
Partition 4: (Not Active) - (Size=17 MB) - (Type=EF)
==================== End Of Log ============================
|
|
| Themen zu Netbook mit windows7 arbeitet sehr langsam - Neuinstallation von software nicht möglich |
| .dll, angeblich, arbeitet, bestimmte, eingefangen, erhalte, fehlende, fehlermeldungen, gefangen, gen, installieren, konnte, langsam, laptop, malware, neuinstallation, nicht mehr, software, system, troja, urlaub, windows, würde, überprüfe, überprüfen |
WARNUNG an die MITLESER: 
Linear-Darstellung
