| |
| |||||||
Log-Analyse und Auswertung: Win 8.1 // DHL Statusreport Sendung VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.06.2015, 19:41
| #1 |
| |  Win 8.1 // DHL Statusreport Sendung Virus Hallo liebes Trojaner Board Forum, ich habe letztens eine DHL Mail bekommen mit dem Betreff: "Statusreport zu meiner Sendung". Da ich gerade tatsächlich Probleme mit einer Sendung habe, dachte ich mir leider nicht viel dabei. Mail am 01.06 erhalten (noch im Thunderbird Papierkorb). Heute Mailer Deamon Mails bekommen mit Mails die ich nicht verfasst habe, an Adressen die ich nicht kenne. Weiterhin eine Warnung über seltsame Loginaktivitäten auf mein Microsoft Konto von Microsoft erhalten. Ich weiß leider nicht mehr ob ich die Mail auf meinem PC geöffnet bzw den Anhang gespeicher habe. Auf meine Smarphone (Cyanogen, Android) habe ich auf jedenfall eine DHL Sendungs....zip gefunden. Heißt ich habe es dort runtergeladen. Ist Android davon auch betroffen? Ich brauche nun also Hilfe herauszufinden was genau bei mir gerade los ist. Ich hoffe Ihr könnt mir helfen. Bisher getätigte Schritte: 1. Passwörter zu meine Konten (die mir eingefallen sind) geändert 2. Avast Scan gemacht (ohne Befund) 3. defogger 4. FRST 5. GMER Folgen die Log-Files. FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Bobomb (administrator) on BOBOMB-PC on 08-06-2015 20:01:36
Running from F:\Programme\frst
Loaded Profiles: Bobomb (Available Profiles: Bobomb & DefaultAppPool)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) F:\Programme\avast\install\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM GmbH) F:\Programme\fritz_powerline\PowerlineService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) F:\Programme\itunes\iTunesHelper.exe
(Adobe Systems Inc.) F:\Programme\cs5.5\Acrobat 10.0\Acrobat\acrotray.exe
(AVAST Software) F:\Programme\avast\install\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) F:\Treiber\samsung\Samsung Magician\Samsung Magician.exe
(Mozilla Corporation) F:\Programme\firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => F:\Programme\itunes\iTunesHelper.exe [421776 2012-09-10] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => F:\Programme\avast\install\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-506915567-3553688366-1548111016-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-506915567-3553688366-1548111016-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-506915567-3553688366-1548111016-1000\...\MountPoints2: {c80a44fc-7d6a-11e4-be93-6cf04956b3bb} - "E:\Startme.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => F:\Programme\avast\install\ashShA64.dll [2014-07-22] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-506915567-3553688366-1548111016-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Programme\java\bin\ssv.dll [2014-09-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Programme\avast\install\aswWebRepIE64.dll [2014-07-22] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Programme\java\bin\jp2ssv.dll [2014-09-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Programme\java\bin\ssv.dll [2014-09-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Programme\avast\install\aswWebRepIE.dll [2014-07-22] (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Programme\java\bin\jp2ssv.dll [2014-09-02] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default
FF NewTab: about:blank
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-22] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> F:\Programme\java\bin\dtplugin\npDeployJava1.dll [2014-09-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> F:\Programme\java\bin\plugin2\npjp2.dll [2014-09-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Programme\itunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> F:\Programme\java\bin\dtplugin\npDeployJava1.dll [2014-09-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> F:\Programme\java\bin\plugin2\npjp2.dll [2014-09-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-506915567-3553688366-1548111016-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-10-01] ()
FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\11-suche.xml [2014-07-26]
FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\englische-ergebnisse.xml [2014-07-26]
FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\gmx-suche.xml [2014-07-26]
FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\lastminute.xml [2014-07-26]
FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\webde-suche.xml [2014-07-26]
FF Extension: Adblock Plus - C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - F:\Programme\avast\install\WebRep\FF
FF Extension: avast! Online Security - F:\Programme\avast\install\WebRep\FF [2014-05-23]
StartMenuInternet: FIREFOX.EXE - F:\Programme\firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-09]
CHR Extension: (Google Docs) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-09]
CHR Extension: (Google Drive) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-09]
CHR Extension: (YouTube) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-09]
CHR Extension: (Google Search) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-09]
CHR Extension: (Google Sheets) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-09]
CHR Extension: (AdBlock) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-02]
CHR Extension: (Avast Online Security) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-09]
CHR Extension: (Google Wallet) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-09]
CHR Extension: (Gmail) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - F:\Programme\avast\install\WebRep\Chrome\aswWebRepChrome.crx [2014-07-22]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Bobomb\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-07-26]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; F:\Programme\avast\install\AvastSvc.exe [50344 2014-07-22] (AVAST Software)
R2 AVMPowerlineService; F:\Programme\fritz_powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-02-24] (Microsoft Corporation)
S2 SkypeUpdate; F:\Programme\skype\Updater\Updater.exe [315488 2015-02-18] (Skype Technologies)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-02-24] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-02-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-22] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-02-24] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [226768 2013-09-18] (Focusrite A.E.)
S3 SaffireAudio; C:\Windows\system32\drivers\SaffireAudio.sys [47824 2013-09-18] (Focusrite A.E.)
S3 SaffireMidi; C:\Windows\system32\drivers\SaffireMidi.sys [38352 2013-09-18] (Focusrite A.E.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
U3 idsvc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 20:01 - 2015-06-08 20:01 - 00000000 ____D C:\FRST
2015-06-08 20:00 - 2015-06-08 20:00 - 00000000 _____ C:\Users\Bobomb\defogger_reenable
2015-06-07 23:30 - 2015-06-07 23:30 - 00278960 _____ C:\WINDOWS\Minidump\060715-10625-01.dmp
2015-06-05 18:19 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-05 18:19 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-05 18:19 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-05 18:19 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-05 18:19 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-05 18:19 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-05 18:19 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-05 18:19 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-03 19:08 - 2015-06-07 23:30 - 749613294 _____ C:\WINDOWS\MEMORY.DMP
2015-06-03 19:08 - 2015-06-03 19:08 - 00324848 _____ C:\WINDOWS\Minidump\060315-14843-01.dmp
2015-06-02 20:35 - 2015-06-02 20:35 - 00000000 ____D C:\Users\Bobomb\AppData\Local\GWX
2015-05-30 17:57 - 2015-06-01 00:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-05-14 16:31 - 2015-06-07 23:31 - 00007161 _____ C:\WINDOWS\setupact.log
2015-05-14 16:31 - 2015-05-14 16:31 - 00000306 _____ C:\WINDOWS\PFRO.log
2015-05-14 16:31 - 2015-05-14 16:31 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-05-13 20:30 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 20:30 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 20:22 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 20:22 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 20:22 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 20:22 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 20:22 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 20:22 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 20:22 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 20:22 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 20:22 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 20:22 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 20:22 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 20:22 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 20:22 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 20:22 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 20:22 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 20:22 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 20:22 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 20:22 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 20:22 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 20:22 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 20:22 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 20:22 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 20:22 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 20:22 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 20:22 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 20:22 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 20:22 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 20:22 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 20:22 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 20:22 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 20:22 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 20:22 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 20:22 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 20:22 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 20:22 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 20:22 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 20:22 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 20:22 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 20:22 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 20:22 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 20:22 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 20:22 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 20:22 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 20:22 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 20:22 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 20:22 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 20:22 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 20:22 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 20:22 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 20:22 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 20:22 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 20:22 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 20:22 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 20:22 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 20:22 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 20:22 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 20:22 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 20:22 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 20:22 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 20:22 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 20:22 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 20:22 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 20:22 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 20:22 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 20:22 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 20:22 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 20:22 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 20:22 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 20:22 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 20:22 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 20:22 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 20:22 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 20:21 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 20:21 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 20:21 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 20:21 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 20:21 - 2015-03-13 02:29 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 20:20 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 20:20 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 20:15 - 2015-06-08 19:54 - 01959791 _____ C:\WINDOWS\WindowsUpdate.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 20:00 - 2014-02-24 21:04 - 00000000 ____D C:\Users\Bobomb
2015-06-08 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-08 19:45 - 2014-09-09 20:04 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-08 19:45 - 2014-09-09 20:04 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-08 19:21 - 2015-04-22 20:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-08 18:07 - 2013-11-14 09:26 - 02063924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-08 18:07 - 2013-11-14 09:11 - 00876992 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-08 18:07 - 2013-11-14 09:11 - 00201082 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-08 18:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-07 23:37 - 2014-02-24 20:01 - 00000000 ____D C:\Users\Bobomb\AppData\Roaming\Skype
2015-06-07 23:31 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-07 23:30 - 2015-04-16 20:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-07 23:30 - 2014-12-03 20:55 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-07 23:30 - 2014-08-10 14:38 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-07 23:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-07 21:00 - 2014-06-28 20:27 - 00000000 ____D C:\Users\Bobomb\AppData\Local\Adobe
2015-06-06 08:17 - 2014-02-24 16:26 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-506915567-3553688366-1548111016-1000
2015-06-05 18:32 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-03 20:13 - 2014-03-03 17:43 - 00000000 ____D C:\Users\Bobomb\Documents\Native Instruments
2015-06-03 19:08 - 2014-02-24 19:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 19:08 - 2013-08-22 16:44 - 05346312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-30 23:07 - 2014-05-23 22:13 - 00004160 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-05-26 17:46 - 2014-09-09 20:05 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-22 21:20 - 2015-04-13 21:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-22 21:20 - 2015-04-13 21:50 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-20 19:40 - 2014-09-09 20:04 - 00004110 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 19:40 - 2014-09-09 20:04 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 17:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-14 16:31 - 2014-06-28 20:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 16:31 - 2014-06-28 20:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 20:43 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-13 20:43 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 20:30 - 2014-02-24 16:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-13 20:27 - 2014-06-28 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 20:27 - 2014-02-24 16:41 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 20:26 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 22:26 - 2014-03-10 14:40 - 00000695 _____ C:\Users\Public\Desktop\CCleaner.lnk
==================== Files in the root of some directories =======
2014-06-25 18:34 - 2015-04-29 22:01 - 0001456 _____ () C:\Users\Bobomb\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-02-24 15:57 - 2014-11-24 02:48 - 0007597 _____ () C:\Users\Bobomb\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-08 18:29
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Bobomb at 2015-06-08 20:02:05
Running from F:\Programme\frst
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-506915567-3553688366-1548111016-500 - Administrator - Disabled)
Bobomb (S-1-5-21-506915567-3553688366-1548111016-1000 - Administrator - Enabled) => C:\Users\Bobomb
Gast (S-1-5-21-506915567-3553688366-1548111016-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Design Standard (HKLM-x32\...\{53CF3920-648B-4F99-8D05-6A6C5298F57B}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.7.1.8141 - Steinberg Media Technologies GmbH)
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
LibreOffice 4.2.3.3 (HKLM-x32\...\{4117DF3C-6677-4A22-90B7-FF06923417E9}) (Version: 4.2.3.3 - The Document Foundation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Firefox 38.0.5 (x86 de) (HKU\S-1-5-21-506915567-3553688366-1548111016-1000\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKU\S-1-5-21-506915567-3553688366-1548111016-1000\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Native Instruments Abbey Road 60s Drums (HKLM-x32\...\Native Instruments Abbey Road 60s Drums) (Version: - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.2.0.1277 - Native Instruments)
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version: - Native Instruments)
Native Instruments Battery Library Importer for Maschine (HKLM-x32\...\Native Instruments Battery Library Importer for Maschine) (Version: - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version: - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.3.0.1244 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version: - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version: - Native Instruments)
Native Instruments Komplete 8 (HKLM-x32\...\Native Instruments Komplete 8) (Version: - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.3.1.37 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.6 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.0.292 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.0.725 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.3 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.1 - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.0.699 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.2 - Native Instruments)
Native Instruments Transient Master (HKLM-x32\...\Native Instruments Transient Master) (Version: - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version: - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version: - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: - Native Instruments)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PhonerLite 2.21 (HKLM-x32\...\PhonerLite_is1) (Version: 2.21 - Heiko Sommerfeldt)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
Saffire MixControl 3.3 (HKLM\...\Saffire PRO 40_is1) (Version: 3.3 - Focusrite Audio Engineering Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.7 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Essential Set (HKLM-x32\...\{C04D5974-F528-4347-A494-EAF56124CC1A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
22-05-2015 21:19:57 Windows Update
30-05-2015 15:48:41 Geplanter Prüfpunkt
05-06-2015 18:31:46 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E15E0FD-DD1B-4D9C-AAD9-7997DFF36595} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {11EDC131-4CD3-449A-B03F-86BF5E008A23} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {171B37EF-4051-4866-B042-46F5E0B0D1B0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {18D6AFD7-457D-4520-9E24-039F5149300E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-22] (Adobe Systems Incorporated)
Task: {19F31AA2-C3BE-44EE-93E3-74A7DE92323C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {1D44399C-778B-4EE2-9443-133DEAE21048} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {1FB71E07-8E27-4E7B-A425-DDF3C1005AF6} - System32\Tasks\CCleanerSkipUAC => F:\Programme\ccleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {2116D7B7-D2B0-49EA-AFE4-712B423CBC36} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {2CF41CF4-FD29-455E-89DF-0A6660FB2FAA} - System32\Tasks\AdobeAAMUpdater-1.0-Bobomb-PC-Bobomb => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {3A1346BD-92F5-46F3-8B12-3663E6894927} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {3A949DEE-E135-4CB9-9080-8504E87F0CB6} - System32\Tasks\SamsungMagician => F:\Treiber\samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {49774A96-40D7-424C-90C0-77DF98131FDA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {4E8C8884-8F45-4D07-8BB4-E455440B2016} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {52A85C4E-399E-4B5D-B120-A10A9AA81B13} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {558F7199-2177-4C4C-BC34-F4FCE05D88B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {6448A7D0-93B1-40D3-BF7D-B927E355A43E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {66656383-9927-4954-BEEF-C6610252FDAC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {690F5169-F562-497C-90D2-FE7E03A2280C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {83F79601-3B00-401D-9AAB-DA5BCAF4A379} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {94BA226D-AE7F-4502-8861-68D0D15B4913} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {9B451E2E-1D16-4FE8-A6CB-28B46A4DE645} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {9E74216B-3AB3-4D9F-8655-C660C09B6BD6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {9E8CCF42-A357-48A6-A425-214C8A44584E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A0A00409-4227-4518-A0E6-80367EB92860} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {A638C1B8-C586-4E79-A164-6FF3CF215234} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A7087DA3-D6BC-431C-ACC5-EA3D8E8B7265} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09] (Google Inc.)
Task: {A904C230-21F5-4611-8691-6305AE322C82} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AC12AD9D-B113-4782-BFEF-E54C750292F0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B1279F86-50E4-48D3-8DFD-32350ABB0397} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {CE797633-B86B-469C-814B-563C153BE704} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {DA6AFA66-9AE1-477F-8470-B1E07744F821} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {E0E0EE0C-58A1-4B27-8B72-3EC0901D4BC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-09] (Google Inc.)
Task: {E5ADFF03-553F-42C8-8656-26404BB9D124} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EA59394D-9A90-496C-9EE8-88B28A17C3F1} - System32\Tasks\avast! Emergency Update => F:\Programme\avast\install\AvastEmUpdate.exe [2014-07-22] (AVAST Software)
Task: {F32F3376-6000-4E0E-B405-530F573FB9AF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F470B9EC-6F0D-4ACC-A503-9074F8F7A7AF} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {FEC44BFE-6C00-4801-8E6E-AF3DD290C51C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-03-21 21:36 - 2007-03-16 03:50 - 00022016 _____ () C:\WINDOWS\System32\ps3450v6.dll
2014-03-21 21:36 - 2007-02-07 14:41 - 00103424 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\XP3450u.dll
2014-07-22 20:10 - 2014-07-22 20:10 - 00301152 _____ () F:\Programme\avast\install\aswProperty.dll
2015-06-07 21:01 - 2015-06-07 21:01 - 02952192 _____ () F:\Programme\avast\install\defs\15060701\algo.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-03 20:07 - 2014-12-03 20:07 - 00019968 _____ () F:\Programme\cs5.5\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-07-22 20:10 - 2014-07-22 20:10 - 19329904 _____ () F:\Programme\avast\install\libcef.dll
2014-08-10 14:47 - 2014-09-28 18:59 - 00019872 _____ () F:\Treiber\samsung\Samsung Magician\SAMSUNG_SSD.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Bobomb\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-506915567-3553688366-1548111016-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bobomb\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dark_wood-1920x1080.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{076144E1-24C6-44A1-BF8C-ADEDDC87AD40}] => (Allow) F:\Programme\skype\Phone\Skype.exe
FirewallRules: [{A22DF709-D07A-4A7C-B51F-EBFEB4F4FCF4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{3D57099B-C5C1-44BA-8F32-43195BCB6816}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{20FC576D-8A26-4E75-A9BA-D797E7332ADD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{668DC7EF-0C6E-4F9D-81F0-5D49AB09CC67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E99FF27A-BA3C-4085-8D09-DDD29B182528}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5F4D74A7-33F7-4384-BDE8-00CA4412D9C3}] => (Allow) F:\Programme\itunes\iTunes.exe
FirewallRules: [TCP Query User{19676A82-709F-4BDB-94DB-5DCF54816F77}F:\programme\java\bin\javaw.exe] => (Allow) F:\programme\java\bin\javaw.exe
FirewallRules: [UDP Query User{CE44C607-A66E-45B2-98F4-2845DAC2D42C}F:\programme\java\bin\javaw.exe] => (Allow) F:\programme\java\bin\javaw.exe
FirewallRules: [{00D1CDB1-4414-44CC-83D0-DC27AAC0E03B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5906A049-37E6-4B8C-9427-AC361F509DCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0E541513-4B8A-4856-8E8A-7793AD162607}] => (Allow) G:\anno2070\Anno5.exe
FirewallRules: [{8334EE13-ED1D-4B5D-BDA0-E918A0002243}] => (Allow) G:\anno2070\Anno5.exe
FirewallRules: [{B29AF530-F8BF-4F16-B546-3218CEADC0A6}] => (Allow) G:\anno2070\AutoPatcher.exe
FirewallRules: [{BD1BE4F3-07E9-40F1-B1F3-6AC2A66D5B0A}] => (Allow) G:\anno2070\AutoPatcher.exe
FirewallRules: [{0BD09373-4465-4229-B202-CE3880B87F0A}] => (Allow) G:\anno2070\InitEngine.exe
FirewallRules: [{D704334A-7CB3-4AB3-ADC2-918E27EC6761}] => (Allow) G:\anno2070\InitEngine.exe
FirewallRules: [TCP Query User{AA275FCF-0533-4973-8A99-3BBA8365D0D1}G:\warcraft_iii\warcraft iii\war3.exe] => (Allow) G:\warcraft_iii\warcraft iii\war3.exe
FirewallRules: [UDP Query User{BED82749-89A8-4C6D-B450-C4E00B1D849E}G:\warcraft_iii\warcraft iii\war3.exe] => (Allow) G:\warcraft_iii\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C5E6A2B2-6913-4040-B68E-09916FCC3871}G:\trackmania\tmnationsforever\tmforever.exe] => (Allow) G:\trackmania\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{006A0526-9120-48A1-9428-0AF12BEDD101}G:\trackmania\tmnationsforever\tmforever.exe] => (Allow) G:\trackmania\tmnationsforever\tmforever.exe
FirewallRules: [{7714F13B-FB85-4C11-9F24-995DD612BB83}] => (Allow) G:\steam\Steam.exe
FirewallRules: [{A271AC43-A926-4408-BE60-0129E0FA3EA4}] => (Allow) G:\steam\Steam.exe
FirewallRules: [{5DC4C41B-8F5F-4D36-8EF5-F0B3C2E70442}] => (Allow) G:\steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D6744541-937F-4968-9253-61BDBA3087BA}] => (Allow) G:\steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E423FE16-8839-44D7-8894-F8E18458496E}] => (Allow) G:\steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{C13BD5CA-603F-4D76-A9B8-BABA22EA5A42}] => (Allow) G:\steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{C380F166-BA99-4A8C-B2AC-0744ED568E73}] => (Allow) G:\steam\bin\steamwebhelper.exe
FirewallRules: [{2A6E3CDB-0729-43EC-B98D-58842B01CF01}] => (Allow) G:\steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{8417C6CE-2BBA-4157-9FED-9F3083A6658D}F:\studio\cubase7\cubase le ai elements 7.exe] => (Allow) F:\studio\cubase7\cubase le ai elements 7.exe
FirewallRules: [UDP Query User{016F13A0-853E-4C41-B529-C4C2D5850304}F:\studio\cubase7\cubase le ai elements 7.exe] => (Allow) F:\studio\cubase7\cubase le ai elements 7.exe
FirewallRules: [TCP Query User{E008AB37-1240-4849-95C5-4DBE572091CF}F:\studio\cubase7\components\vstbridgeapp.exe] => (Allow) F:\studio\cubase7\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{AE845237-DAA3-4E0B-8CF3-585BB9CEE9C8}F:\studio\cubase7\components\vstbridgeapp.exe] => (Allow) F:\studio\cubase7\components\vstbridgeapp.exe
FirewallRules: [{0F124021-C149-4B41-B501-96F12FA6535F}] => (Block) F:\studio\cubase7\components\vstbridgeapp.exe
FirewallRules: [{E57A5C34-D816-4154-BDEA-CE5D316F4AF1}] => (Block) F:\studio\cubase7\components\vstbridgeapp.exe
FirewallRules: [{1133579B-0BDF-4451-BEC0-DFC622716485}] => (Block) F:\studio\cubase7\cubase le ai elements 7.exe
FirewallRules: [{A6D6CD04-93C9-4E45-B5F1-EFD4FCC21187}] => (Block) F:\studio\cubase7\cubase le ai elements 7.exe
FirewallRules: [{E14E6C76-855F-45D0-8BF6-5B17003C3889}] => (Allow) G:\steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{81223603-BB1B-4FB6-B655-E7278CA870EC}] => (Allow) G:\steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{2C2C8F79-6BAD-437D-9E63-580328098A39}] => (Allow) G:\steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{2829DEFB-7C21-47A7-AEA8-E044B7639929}] => (Allow) G:\steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{D32E96FB-DB35-4E3F-8298-E8A51E16D4C3}F:\programme\phoner_light\phonerlite\phonerlite.exe] => (Allow) F:\programme\phoner_light\phonerlite\phonerlite.exe
FirewallRules: [UDP Query User{7B8DC6E6-7C79-4627-830C-5F124595C5E5}F:\programme\phoner_light\phonerlite\phonerlite.exe] => (Allow) F:\programme\phoner_light\phonerlite\phonerlite.exe
FirewallRules: [TCP Query User{3992DA38-60CC-4106-A9B3-7CAE9A72B61E}F:\programme\firefox\firefox.exe] => (Allow) F:\programme\firefox\firefox.exe
FirewallRules: [UDP Query User{926270FA-B240-4739-A359-88C86B933BD5}F:\programme\firefox\firefox.exe] => (Allow) F:\programme\firefox\firefox.exe
FirewallRules: [{FE89299C-5E5D-4FDF-951C-39F21D0E6B31}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/07/2015 11:17:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000359dd
ID des fehlerhaften Prozesses: 0xa00
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (06/05/2015 06:31:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/05/2015 06:31:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/03/2015 08:43:31 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/03/2015 07:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 4.2.3.3, Zeitstempel: 0x5344be3a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001df63
ID des fehlerhaften Prozesses: 0x9e0
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Vollständiger Name des fehlerhaften Pakets: soffice.bin4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: soffice.bin5
Error: (06/03/2015 07:55:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: soffice.bin, Version: 4.2.3.3, Zeitstempel: 0x5344be3a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001df63
ID des fehlerhaften Prozesses: 0x77c
Startzeit der fehlerhaften Anwendung: 0xsoffice.bin0
Pfad der fehlerhaften Anwendung: soffice.bin1
Pfad des fehlerhaften Moduls: soffice.bin2
Berichtskennung: soffice.bin3
Vollständiger Name des fehlerhaften Pakets: soffice.bin4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: soffice.bin5
Error: (06/03/2015 07:36:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 7.5.3.333, Zeitstempel: 0x4f6b9e72
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003b36a
ID des fehlerhaften Prozesses: 0x7a8
Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0
Pfad der fehlerhaften Anwendung: InDesign.exe1
Pfad des fehlerhaften Moduls: InDesign.exe2
Berichtskennung: InDesign.exe3
Vollständiger Name des fehlerhaften Pakets: InDesign.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: InDesign.exe5
Error: (05/31/2015 00:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dota.exe, Version: 0.0.0.0, Zeitstempel: 0x55601047
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x05d0bf80
ID des fehlerhaften Prozesses: 0x5f4
Startzeit der fehlerhaften Anwendung: 0xdota.exe0
Pfad der fehlerhaften Anwendung: dota.exe1
Pfad des fehlerhaften Moduls: dota.exe2
Berichtskennung: dota.exe3
Vollständiger Name des fehlerhaften Pakets: dota.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dota.exe5
Error: (05/30/2015 11:04:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.76.57.19 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b34
Startzeit: 01d09b1576846dd1
Endzeit: 4294967295
Anwendungspfad: G:\steam\Steam.exe
Berichts-ID: 6649017b-070f-11e5-be9d-6cf04956b3bb
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/30/2015 11:03:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dota.exe, Version: 0.0.0.0, Zeitstempel: 0x55601047
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x06afbf80
ID des fehlerhaften Prozesses: 0x110c
Startzeit der fehlerhaften Anwendung: 0xdota.exe0
Pfad der fehlerhaften Anwendung: dota.exe1
Pfad des fehlerhaften Moduls: dota.exe2
Berichtskennung: dota.exe3
Vollständiger Name des fehlerhaften Pakets: dota.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dota.exe5
System errors:
=============
Error: (06/08/2015 06:30:57 PM) (Source: DCOM) (EventID: 10010) (User: Bobomb-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/08/2015 06:30:27 PM) (Source: DCOM) (EventID: 10010) (User: Bobomb-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/07/2015 11:30:16 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff8010208f704, 0xffffd000efec4950, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP060715-10625-01
Error: (06/07/2015 11:30:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.06.2015 um 23:28:19 unerwartet heruntergefahren.
Error: (06/07/2015 11:18:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/07/2015 09:14:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/07/2015 09:14:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/07/2015 09:09:39 PM) (Source: DCOM) (EventID: 10010) (User: Bobomb-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/07/2015 09:09:09 PM) (Source: DCOM) (EventID: 10010) (User: Bobomb-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/06/2015 06:12:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office:
=========================
Error: (06/07/2015 11:17:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2ntdll.dll6.3.9600.17736550f4336c000000500000000000359dda0001d0a153ce3254ecC:\WINDOWS\Explorer.EXEC:\WINDOWS\SYSTEM32\ntdll.dll92569d55-0d5a-11e5-be9f-6cf04956b3bb
Error: (06/05/2015 06:31:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System-reserviertFalscher Parameter. (0x80070057)
Error: (06/05/2015 06:31:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (06/03/2015 08:43:31 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System-reserviertFalscher Parameter. (0x80070057)
Error: (06/03/2015 07:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: soffice.bin4.2.3.35344be3antdll.dll6.3.9600.17736550f42c2c00000050001df639e001d09e2686a5325bF:\Programme\libre_office\program\soffice.binC:\WINDOWS\SYSTEM32\ntdll.dll34c26169-0a1a-11e5-be9f-6cf04956b3bb
Error: (06/03/2015 07:55:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: soffice.bin4.2.3.35344be3antdll.dll6.3.9600.17736550f42c2c00000050001df6377c01d09e226bddf3d4F:\Programme\libre_office\program\soffice.binC:\WINDOWS\SYSTEM32\ntdll.dllc3e1b0a6-0a19-11e5-be9f-6cf04956b3bb
Error: (06/03/2015 07:36:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: InDesign.exe7.5.3.3334f6b9e72MSVCR90.dll9.0.30729.838751ea24a5c00000050003b36a7a801d09e231c6412cdF:\Programme\cs5.5\Adobe InDesign CS5.5\InDesign.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll0d577b09-0a17-11e5-be9f-6cf04956b3bb
Error: (05/31/2015 00:42:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dota.exe0.0.0.055601047unknown0.0.0.000000000c000000505d0bf805f401d09b1cfc734271G:\steam\steamapps\common\dota 2 beta\dota.exeunknown2725681d-071d-11e5-be9e-6cf04956b3bb
Error: (05/30/2015 11:04:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.76.57.19b3401d09b1576846dd14294967295G:\steam\Steam.exe6649017b-070f-11e5-be9d-6cf04956b3bb
Error: (05/30/2015 11:03:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dota.exe0.0.0.055601047unknown0.0.0.000000000c000000506afbf80110c01d09b1bb91f20f7G:\steam\steamapps\common\dota 2 beta\dota.exeunknown4fcf8f1a-070f-11e5-be9d-6cf04956b3bb
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 22%
Total physical RAM: 12279.42 MB
Available physical RAM: 9557.98 MB
Total Pagefile: 24567.42 MB
Available Pagefile: 21413.24 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:63.67 GB) NTFS
Drive f: (Programme/Daten) (Fixed) (Total:931.51 GB) (Free:723.96 GB) NTFS
Drive g: (Games) (Fixed) (Total:465.76 GB) (Free:431.98 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: CF858D58)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B34C089)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5698EFF1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-08 20:35:23
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000026 Samsung_SSD_840_PRO_Series rev.DXM06B0Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Bobomb\AppData\Local\Temp\awryipog.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\lsass.exe[664] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[816] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\System32\svchost.exe[280] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[336] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[436] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[1092] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[1412] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\SearchIndexer.exe[1140] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[4872] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\Explorer.EXE[6040] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\taskhostex.exe[5416] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\System32\svchost.exe[752] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\AUDIODG.EXE[1988] C:\WINDOWS\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[4320] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ff9d2f6d3c5 1 byte [62]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [4080:2556] fffff9600080b2d0
Thread C:\WINDOWS\system32\csrss.exe [4080:5976] fffff9600080b2d0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{5BDD4354-0616-4A1B-86CF-20125443D05C}\Connection@Name isatap.{D6948CFB-2443-421A-B174-EDA54EFD7116}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -756171011
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{5BDD4354-0616-4A1B-86CF-20125443D05C}@InterfaceName isatap.{D6948CFB-2443-421A-B174-EDA54EFD7116}
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{5BDD4354-0616-4A1B-86CF-20125443D05C}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{762A5DE9-1DE0-42C0-B4AC-B50FD623D3CC}@DefunctTimestamp 0x10 0xBE 0x75 0x55 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 4606
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 2384
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile@EnableFirewall 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile@EnableFirewall 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@DhcpIPAddress 0.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@DhcpSubnetMask 255.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@DhcpServer 255.255.255.255
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@LeaseObtainedTime 1433712672
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@T1 1434144672
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@T2 1434468672
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@LeaseTerminatesTime 1434576672
Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{D6948CFB-2443-421A-B174-EDA54EFD7116}@Dhcpv6State 1
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\GWX\Usage@UsageTime 0x7E 0x4F 0xF3 0x02 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060120150602
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060120150602@CachePrefix :2015060120150602:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060120150602@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012015060120150602
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060120150602@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060120150602@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060120150602@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060220150603
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060220150603@CachePrefix :2015060220150603:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060220150603@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012015060220150603
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060220150603@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060220150603@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060220150603@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060320150604
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060320150604@CachePrefix :2015060320150604:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060320150604@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012015060320150604
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060320150604@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060320150604@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060320150604@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060520150606
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060520150606@CachePrefix :2015060520150606:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060520150606@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012015060520150606
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060520150606@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060520150606@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060520150606@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060620150607
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060620150607@CachePrefix :2015060620150607:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060620150607@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012015060620150607
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060620150607@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060620150607@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060620150607@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060720150608
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060720150608@CachePrefix :2015060720150608:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060720150608@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012015060720150608
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060720150608@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060720150608@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012015060720150608@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh 0x9A 0x81 0x17 0xDA ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified 0x80 0x75 0xBF 0x51 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\UFH\SHC@0 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk?C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe??
---- EOF - GMER 2.1 ----
Gruß Bobomb |
|
08.06.2015, 19:45
| #2 |
| /// the machine /// TB-Ausbilder    | Win 8.1 // DHL Statusreport Sendung Virus hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.06.2015, 20:39
| #3 |
| | Win 8.1 // DHL Statusreport Sendung Virus Hi,
__________________danke für die Rückmeldung. Malewarebytes Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.08.04
rootkit: v2015.06.02.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17801
Bobomb :: BOBOMB-PC [administrator]
08.06.2015 21:24:37
mbar-log-2015-06-08 (21-24-37).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 491571
Time elapsed: 8 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 21:33:57.0569 0x149c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:34:27.0726 0x149c ============================================================
21:34:27.0726 0x149c Current date / time: 2015/06/08 21:34:27.0726
21:34:27.0726 0x149c SystemInfo:
21:34:27.0726 0x149c
21:34:27.0726 0x149c OS Version: 6.3.9600 ServicePack: 0.0
21:34:27.0726 0x149c Product type: Workstation
21:34:27.0726 0x149c ComputerName: BOBOMB-PC
21:34:27.0726 0x149c UserName: Bobomb
21:34:27.0726 0x149c Windows directory: C:\WINDOWS
21:34:27.0726 0x149c System windows directory: C:\WINDOWS
21:34:27.0726 0x149c Running under WOW64
21:34:27.0726 0x149c Processor architecture: Intel x64
21:34:27.0726 0x149c Number of processors: 4
21:34:27.0726 0x149c Page size: 0x1000
21:34:27.0726 0x149c Boot type: Normal boot
21:34:27.0726 0x149c ============================================================
21:34:27.0793 0x149c KLMD registered as C:\WINDOWS\system32\drivers\99285526.sys
21:34:27.0898 0x149c System UUID: {12B072FB-C9BC-3F2C-90C9-DE58FBCA18E2}
21:34:28.0232 0x149c Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0xE584, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
21:34:28.0238 0x149c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:34:28.0260 0x149c Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0x4C87E, SectorsPerTrack: 0x13, TracksPerCylinder: 0xA4, Type 'K0', Flags 0x00000040
21:34:28.0262 0x149c ============================================================
21:34:28.0262 0x149c \Device\Harddisk0\DR0:
21:34:28.0263 0x149c MBR partitions:
21:34:28.0263 0x149c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:34:28.0263 0x149c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
21:34:28.0263 0x149c \Device\Harddisk1\DR1:
21:34:28.0263 0x149c MBR partitions:
21:34:28.0263 0x149c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:34:28.0263 0x149c \Device\Harddisk2\DR2:
21:34:28.0263 0x149c MBR partitions:
21:34:28.0263 0x149c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
21:34:28.0263 0x149c ============================================================
21:34:28.0265 0x149c C: <-> \Device\Harddisk0\DR0\Partition2
21:34:28.0267 0x149c F: <-> \Device\Harddisk1\DR1\Partition1
21:34:28.0279 0x149c G: <-> \Device\Harddisk2\DR2\Partition1
21:34:28.0279 0x149c ============================================================
21:34:28.0279 0x149c Initialize success
21:34:28.0279 0x149c ============================================================
21:35:09.0357 0x0d4c ============================================================
21:35:09.0357 0x0d4c Scan started
21:35:09.0357 0x0d4c Mode: Manual; SigCheck; TDLFS;
21:35:09.0357 0x0d4c ============================================================
21:35:09.0357 0x0d4c KSN ping started
21:35:11.0832 0x0d4c KSN ping finished: true
21:35:12.0563 0x0d4c ================ Scan system memory ========================
21:35:12.0563 0x0d4c System memory - ok
21:35:12.0563 0x0d4c ================ Scan services =============================
21:35:12.0614 0x0d4c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:35:12.0652 0x0d4c 1394ohci - ok
21:35:12.0662 0x0d4c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:35:12.0673 0x0d4c 3ware - ok
21:35:12.0691 0x0d4c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:35:12.0713 0x0d4c ACPI - ok
21:35:12.0718 0x0d4c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:35:12.0728 0x0d4c acpiex - ok
21:35:12.0731 0x0d4c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:35:12.0743 0x0d4c acpipagr - ok
21:35:12.0746 0x0d4c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:35:12.0758 0x0d4c AcpiPmi - ok
21:35:12.0761 0x0d4c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:35:12.0771 0x0d4c acpitime - ok
21:35:12.0777 0x0d4c [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:12.0785 0x0d4c AdobeARMservice - ok
21:35:12.0811 0x0d4c [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:35:12.0822 0x0d4c AdobeFlashPlayerUpdateSvc - ok
21:35:12.0843 0x0d4c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:35:12.0869 0x0d4c ADP80XX - ok
21:35:12.0877 0x0d4c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
21:35:12.0896 0x0d4c AeLookupSvc - ok
21:35:12.0912 0x0d4c [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:35:12.0940 0x0d4c AFD - ok
21:35:12.0945 0x0d4c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
21:35:12.0954 0x0d4c agp440 - ok
21:35:12.0959 0x0d4c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:35:12.0971 0x0d4c ahcache - ok
21:35:12.0977 0x0d4c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
21:35:12.0990 0x0d4c ALG - ok
21:35:12.0998 0x0d4c [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:35:13.0022 0x0d4c AMD External Events Utility - ok
21:35:13.0028 0x0d4c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:35:13.0039 0x0d4c AmdK8 - ok
21:35:13.0316 0x0d4c [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
21:35:13.0580 0x0d4c amdkmdag - ok
21:35:13.0608 0x0d4c [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
21:35:13.0635 0x0d4c amdkmdap - ok
21:35:13.0641 0x0d4c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:35:13.0652 0x0d4c AmdPPM - ok
21:35:13.0657 0x0d4c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:35:13.0666 0x0d4c amdsata - ok
21:35:13.0675 0x0d4c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:35:13.0689 0x0d4c amdsbs - ok
21:35:13.0693 0x0d4c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:35:13.0702 0x0d4c amdxata - ok
21:35:13.0706 0x0d4c [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
21:35:13.0721 0x0d4c AppHostSvc - ok
21:35:13.0725 0x0d4c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:35:13.0738 0x0d4c AppID - ok
21:35:13.0741 0x0d4c [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:35:13.0752 0x0d4c AppIDSvc - ok
21:35:13.0757 0x0d4c [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:35:13.0770 0x0d4c Appinfo - ok
21:35:13.0776 0x0d4c [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:35:13.0783 0x0d4c Apple Mobile Device - ok
21:35:13.0790 0x0d4c [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:35:13.0805 0x0d4c AppMgmt - ok
21:35:13.0819 0x0d4c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
21:35:13.0842 0x0d4c AppReadiness - ok
21:35:13.0873 0x0d4c [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
21:35:13.0911 0x0d4c AppXSvc - ok
21:35:13.0918 0x0d4c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:35:13.0928 0x0d4c arcsas - ok
21:35:13.0942 0x0d4c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:35:13.0952 0x0d4c aspnet_state - ok
21:35:13.0956 0x0d4c [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
21:35:13.0969 0x0d4c aswHwid - ok
21:35:13.0973 0x0d4c [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
21:35:13.0981 0x0d4c aswMonFlt - ok
21:35:13.0986 0x0d4c [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
21:35:13.0994 0x0d4c aswRdr - ok
21:35:13.0998 0x0d4c [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
21:35:14.0006 0x0d4c aswRvrt - ok
21:35:14.0032 0x0d4c [ CB3FC6732A50513EFC93B6E2495CF94A, 2CDB5268A73BFD788E5B5D708384C1C1D4E72834F99EB16B62C692A451061BBF ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
21:35:14.0058 0x0d4c aswSnx - ok
21:35:14.0071 0x0d4c [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
21:35:14.0085 0x0d4c aswSP - ok
21:35:14.0090 0x0d4c [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
21:35:14.0098 0x0d4c aswStm - ok
21:35:14.0106 0x0d4c [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
21:35:14.0117 0x0d4c aswVmm - ok
21:35:14.0121 0x0d4c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:35:14.0129 0x0d4c atapi - ok
21:35:14.0138 0x0d4c [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:35:14.0154 0x0d4c AudioEndpointBuilder - ok
21:35:14.0175 0x0d4c [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:35:14.0204 0x0d4c Audiosrv - ok
21:35:14.0232 0x0d4c [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus F:\Programme\avast\install\AvastSvc.exe
21:35:14.0239 0x0d4c avast! Antivirus - ok
21:35:14.0255 0x0d4c [ F161CF8F628130B464E6A908723D488C, 95D40B679C132989B6031CC566235033400DA88006CF258F1CEFFB0D105E3B5B ] AVMPowerlineService F:\Programme\fritz_powerline\PowerlineService.exe
21:35:14.0262 0x0d4c AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 )
21:35:16.0838 0x0d4c Detect skipped due to KSN trusted
21:35:16.0838 0x0d4c AVMPowerlineService - ok
21:35:16.0843 0x0d4c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:35:16.0857 0x0d4c AxInstSV - ok
21:35:16.0871 0x0d4c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:35:16.0892 0x0d4c b06bdrv - ok
21:35:16.0896 0x0d4c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:35:16.0907 0x0d4c BasicDisplay - ok
21:35:16.0911 0x0d4c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:35:16.0922 0x0d4c BasicRender - ok
21:35:16.0926 0x0d4c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
21:35:16.0932 0x0d4c bcmfn2 - ok
21:35:16.0942 0x0d4c [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:35:16.0961 0x0d4c BDESVC - ok
21:35:16.0964 0x0d4c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:35:16.0977 0x0d4c Beep - ok
21:35:16.0997 0x0d4c [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
21:35:17.0025 0x0d4c BFE - ok
21:35:17.0049 0x0d4c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
21:35:17.0081 0x0d4c BITS - ok
21:35:17.0095 0x0d4c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:35:17.0109 0x0d4c Bonjour Service - ok
21:35:17.0114 0x0d4c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:35:17.0127 0x0d4c bowser - ok
21:35:17.0136 0x0d4c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:35:17.0153 0x0d4c BrokerInfrastructure - ok
21:35:17.0159 0x0d4c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
21:35:17.0173 0x0d4c Browser - ok
21:35:17.0176 0x0d4c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:35:17.0187 0x0d4c BthAvrcpTg - ok
21:35:17.0192 0x0d4c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:35:17.0203 0x0d4c BthHFEnum - ok
21:35:17.0207 0x0d4c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:35:17.0217 0x0d4c bthhfhid - ok
21:35:17.0228 0x0d4c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
21:35:17.0245 0x0d4c BthHFSrv - ok
21:35:17.0250 0x0d4c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:35:17.0261 0x0d4c BTHMODEM - ok
21:35:17.0267 0x0d4c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
21:35:17.0280 0x0d4c bthserv - ok
21:35:17.0285 0x0d4c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:35:17.0298 0x0d4c cdfs - ok
21:35:17.0305 0x0d4c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:35:17.0318 0x0d4c cdrom - ok
21:35:17.0323 0x0d4c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:35:17.0338 0x0d4c CertPropSvc - ok
21:35:17.0342 0x0d4c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:35:17.0353 0x0d4c circlass - ok
21:35:17.0363 0x0d4c [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:35:17.0380 0x0d4c CLFS - ok
21:35:17.0388 0x0d4c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:35:17.0398 0x0d4c CmBatt - ok
21:35:17.0413 0x0d4c [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:35:17.0435 0x0d4c CNG - ok
21:35:17.0440 0x0d4c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
21:35:17.0451 0x0d4c CompositeBus - ok
21:35:17.0453 0x0d4c COMSysApp - ok
21:35:17.0456 0x0d4c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:35:17.0469 0x0d4c condrv - ok
21:35:17.0476 0x0d4c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:35:17.0492 0x0d4c CryptSvc - ok
21:35:17.0507 0x0d4c [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\WINDOWS\system32\drivers\csc.sys
21:35:17.0529 0x0d4c CSC - ok
21:35:17.0549 0x0d4c [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\WINDOWS\System32\cscsvc.dll
21:35:17.0575 0x0d4c CscService - ok
21:35:17.0579 0x0d4c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
21:35:17.0589 0x0d4c dam - ok
21:35:17.0610 0x0d4c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:35:17.0640 0x0d4c DcomLaunch - ok
21:35:17.0655 0x0d4c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:35:17.0677 0x0d4c defragsvc - ok
21:35:17.0689 0x0d4c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:35:17.0707 0x0d4c DeviceAssociationService - ok
21:35:17.0713 0x0d4c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:35:17.0729 0x0d4c DeviceInstall - ok
21:35:17.0735 0x0d4c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:35:17.0749 0x0d4c Dfsc - ok
21:35:17.0759 0x0d4c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:35:17.0778 0x0d4c Dhcp - ok
21:35:17.0809 0x0d4c [ 9703EC57F5BBB94F89CA80A5D0C12221, 29639F73AA86AA42401A1DB0AF4E76012E617879EC03AD7591210164BA105EBF ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
21:35:17.0849 0x0d4c DiagTrack - ok
21:35:17.0856 0x0d4c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
21:35:17.0866 0x0d4c disk - ok
21:35:17.0870 0x0d4c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:35:17.0882 0x0d4c dmvsc - ok
21:35:17.0890 0x0d4c [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:35:17.0905 0x0d4c Dnscache - ok
21:35:17.0913 0x0d4c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:35:17.0931 0x0d4c dot3svc - ok
21:35:17.0937 0x0d4c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
21:35:17.0952 0x0d4c DPS - ok
21:35:17.0955 0x0d4c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:35:17.0964 0x0d4c drmkaud - ok
21:35:17.0970 0x0d4c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:35:17.0985 0x0d4c DsmSvc - ok
21:35:18.0020 0x0d4c [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:35:18.0063 0x0d4c DXGKrnl - ok
21:35:18.0070 0x0d4c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
21:35:18.0085 0x0d4c Eaphost - ok
21:35:18.0158 0x0d4c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:35:18.0243 0x0d4c ebdrv - ok
21:35:18.0250 0x0d4c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
21:35:18.0261 0x0d4c EFS - ok
21:35:18.0266 0x0d4c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:35:18.0276 0x0d4c EhStorClass - ok
21:35:18.0281 0x0d4c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:35:18.0292 0x0d4c EhStorTcgDrv - ok
21:35:18.0295 0x0d4c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:35:18.0305 0x0d4c ErrDev - ok
21:35:18.0321 0x0d4c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
21:35:18.0343 0x0d4c EventSystem - ok
21:35:18.0350 0x0d4c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:35:18.0374 0x0d4c exfat - ok
21:35:18.0381 0x0d4c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:35:18.0395 0x0d4c fastfat - ok
21:35:18.0412 0x0d4c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
21:35:18.0437 0x0d4c Fax - ok
21:35:18.0441 0x0d4c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:35:18.0451 0x0d4c fdc - ok
21:35:18.0454 0x0d4c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:35:18.0466 0x0d4c fdPHost - ok
21:35:18.0469 0x0d4c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:35:18.0481 0x0d4c FDResPub - ok
21:35:18.0486 0x0d4c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:35:18.0501 0x0d4c fhsvc - ok
21:35:18.0505 0x0d4c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:35:18.0515 0x0d4c FileInfo - ok
21:35:18.0518 0x0d4c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:35:18.0533 0x0d4c Filetrace - ok
21:35:18.0536 0x0d4c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:35:18.0547 0x0d4c flpydisk - ok
21:35:18.0557 0x0d4c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:35:18.0574 0x0d4c FltMgr - ok
21:35:18.0607 0x0d4c [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
21:35:18.0646 0x0d4c FontCache - ok
21:35:18.0651 0x0d4c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:35:18.0659 0x0d4c FontCache3.0.0.0 - ok
21:35:18.0662 0x0d4c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:35:18.0672 0x0d4c FsDepends - ok
21:35:18.0675 0x0d4c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:35:18.0683 0x0d4c Fs_Rec - ok
21:35:18.0698 0x0d4c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:35:18.0720 0x0d4c fvevol - ok
21:35:18.0724 0x0d4c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
21:35:18.0734 0x0d4c FxPPM - ok
21:35:18.0737 0x0d4c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
21:35:18.0746 0x0d4c gagp30kx - ok
21:35:18.0750 0x0d4c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:35:18.0756 0x0d4c GEARAspiWDM - ok
21:35:18.0759 0x0d4c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:35:18.0769 0x0d4c gencounter - ok
21:35:18.0774 0x0d4c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:35:18.0786 0x0d4c GPIOClx0101 - ok
21:35:18.0817 0x0d4c [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:35:18.0854 0x0d4c gpsvc - ok
21:35:18.0861 0x0d4c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:18.0868 0x0d4c gupdate - ok
21:35:18.0872 0x0d4c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:18.0879 0x0d4c gupdatem - ok
21:35:18.0883 0x0d4c [ A9AA0EA98B6797B579060E846D859FA4, 6AD9B045D49AD6748AF67005D50D82F8D65C347AC1E4EBA3CBAB64B9EDD5FE2D ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
21:35:18.0890 0x0d4c Hamachi - ok
21:35:18.0903 0x0d4c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
21:35:18.0921 0x0d4c HdAudAddService - ok
21:35:18.0926 0x0d4c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:35:18.0937 0x0d4c HDAudBus - ok
21:35:18.0941 0x0d4c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:35:18.0951 0x0d4c HidBatt - ok
21:35:18.0956 0x0d4c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:35:18.0969 0x0d4c HidBth - ok
21:35:18.0973 0x0d4c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:35:18.0984 0x0d4c hidi2c - ok
21:35:18.0987 0x0d4c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:35:18.0998 0x0d4c HidIr - ok
21:35:19.0002 0x0d4c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
21:35:19.0014 0x0d4c hidserv - ok
21:35:19.0018 0x0d4c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:35:19.0028 0x0d4c HidUsb - ok
21:35:19.0033 0x0d4c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
21:35:19.0047 0x0d4c hkmsvc - ok
21:35:19.0056 0x0d4c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:35:19.0072 0x0d4c HomeGroupListener - ok
21:35:19.0084 0x0d4c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:35:19.0105 0x0d4c HomeGroupProvider - ok
21:35:19.0109 0x0d4c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:35:19.0118 0x0d4c HpSAMD - ok
21:35:19.0141 0x0d4c [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:35:19.0172 0x0d4c HTTP - ok
21:35:19.0176 0x0d4c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:35:19.0185 0x0d4c hwpolicy - ok
21:35:19.0188 0x0d4c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:35:19.0198 0x0d4c hyperkbd - ok
21:35:19.0201 0x0d4c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:35:19.0211 0x0d4c HyperVideo - ok
21:35:19.0217 0x0d4c [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:35:19.0230 0x0d4c i8042prt - ok
21:35:19.0234 0x0d4c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:35:19.0240 0x0d4c iaLPSSi_GPIO - ok
21:35:19.0245 0x0d4c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:35:19.0253 0x0d4c iaLPSSi_I2C - ok
21:35:19.0270 0x0d4c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
21:35:19.0289 0x0d4c iaStorAV - ok
21:35:19.0301 0x0d4c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:35:19.0318 0x0d4c iaStorV - ok
21:35:19.0322 0x0d4c IEEtwCollectorService - ok
21:35:19.0348 0x0d4c [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:35:19.0380 0x0d4c IKEEXT - ok
21:35:19.0386 0x0d4c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:35:19.0394 0x0d4c intelide - ok
21:35:19.0398 0x0d4c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
21:35:19.0407 0x0d4c intelpep - ok
21:35:19.0412 0x0d4c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:35:19.0423 0x0d4c intelppm - ok
21:35:19.0427 0x0d4c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:35:19.0443 0x0d4c IpFilterDriver - ok
21:35:19.0465 0x0d4c [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:35:19.0494 0x0d4c iphlpsvc - ok
21:35:19.0500 0x0d4c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:35:19.0516 0x0d4c IPMIDRV - ok
21:35:19.0521 0x0d4c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:35:19.0536 0x0d4c IPNAT - ok
21:35:19.0558 0x0d4c [ 6E50CFA46527B39015B750AAD161C5CC, 93F99EF7771C56EBE41FBC0C668F686644FBDF94E31456D3F5A9A8AE2F70EAB6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:35:19.0581 0x0d4c iPod Service - ok
21:35:19.0585 0x0d4c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:35:19.0597 0x0d4c IRENUM - ok
21:35:19.0601 0x0d4c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:35:19.0609 0x0d4c isapnp - ok
21:35:19.0619 0x0d4c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:35:19.0641 0x0d4c iScsiPrt - ok
21:35:19.0645 0x0d4c [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:35:19.0655 0x0d4c kbdclass - ok
21:35:19.0658 0x0d4c [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:35:19.0668 0x0d4c kbdhid - ok
21:35:19.0671 0x0d4c [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
21:35:19.0680 0x0d4c kbldfltr - ok
21:35:19.0683 0x0d4c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
21:35:19.0693 0x0d4c kdnic - ok
21:35:19.0696 0x0d4c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
21:35:19.0707 0x0d4c KeyIso - ok
21:35:19.0712 0x0d4c [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:35:19.0722 0x0d4c KSecDD - ok
21:35:19.0728 0x0d4c [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:35:19.0740 0x0d4c KSecPkg - ok
21:35:19.0743 0x0d4c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:35:19.0754 0x0d4c ksthunk - ok
21:35:19.0764 0x0d4c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:35:19.0783 0x0d4c KtmRm - ok
21:35:19.0792 0x0d4c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:35:19.0811 0x0d4c LanmanServer - ok
21:35:19.0820 0x0d4c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:35:19.0839 0x0d4c LanmanWorkstation - ok
21:35:19.0853 0x0d4c [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
21:35:19.0876 0x0d4c lfsvc - ok
21:35:19.0880 0x0d4c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:35:19.0894 0x0d4c lltdio - ok
21:35:19.0902 0x0d4c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:35:19.0919 0x0d4c lltdsvc - ok
21:35:19.0922 0x0d4c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:35:19.0935 0x0d4c lmhosts - ok
21:35:19.0941 0x0d4c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:35:19.0952 0x0d4c LSI_SAS - ok
21:35:19.0956 0x0d4c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:35:19.0966 0x0d4c LSI_SAS2 - ok
21:35:19.0970 0x0d4c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
21:35:19.0980 0x0d4c LSI_SAS3 - ok
21:35:19.0984 0x0d4c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:35:19.0994 0x0d4c LSI_SSS - ok
21:35:20.0013 0x0d4c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
21:35:20.0040 0x0d4c LSM - ok
21:35:20.0046 0x0d4c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:35:20.0060 0x0d4c luafv - ok
21:35:20.0064 0x0d4c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:35:20.0073 0x0d4c megasas - ok
21:35:20.0088 0x0d4c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
21:35:20.0110 0x0d4c megasr - ok
21:35:20.0114 0x0d4c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
21:35:20.0128 0x0d4c MMCSS - ok
21:35:20.0132 0x0d4c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:35:20.0144 0x0d4c Modem - ok
21:35:20.0148 0x0d4c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
21:35:20.0158 0x0d4c monitor - ok
21:35:20.0162 0x0d4c [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:35:20.0172 0x0d4c mouclass - ok
21:35:20.0175 0x0d4c [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:35:20.0186 0x0d4c mouhid - ok
21:35:20.0190 0x0d4c [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:35:20.0201 0x0d4c mountmgr - ok
21:35:20.0205 0x0d4c [ C61EE1594B023725B77915F79E656618, A4AD1952E16C7D2A5BC03E6C339BE0B08165A3231443B6A883E5868FBE13E31F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:35:20.0214 0x0d4c MozillaMaintenance - ok
21:35:20.0218 0x0d4c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:35:20.0230 0x0d4c mpsdrv - ok
21:35:20.0250 0x0d4c [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:35:20.0278 0x0d4c MpsSvc - ok
21:35:20.0285 0x0d4c [ 9054B51D656282CFF395F9F22E369DCC, 26ED08ADCEA48FC263AE58525B9FB7ED47DE58FD0E09BB89EC60EB68A265BDBF ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
21:35:20.0301 0x0d4c MQAC - ok
21:35:20.0307 0x0d4c [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:35:20.0320 0x0d4c MRxDAV - ok
21:35:20.0331 0x0d4c [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:35:20.0350 0x0d4c mrxsmb - ok
21:35:20.0359 0x0d4c [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:35:20.0376 0x0d4c mrxsmb10 - ok
21:35:20.0383 0x0d4c [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:35:20.0396 0x0d4c mrxsmb20 - ok
21:35:20.0402 0x0d4c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
21:35:20.0414 0x0d4c MsBridge - ok
21:35:20.0420 0x0d4c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:35:20.0434 0x0d4c MSDTC - ok
21:35:20.0439 0x0d4c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:35:20.0451 0x0d4c Msfs - ok
21:35:20.0455 0x0d4c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:35:20.0464 0x0d4c msgpiowin32 - ok
21:35:20.0467 0x0d4c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:35:20.0478 0x0d4c mshidkmdf - ok
21:35:20.0480 0x0d4c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:35:20.0491 0x0d4c mshidumdf - ok
21:35:20.0494 0x0d4c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:35:20.0503 0x0d4c msisadrv - ok
21:35:20.0509 0x0d4c [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:35:20.0523 0x0d4c MSiSCSI - ok
21:35:20.0525 0x0d4c msiserver - ok
21:35:20.0529 0x0d4c [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
21:35:20.0541 0x0d4c MsKeyboardFilter - ok
21:35:20.0544 0x0d4c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:35:20.0554 0x0d4c MSKSSRV - ok
21:35:20.0558 0x0d4c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
21:35:20.0570 0x0d4c MsLldp - ok
21:35:20.0573 0x0d4c [ 8DB47E205BB11C2B9A9949DF369ADBCF, 93A6D757C7BFD9E18065B4B52E9DD382F2FAE8683DE290AE2DD2A0D9E82459A3 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
21:35:20.0585 0x0d4c MSMQ - ok
21:35:20.0587 0x0d4c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:35:20.0598 0x0d4c MSPCLOCK - ok
21:35:20.0600 0x0d4c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:35:20.0611 0x0d4c MSPQM - ok
21:35:20.0621 0x0d4c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:35:20.0637 0x0d4c MsRPC - ok
21:35:20.0642 0x0d4c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:35:20.0651 0x0d4c mssmbios - ok
21:35:20.0653 0x0d4c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:35:20.0664 0x0d4c MSTEE - ok
21:35:20.0667 0x0d4c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:35:20.0677 0x0d4c MTConfig - ok
21:35:20.0681 0x0d4c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:35:20.0691 0x0d4c Mup - ok
21:35:20.0695 0x0d4c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:35:20.0704 0x0d4c mvumis - ok
21:35:20.0716 0x0d4c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
21:35:20.0737 0x0d4c napagent - ok
21:35:20.0748 0x0d4c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:35:20.0767 0x0d4c NativeWifiP - ok
21:35:20.0774 0x0d4c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:35:20.0789 0x0d4c NcaSvc - ok
21:35:20.0795 0x0d4c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
21:35:20.0810 0x0d4c NcbService - ok
21:35:20.0814 0x0d4c [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:35:20.0828 0x0d4c NcdAutoSetup - ok
21:35:20.0854 0x0d4c [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:35:20.0888 0x0d4c NDIS - ok
21:35:20.0893 0x0d4c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:35:20.0904 0x0d4c NdisCap - ok
21:35:20.0909 0x0d4c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
21:35:20.0922 0x0d4c NdisImPlatform - ok
21:35:20.0926 0x0d4c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:35:20.0937 0x0d4c NdisTapi - ok
21:35:20.0941 0x0d4c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:35:20.0953 0x0d4c Ndisuio - ok
21:35:20.0956 0x0d4c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:35:20.0968 0x0d4c NdisVirtualBus - ok
21:35:20.0975 0x0d4c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:35:20.0991 0x0d4c NdisWan - ok
21:35:20.0997 0x0d4c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:35:21.0013 0x0d4c NdisWanLegacy - ok
21:35:21.0017 0x0d4c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:35:21.0029 0x0d4c NDProxy - ok
21:35:21.0033 0x0d4c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:35:21.0046 0x0d4c Ndu - ok
21:35:21.0050 0x0d4c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:35:21.0061 0x0d4c NetBIOS - ok
21:35:21.0069 0x0d4c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:35:21.0086 0x0d4c NetBT - ok
21:35:21.0090 0x0d4c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
21:35:21.0101 0x0d4c Netlogon - ok
21:35:21.0109 0x0d4c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
21:35:21.0126 0x0d4c Netman - ok
21:35:21.0131 0x0d4c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:21.0143 0x0d4c NetMsmqActivator - ok
21:35:21.0147 0x0d4c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:21.0158 0x0d4c NetPipeActivator - ok
21:35:21.0172 0x0d4c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:35:21.0195 0x0d4c netprofm - ok
21:35:21.0201 0x0d4c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:21.0211 0x0d4c NetTcpPortSharing - ok
21:35:21.0216 0x0d4c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
21:35:21.0229 0x0d4c netvsc - ok
21:35:21.0479 0x0d4c [ 5C9EBAFF9502A94D8A6820ECA0997265, 9D26266301D2F79AF8E5903454868A0F72E2F9225210A1F80DCF15B87D876B1B ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
21:35:21.0712 0x0d4c NIHardwareService - ok
21:35:21.0735 0x0d4c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:35:21.0756 0x0d4c NlaSvc - ok
21:35:21.0759 0x0d4c [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\WINDOWS\system32\drivers\npf.sys
21:35:21.0766 0x0d4c npf - ok
21:35:21.0770 0x0d4c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:35:21.0783 0x0d4c Npfs - ok
21:35:21.0786 0x0d4c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:35:21.0797 0x0d4c npsvctrig - ok
21:35:21.0801 0x0d4c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
21:35:21.0815 0x0d4c nsi - ok
21:35:21.0818 0x0d4c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:35:21.0829 0x0d4c nsiproxy - ok
21:35:21.0876 0x0d4c [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:35:21.0930 0x0d4c Ntfs - ok
21:35:21.0935 0x0d4c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
21:35:21.0946 0x0d4c Null - ok
21:35:21.0952 0x0d4c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:35:21.0963 0x0d4c nvraid - ok
21:35:21.0970 0x0d4c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:35:21.0981 0x0d4c nvstor - ok
21:35:21.0987 0x0d4c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
21:35:21.0998 0x0d4c nv_agp - ok
21:35:22.0009 0x0d4c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:35:22.0030 0x0d4c p2pimsvc - ok
21:35:22.0042 0x0d4c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:35:22.0063 0x0d4c p2psvc - ok
21:35:22.0069 0x0d4c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:35:22.0081 0x0d4c Parport - ok
21:35:22.0086 0x0d4c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:35:22.0096 0x0d4c partmgr - ok
21:35:22.0108 0x0d4c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:35:22.0129 0x0d4c PcaSvc - ok
21:35:22.0141 0x0d4c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
21:35:22.0155 0x0d4c pci - ok
21:35:22.0159 0x0d4c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:35:22.0167 0x0d4c pciide - ok
21:35:22.0173 0x0d4c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:35:22.0184 0x0d4c pcmcia - ok
21:35:22.0187 0x0d4c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:35:22.0196 0x0d4c pcw - ok
21:35:22.0201 0x0d4c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:35:22.0211 0x0d4c pdc - ok
21:35:22.0227 0x0d4c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:35:22.0251 0x0d4c PEAUTH - ok
21:35:22.0301 0x0d4c [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
21:35:22.0351 0x0d4c PeerDistSvc - ok
21:35:22.0382 0x0d4c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:35:22.0398 0x0d4c PerfHost - ok
21:35:22.0445 0x0d4c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
21:35:22.0476 0x0d4c pla - ok
21:35:22.0492 0x0d4c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:35:22.0507 0x0d4c PlugPlay - ok
21:35:22.0507 0x0d4c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:35:22.0523 0x0d4c PNRPAutoReg - ok
21:35:22.0523 0x0d4c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:35:22.0539 0x0d4c PNRPsvc - ok
21:35:22.0554 0x0d4c [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:35:22.0570 0x0d4c PolicyAgent - ok
21:35:22.0586 0x0d4c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
21:35:22.0601 0x0d4c Power - ok
21:35:22.0664 0x0d4c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:35:22.0726 0x0d4c PrintNotify - ok
21:35:22.0742 0x0d4c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:35:22.0742 0x0d4c Processor - ok
21:35:22.0757 0x0d4c [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:35:22.0773 0x0d4c ProfSvc - ok
21:35:22.0773 0x0d4c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
21:35:22.0789 0x0d4c Psched - ok
21:35:22.0804 0x0d4c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
21:35:22.0820 0x0d4c QWAVE - ok
21:35:22.0820 0x0d4c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:35:22.0836 0x0d4c QWAVEdrv - ok
21:35:22.0836 0x0d4c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:35:22.0851 0x0d4c RasAcd - ok
21:35:22.0851 0x0d4c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:35:22.0867 0x0d4c RasAuto - ok
21:35:22.0882 0x0d4c [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:35:22.0898 0x0d4c RasMan - ok
21:35:22.0914 0x0d4c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:35:22.0914 0x0d4c RasPppoe - ok
21:35:22.0929 0x0d4c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:35:22.0961 0x0d4c rdbss - ok
21:35:22.0961 0x0d4c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:35:22.0976 0x0d4c rdpbus - ok
21:35:22.0976 0x0d4c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:35:22.0992 0x0d4c RDPDR - ok
21:35:22.0992 0x0d4c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:35:23.0007 0x0d4c RdpVideoMiniport - ok
21:35:23.0007 0x0d4c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:35:23.0023 0x0d4c rdyboost - ok
21:35:23.0054 0x0d4c [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
21:35:23.0070 0x0d4c ReFS - ok
21:35:23.0086 0x0d4c [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:35:23.0101 0x0d4c RemoteAccess - ok
21:35:23.0101 0x0d4c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:35:23.0117 0x0d4c RemoteRegistry - ok
21:35:23.0132 0x0d4c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:35:23.0148 0x0d4c RpcEptMapper - ok
21:35:23.0148 0x0d4c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
21:35:23.0164 0x0d4c RpcLocator - ok
21:35:23.0179 0x0d4c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:35:23.0211 0x0d4c RpcSs - ok
21:35:23.0211 0x0d4c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:35:23.0226 0x0d4c rspndr - ok
21:35:23.0242 0x0d4c [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
21:35:23.0257 0x0d4c RTL8168 - ok
21:35:23.0257 0x0d4c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:35:23.0273 0x0d4c s3cap - ok
21:35:23.0273 0x0d4c [ E92EFA4A9287B1D4C65C13401CC2F891, 39659347BBE5DFD4CA1A8EA77C04492117E9DBE8E93633C25FFA4BA18FF02427 ] Saffire C:\WINDOWS\System32\Drivers\Saffire.sys
21:35:23.0289 0x0d4c Saffire - ok
21:35:23.0289 0x0d4c [ 0334399C48FB1A8E24FABFD719D07D78, DB1C685AD99B8999E47F5CE265CD0C00D41816A6DFABEB22C0F6D6B8F8DC3836 ] SaffireAudio C:\WINDOWS\system32\drivers\SaffireAudio.sys
21:35:23.0304 0x0d4c SaffireAudio - ok
21:35:23.0304 0x0d4c [ AB6946AE88816A0A7729A3DA0B47B4D1, BB85E9A2880CAC26290F5D978249D9882B304A9F38350CAFD7E689D7A7D9A472 ] SaffireMidi C:\WINDOWS\system32\drivers\SaffireMidi.sys
21:35:23.0304 0x0d4c SaffireMidi - ok
21:35:23.0320 0x0d4c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
21:35:23.0320 0x0d4c SamSs - ok
21:35:23.0336 0x0d4c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:35:23.0336 0x0d4c sbp2port - ok
21:35:23.0351 0x0d4c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:35:23.0367 0x0d4c SCardSvr - ok
21:35:23.0367 0x0d4c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
21:35:23.0382 0x0d4c ScDeviceEnum - ok
21:35:23.0382 0x0d4c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:35:23.0398 0x0d4c scfilter - ok
21:35:23.0429 0x0d4c [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:35:23.0461 0x0d4c Schedule - ok
21:35:23.0476 0x0d4c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:35:23.0476 0x0d4c SCPolicySvc - ok
21:35:23.0492 0x0d4c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:35:23.0507 0x0d4c sdbus - ok
21:35:23.0507 0x0d4c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:35:23.0523 0x0d4c sdstor - ok
21:35:23.0523 0x0d4c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
21:35:23.0539 0x0d4c secdrv - ok
21:35:23.0539 0x0d4c [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
21:35:23.0554 0x0d4c seclogon - ok
21:35:23.0554 0x0d4c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
21:35:23.0570 0x0d4c SENS - ok
21:35:23.0586 0x0d4c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:35:23.0601 0x0d4c SensrSvc - ok
21:35:23.0601 0x0d4c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:35:23.0617 0x0d4c SerCx - ok
21:35:23.0617 0x0d4c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
21:35:23.0632 0x0d4c SerCx2 - ok
21:35:23.0632 0x0d4c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:35:23.0648 0x0d4c Serenum - ok
21:35:23.0648 0x0d4c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:35:23.0664 0x0d4c Serial - ok
21:35:23.0664 0x0d4c [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:35:23.0679 0x0d4c sermouse - ok
21:35:23.0679 0x0d4c [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:35:23.0711 0x0d4c SessionEnv - ok
21:35:23.0711 0x0d4c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:35:23.0726 0x0d4c sfloppy - ok
21:35:23.0742 0x0d4c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:35:23.0757 0x0d4c SharedAccess - ok
21:35:23.0773 0x0d4c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:35:23.0804 0x0d4c ShellHWDetection - ok
21:35:23.0804 0x0d4c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:35:23.0804 0x0d4c SiSRaid2 - ok
21:35:23.0820 0x0d4c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:35:23.0820 0x0d4c SiSRaid4 - ok
21:35:23.0851 0x0d4c [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate F:\Programme\skype\Updater\Updater.exe
21:35:23.0867 0x0d4c SkypeUpdate - ok
21:35:23.0867 0x0d4c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
21:35:23.0882 0x0d4c smphost - ok
21:35:23.0882 0x0d4c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:35:23.0898 0x0d4c SNMPTRAP - ok
21:35:23.0914 0x0d4c [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:35:23.0929 0x0d4c spaceport - ok
21:35:23.0929 0x0d4c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:35:23.0945 0x0d4c SpbCx - ok
21:35:23.0961 0x0d4c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:35:23.0992 0x0d4c Spooler - ok
21:35:24.0132 0x0d4c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:35:24.0289 0x0d4c sppsvc - ok
21:35:24.0304 0x0d4c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:35:24.0336 0x0d4c srv - ok
21:35:24.0351 0x0d4c [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:35:24.0367 0x0d4c srv2 - ok
21:35:24.0383 0x0d4c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:35:24.0398 0x0d4c srvnet - ok
21:35:24.0414 0x0d4c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:35:24.0429 0x0d4c SSDPSRV - ok
21:35:24.0429 0x0d4c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:35:24.0445 0x0d4c SstpSvc - ok
21:35:24.0461 0x0d4c [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:35:24.0492 0x0d4c Steam Client Service - ok
21:35:24.0492 0x0d4c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:35:24.0508 0x0d4c stexstor - ok
21:35:24.0523 0x0d4c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:35:24.0539 0x0d4c stisvc - ok
21:35:24.0554 0x0d4c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:35:24.0570 0x0d4c storahci - ok
21:35:24.0570 0x0d4c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
21:35:24.0570 0x0d4c storflt - ok
21:35:24.0586 0x0d4c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
21:35:24.0586 0x0d4c stornvme - ok
21:35:24.0586 0x0d4c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:35:24.0601 0x0d4c StorSvc - ok
21:35:24.0617 0x0d4c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:35:24.0617 0x0d4c storvsc - ok
21:35:24.0617 0x0d4c [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
21:35:24.0633 0x0d4c storvsp - ok
21:35:24.0633 0x0d4c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
21:35:24.0648 0x0d4c svsvc - ok
21:35:24.0648 0x0d4c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
21:35:24.0664 0x0d4c swenum - ok
21:35:24.0679 0x0d4c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:35:24.0695 0x0d4c SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:35:27.0274 0x0d4c Detect skipped due to KSN trusted
21:35:27.0274 0x0d4c SwitchBoard - ok
21:35:27.0289 0x0d4c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
21:35:27.0321 0x0d4c swprv - ok
21:35:27.0352 0x0d4c [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
21:35:27.0383 0x0d4c SysMain - ok
21:35:27.0399 0x0d4c [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:35:27.0414 0x0d4c SystemEventsBroker - ok
21:35:27.0414 0x0d4c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:35:27.0430 0x0d4c TabletInputService - ok
21:35:27.0446 0x0d4c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:35:27.0461 0x0d4c TapiSrv - ok
21:35:27.0524 0x0d4c [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:35:27.0586 0x0d4c Tcpip - ok
21:35:27.0649 0x0d4c [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:35:27.0711 0x0d4c TCPIP6 - ok
21:35:27.0711 0x0d4c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:35:27.0727 0x0d4c tcpipreg - ok
21:35:27.0727 0x0d4c [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:35:27.0742 0x0d4c tdx - ok
21:35:27.0742 0x0d4c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:35:27.0758 0x0d4c terminpt - ok
21:35:27.0789 0x0d4c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
21:35:27.0821 0x0d4c TermService - ok
21:35:27.0821 0x0d4c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
21:35:27.0836 0x0d4c Themes - ok
21:35:27.0836 0x0d4c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
21:35:27.0852 0x0d4c THREADORDER - ok
21:35:27.0867 0x0d4c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
21:35:27.0883 0x0d4c TimeBroker - ok
21:35:27.0883 0x0d4c [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
21:35:27.0899 0x0d4c TPM - ok
21:35:27.0899 0x0d4c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:35:27.0914 0x0d4c TrkWks - ok
21:35:27.0930 0x0d4c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:35:27.0946 0x0d4c TrustedInstaller - ok
21:35:27.0946 0x0d4c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
21:35:27.0961 0x0d4c TsUsbFlt - ok
21:35:27.0961 0x0d4c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:35:27.0977 0x0d4c TsUsbGD - ok
21:35:27.0977 0x0d4c [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:35:27.0992 0x0d4c tunnel - ok
21:35:27.0992 0x0d4c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
21:35:28.0008 0x0d4c uagp35 - ok
21:35:28.0008 0x0d4c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:35:28.0024 0x0d4c UASPStor - ok
21:35:28.0024 0x0d4c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
21:35:28.0039 0x0d4c UCX01000 - ok
21:35:28.0039 0x0d4c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:35:28.0055 0x0d4c udfs - ok
21:35:28.0071 0x0d4c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
21:35:28.0071 0x0d4c UEFI - ok
21:35:28.0086 0x0d4c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:35:28.0086 0x0d4c UI0Detect - ok
21:35:28.0102 0x0d4c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
21:35:28.0102 0x0d4c uliagpkx - ok
21:35:28.0117 0x0d4c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:35:28.0117 0x0d4c umbus - ok
21:35:28.0117 0x0d4c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:35:28.0133 0x0d4c UmPass - ok
21:35:28.0149 0x0d4c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:35:28.0164 0x0d4c UmRdpService - ok
21:35:28.0180 0x0d4c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:35:28.0196 0x0d4c upnphost - ok
21:35:28.0196 0x0d4c [ AF1B9474D67897D0C2CFF58E0ACEACCC, 5ED9836EC7BEEB6706C327EF199E9B674863ED8C83890DDE5E5A6554C2DA5288 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
21:35:28.0212 0x0d4c USBAAPL64 - ok
21:35:28.0212 0x0d4c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:35:28.0227 0x0d4c usbaudio - ok
21:35:28.0243 0x0d4c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:35:28.0243 0x0d4c usbccgp - ok
21:35:28.0258 0x0d4c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:35:28.0258 0x0d4c usbcir - ok
21:35:28.0274 0x0d4c [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:35:28.0274 0x0d4c usbehci - ok
21:35:28.0290 0x0d4c [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:35:28.0305 0x0d4c usbhub - ok
21:35:28.0321 0x0d4c [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:35:28.0352 0x0d4c USBHUB3 - ok
21:35:28.0352 0x0d4c [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:35:28.0368 0x0d4c usbohci - ok
21:35:28.0368 0x0d4c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:35:28.0383 0x0d4c usbprint - ok
21:35:28.0383 0x0d4c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:35:28.0399 0x0d4c USBSTOR - ok
21:35:28.0399 0x0d4c [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:35:28.0415 0x0d4c usbuhci - ok
21:35:28.0415 0x0d4c [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:35:28.0430 0x0d4c USBXHCI - ok
21:35:28.0446 0x0d4c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:35:28.0446 0x0d4c VaultSvc - ok
21:35:28.0446 0x0d4c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:35:28.0462 0x0d4c vdrvroot - ok
21:35:28.0493 0x0d4c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
21:35:28.0524 0x0d4c vds - ok
21:35:28.0540 0x0d4c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:35:28.0555 0x0d4c VerifierExt - ok
21:35:28.0571 0x0d4c [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:35:28.0587 0x0d4c vhdmp - ok
21:35:28.0587 0x0d4c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
21:35:28.0602 0x0d4c viaide - ok
21:35:28.0602 0x0d4c [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys
21:35:28.0618 0x0d4c Vid - ok
21:35:28.0633 0x0d4c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:35:28.0633 0x0d4c vmbus - ok
21:35:28.0633 0x0d4c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:35:28.0649 0x0d4c VMBusHID - ok
21:35:28.0649 0x0d4c [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
21:35:28.0665 0x0d4c vmbusr - ok
21:35:28.0680 0x0d4c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
21:35:28.0712 0x0d4c vmicguestinterface - ok
21:35:28.0712 0x0d4c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
21:35:28.0743 0x0d4c vmicheartbeat - ok
21:35:28.0758 0x0d4c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:35:28.0774 0x0d4c vmickvpexchange - ok
21:35:28.0790 0x0d4c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
21:35:28.0805 0x0d4c vmicrdv - ok
21:35:28.0821 0x0d4c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
21:35:28.0852 0x0d4c vmicshutdown - ok
21:35:28.0852 0x0d4c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
21:35:28.0883 0x0d4c vmictimesync - ok
21:35:28.0899 0x0d4c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
21:35:28.0915 0x0d4c vmicvss - ok
21:35:28.0915 0x0d4c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:35:28.0930 0x0d4c volmgr - ok
21:35:28.0946 0x0d4c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:35:28.0962 0x0d4c volmgrx - ok
21:35:28.0962 0x0d4c [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:35:28.0977 0x0d4c volsnap - ok
21:35:28.0993 0x0d4c [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:35:28.0993 0x0d4c vpci - ok
21:35:28.0993 0x0d4c [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
21:35:29.0008 0x0d4c vpcivsp - ok
21:35:29.0008 0x0d4c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:35:29.0024 0x0d4c vsmraid - ok
21:35:29.0055 0x0d4c [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
21:35:29.0102 0x0d4c VSS - ok
21:35:29.0118 0x0d4c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:35:29.0133 0x0d4c VSTXRAID - ok
21:35:29.0133 0x0d4c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:35:29.0149 0x0d4c vwifibus - ok
21:35:29.0149 0x0d4c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
21:35:29.0180 0x0d4c W32Time - ok
21:35:29.0180 0x0d4c [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
21:35:29.0196 0x0d4c w3logsvc - ok
21:35:29.0212 0x0d4c [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:35:29.0227 0x0d4c W3SVC - ok
21:35:29.0227 0x0d4c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:35:29.0243 0x0d4c WacomPen - ok
21:35:29.0259 0x0d4c [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:35:29.0274 0x0d4c WAS - ok
21:35:29.0305 0x0d4c [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
21:35:29.0352 0x0d4c wbengine - ok
21:35:29.0368 0x0d4c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:35:29.0384 0x0d4c WbioSrvc - ok
21:35:29.0399 0x0d4c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:35:29.0415 0x0d4c Wcmsvc - ok
21:35:29.0430 0x0d4c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:35:29.0462 0x0d4c wcncsvc - ok
21:35:29.0462 0x0d4c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:35:29.0477 0x0d4c WcsPlugInService - ok
21:35:29.0477 0x0d4c [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:35:29.0493 0x0d4c WdBoot - ok
21:35:29.0509 0x0d4c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:35:29.0524 0x0d4c Wdf01000 - ok
21:35:29.0540 0x0d4c [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:35:29.0555 0x0d4c WdFilter - ok
21:35:29.0555 0x0d4c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:35:29.0571 0x0d4c WdiServiceHost - ok
21:35:29.0571 0x0d4c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:35:29.0587 0x0d4c WdiSystemHost - ok
21:35:29.0602 0x0d4c [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:35:29.0602 0x0d4c WdNisDrv - ok
21:35:29.0602 0x0d4c WdNisSvc - ok
21:35:29.0618 0x0d4c [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:35:29.0634 0x0d4c WebClient - ok
21:35:29.0634 0x0d4c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:35:29.0665 0x0d4c Wecsvc - ok
21:35:29.0665 0x0d4c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
21:35:29.0680 0x0d4c WEPHOSTSVC - ok
21:35:29.0680 0x0d4c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:35:29.0696 0x0d4c wercplsupport - ok
21:35:29.0696 0x0d4c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:35:29.0712 0x0d4c WerSvc - ok
21:35:29.0727 0x0d4c [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
21:35:29.0727 0x0d4c WFPLWFS - ok
21:35:29.0743 0x0d4c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:35:29.0759 0x0d4c WiaRpc - ok
21:35:29.0759 0x0d4c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:35:29.0759 0x0d4c WIMMount - ok
21:35:29.0774 0x0d4c WinDefend - ok
21:35:29.0790 0x0d4c [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:35:29.0821 0x0d4c WinHttpAutoProxySvc - ok
21:35:29.0837 0x0d4c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:35:29.0852 0x0d4c Winmgmt - ok
21:35:29.0899 0x0d4c [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:35:29.0962 0x0d4c WinRM - ok
21:35:29.0977 0x0d4c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
21:35:29.0993 0x0d4c WinUsb - ok
21:35:30.0024 0x0d4c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:35:30.0071 0x0d4c WlanSvc - ok
21:35:30.0102 0x0d4c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:35:30.0149 0x0d4c wlidsvc - ok
21:35:30.0149 0x0d4c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:35:30.0165 0x0d4c WmiAcpi - ok
21:35:30.0180 0x0d4c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:35:30.0180 0x0d4c wmiApSrv - ok
21:35:30.0196 0x0d4c WMPNetworkSvc - ok
21:35:30.0196 0x0d4c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:35:30.0212 0x0d4c Wof - ok
21:35:30.0259 0x0d4c [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
21:35:30.0306 0x0d4c workfolderssvc - ok
21:35:30.0306 0x0d4c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:35:30.0321 0x0d4c wpcfltr - ok
21:35:30.0321 0x0d4c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
21:35:30.0337 0x0d4c WPCSvc - ok
21:35:30.0337 0x0d4c [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:35:30.0352 0x0d4c WPDBusEnum - ok
21:35:30.0352 0x0d4c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:35:30.0368 0x0d4c WpdUpFltr - ok
21:35:30.0368 0x0d4c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:35:30.0384 0x0d4c ws2ifsl - ok
21:35:30.0384 0x0d4c [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:35:30.0399 0x0d4c wscsvc - ok
21:35:30.0415 0x0d4c WSearch - ok
21:35:30.0477 0x0d4c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
21:35:30.0571 0x0d4c WSService - ok
21:35:30.0681 0x0d4c [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:35:30.0759 0x0d4c wuauserv - ok
21:35:30.0759 0x0d4c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:35:30.0774 0x0d4c WudfPf - ok
21:35:30.0790 0x0d4c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:35:30.0806 0x0d4c WUDFRd - ok
21:35:30.0806 0x0d4c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:35:30.0821 0x0d4c wudfsvc - ok
21:35:30.0837 0x0d4c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdComp C:\WINDOWS\System32\drivers\WUDFRd.sys
21:35:30.0837 0x0d4c WUDFWpdComp - ok
21:35:30.0852 0x0d4c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
21:35:30.0868 0x0d4c WUDFWpdFs - ok
21:35:30.0868 0x0d4c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
21:35:30.0884 0x0d4c WUDFWpdMtp - ok
21:35:30.0899 0x0d4c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:35:30.0915 0x0d4c WwanSvc - ok
21:35:30.0931 0x0d4c [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
21:35:30.0946 0x0d4c xusb22 - ok
21:35:30.0946 0x0d4c ================ Scan global ===============================
21:35:30.0946 0x0d4c [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
21:35:30.0962 0x0d4c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
21:35:30.0962 0x0d4c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
21:35:30.0977 0x0d4c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
21:35:30.0993 0x0d4c [ Global ] - ok
21:35:30.0993 0x0d4c ================ Scan MBR ==================================
21:35:30.0993 0x0d4c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:31.0087 0x0d4c \Device\Harddisk0\DR0 - ok
21:35:31.0087 0x0d4c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:35:31.0181 0x0d4c \Device\Harddisk1\DR1 - ok
21:35:31.0181 0x0d4c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:35:31.0243 0x0d4c \Device\Harddisk2\DR2 - ok
21:35:31.0243 0x0d4c ================ Scan VBR ==================================
21:35:31.0243 0x0d4c [ C7BE59F9F76BFC0814EE320BBECA48B3 ] \Device\Harddisk0\DR0\Partition1
21:35:31.0243 0x0d4c \Device\Harddisk0\DR0\Partition1 - ok
21:35:31.0243 0x0d4c [ ECCB2A5B59A5D8AF10DEBCC58478C404 ] \Device\Harddisk0\DR0\Partition2
21:35:31.0243 0x0d4c \Device\Harddisk0\DR0\Partition2 - ok
21:35:31.0243 0x0d4c [ A1C2C570600045AD6AC5537D4F2B47DC ] \Device\Harddisk1\DR1\Partition1
21:35:31.0306 0x0d4c \Device\Harddisk1\DR1\Partition1 - ok
21:35:31.0306 0x0d4c [ 50C225CB0AAC142BB7D831F8585971D5 ] \Device\Harddisk2\DR2\Partition1
21:35:31.0337 0x0d4c \Device\Harddisk2\DR2\Partition1 - ok
21:35:31.0337 0x0d4c ================ Scan generic autorun ======================
21:35:31.0337 0x0d4c [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:35:31.0353 0x0d4c AdobeAAMUpdater-1.0 - ok
21:35:31.0353 0x0d4c [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7, 51F3072F9AB9C6B8FF62731834530870A517F3099D1E94E8E2F953484B7A04FE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:35:31.0368 0x0d4c APSDaemon - ok
21:35:31.0384 0x0d4c [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC, 8BAD14D327C60B4CBC00278802A5F6453D641EFC2EF97D90E7AB579758DF7FFC ] F:\Programme\itunes\iTunesHelper.exe
21:35:31.0384 0x0d4c iTunesHelper - ok
21:35:31.0399 0x0d4c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:35:31.0415 0x0d4c SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:35:31.0415 0x0d4c Detect skipped due to KSN trusted
21:35:31.0415 0x0d4c SwitchBoard - ok
21:35:31.0462 0x0d4c [ E1636F57581CAB5D995FD54D2991EF57, BB6B3D005054D386D596A4BA4D9D2F1284D7C845C1CD5EE63775B4569559E0EB ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
21:35:31.0493 0x0d4c AdobeCS5.5ServiceManager - ok
21:35:31.0509 0x0d4c [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:35:31.0540 0x0d4c Adobe ARM - ok
21:35:31.0540 0x0d4c Waiting for KSN requests completion. In queue: 110
21:35:32.0556 0x0d4c Waiting for KSN requests completion. In queue: 110
21:35:33.0572 0x0d4c Waiting for KSN requests completion. In queue: 110
21:35:34.0572 0x0d4c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
21:35:34.0572 0x0d4c AV detected via SS2: avast! Antivirus, F:\Programme\avast\install\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
21:35:34.0588 0x0d4c Win FW state via NFP2: enabled
21:35:36.0994 0x0d4c ============================================================
21:35:36.0994 0x0d4c Scan finished
21:35:36.0994 0x0d4c ============================================================
21:35:36.0994 0x0d58 Detected object count: 0
21:35:36.0994 0x0d58 Actual detected object count: 0
Vielen Dank. |
|
09.06.2015, 20:04
| #4 |
| /// the machine /// TB-Ausbilder | Win 8.1 // DHL Statusreport Sendung Virus Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.06.2015, 07:50
| #5 |
| | Win 8.1 // DHL Statusreport Sendung Virus MBMA Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 09.06.2015 Suchlauf-Zeit: 21:43:56 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.09.05 Rootkit Datenbank: v2015.06.02.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Bobomb Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 491278 Verstrichene Zeit: 8 Min, 30 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Adw Cleaner Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 09/06/2015 um 21:57:58
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-09.1 [Server]
# Betriebssystem : Windows 8.1 Pro (x64)
# Benutzername : Bobomb - BOBOMB-PC
# Gestarted von : F:\Programme\virus\adw_cleaner\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\11-suche.xml
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v27.0.1 (de)
-\\ Google Chrome v43.0.2357.81
*************************
AdwCleaner[R0].txt - [1034 Bytes] - [09/06/2015 21:54:15]
AdwCleaner[S0].txt - [956 Bytes] - [09/06/2015 21:57:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1014 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.1 (06.08.2015:1)
OS: Windows 8.1 Pro x64
Ran by Bobomb on 09.06.2015 at 22:01:52,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2015 at 22:03:35,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.1 (06.08.2015:1)
OS: Windows 8.1 Pro x64
Ran by Bobomb on 09.06.2015 at 22:01:52,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Bobomb\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2015 at 22:03:35,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gruß Bobomb Ach mist. Falsches FRST Log-File. Muss ich heute Abend nochmal posten. Gerade noch @Work. Sorry. Gruß Bobomb |
|
11.06.2015, 06:17
| #6 |
| /// the machine /// TB-Ausbilder | Win 8.1 // DHL Statusreport Sendung Virus ok 
__________________ --> Win 8.1 // DHL Statusreport Sendung Virus |
|
11.06.2015, 21:07
| #7 |
| | Win 8.1 // DHL Statusreport Sendung Virus So jetzt aber. Kurze zwischenfrage. Kann man denn aus den vorgegangen Posts etwas feststellen? Ich habe mittlerweile so eine Vermutung, dass der Virus evtl. auf einem anderen Rechner drauf sein könnte. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015 Ran by Bobomb (administrator) on BOBOMB-PC on 11-06-2015 22:03:35 Running from F:\Programme\virus\frst Loaded Profiles: Bobomb (Available Profiles: Bobomb & DefaultAppPool) Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM GmbH) F:\Programme\fritz_powerline\PowerlineService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Malwarebytes Corporation) F:\Programme\virus\malewarbytes_antimaleware\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) F:\Programme\virus\malewarbytes_antimaleware\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes Corporation) F:\Programme\virus\malewarbytes_antimaleware\ Malwarebytes Anti-Malware \mbam.exe (Apple Inc.) F:\Programme\itunes\iTunesHelper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Inc.) F:\Programme\cs5.5\Acrobat 10.0\Acrobat\acrotray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Samsung Electronics.) F:\Treiber\samsung\Samsung Magician\Samsung Magician.exe (Mozilla Corporation) F:\Programme\firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => F:\Programme\itunes\iTunesHelper.exe [421776 2012-09-10] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-506915567-3553688366-1548111016-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-506915567-3553688366-1548111016-1000\...\MountPoints2: {c80a44fc-7d6a-11e4-be93-6cf04956b3bb} - "E:\Startme.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-506915567-3553688366-1548111016-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Programme\java\bin\ssv.dll [2014-09-02] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Programme\java\bin\jp2ssv.dll [2014-09-02] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Programme\java\bin\ssv.dll [2014-09-02] (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Programme\java\bin\jp2ssv.dll [2014-09-02] (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default FF NewTab: about:blank FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> F:\Programme\java\bin\dtplugin\npDeployJava1.dll [2014-09-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> F:\Programme\java\bin\plugin2\npjp2.dll [2014-09-02] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Programme\itunes\Mozilla Plugins\npitunes.dll [2012-08-08] () FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> F:\Programme\java\bin\dtplugin\npDeployJava1.dll [2014-09-02] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> F:\Programme\java\bin\plugin2\npjp2.dll [2014-09-02] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin HKU\S-1-5-21-506915567-3553688366-1548111016-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-10-01] () FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\englische-ergebnisse.xml [2014-07-26] FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\gmx-suche.xml [2014-07-26] FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\lastminute.xml [2014-07-26] FF SearchPlugin: C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\searchplugins\webde-suche.xml [2014-07-26] FF Extension: Avira Browser Safety - C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\Extensions\abs@avira.com [2015-06-09] FF Extension: Adblock Plus - C:\Users\Bobomb\AppData\Roaming\Mozilla\Firefox\Profiles\g41ig57k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - F:\Programme\cs5.5\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-15] StartMenuInternet: FIREFOX.EXE - F:\Programme\firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-09] CHR Extension: (Google Docs) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-09] CHR Extension: (Google Drive) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-09] CHR Extension: (YouTube) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-09] CHR Extension: (Google Search) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-09] CHR Extension: (Google Sheets) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-09] CHR Extension: (Avira Browser Safety) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-06-10] CHR Extension: (AdBlock) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-02] CHR Extension: (Bookmark Manager) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-10] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-10] CHR Extension: (Google Wallet) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-09] CHR Extension: (Gmail) - C:\Users\Bobomb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-09] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Bobomb\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-07-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVMPowerlineService; F:\Programme\fritz_powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [File not signed] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 MBAMScheduler; F:\Programme\virus\malewarbytes_antimaleware\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; F:\Programme\virus\malewarbytes_antimaleware\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-02-24] (Microsoft Corporation) S2 SkypeUpdate; F:\Programme\skype\Updater\Updater.exe [315488 2015-02-18] (Skype Technologies) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-02-24] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-02-24] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-11] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-02-24] (Microsoft Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [226768 2013-09-18] (Focusrite A.E.) R3 SaffireAudio; C:\Windows\system32\drivers\SaffireAudio.sys [47824 2013-09-18] (Focusrite A.E.) R3 SaffireMidi; C:\Windows\system32\drivers\SaffireMidi.sys [38352 2013-09-18] (Focusrite A.E.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation) U3 idsvc; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-09 22:03 - 2015-06-09 22:03 - 00001190 _____ C:\Users\Bobomb\Desktop\JRT.txt 2015-06-09 22:01 - 2015-06-09 22:01 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-BOBOMB-PC-Windows-8.1-Pro-(64-bit).dat 2015-06-09 22:01 - 2015-06-09 22:01 - 00000000 ____D C:\RegBackup 2015-06-09 21:54 - 2015-06-09 21:57 - 00000000 ____D C:\AdwCleaner 2015-06-09 21:15 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-06-09 21:15 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-06-09 21:03 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-06-09 21:03 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-09 21:03 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-06-09 21:03 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-06-09 21:03 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-09 21:03 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-09 21:03 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-06-09 21:03 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-06-09 21:03 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-06-09 21:03 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-06-09 21:03 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2015-06-09 21:03 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2015-06-09 21:03 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-06-09 21:03 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2015-06-09 21:03 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2015-06-09 21:03 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-06-09 21:03 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-06-09 21:03 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-06-09 21:03 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-06-09 21:03 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-06-09 21:03 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-06-09 21:03 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-06-09 21:03 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2015-06-09 21:03 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2015-06-09 21:03 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2015-06-09 21:03 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-06-09 21:03 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-06-09 21:03 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-06-09 21:03 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2015-06-09 21:03 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-06-09 21:03 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-06-09 21:03 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2015-06-09 21:03 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-06-09 21:03 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-06-09 21:03 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-06-09 21:03 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-06-09 21:03 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-06-09 21:03 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-06-09 21:03 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2015-06-09 21:03 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2015-06-09 21:02 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-09 21:02 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-06-09 21:02 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-09 21:02 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-06-09 21:02 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-09 21:02 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-06-09 21:02 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-09 21:02 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-06-09 21:02 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-06-09 21:02 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-06-09 21:02 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-06-09 21:02 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-09 21:02 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-06-09 21:02 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-09 21:02 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-06-09 21:02 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-06-09 21:02 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-06-09 21:02 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-06-09 21:02 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-06-09 21:02 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-06-09 21:02 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-06-09 21:02 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-06-09 21:02 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-06-09 21:02 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-06-09 21:02 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-06-09 21:02 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-06-09 21:02 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-06-09 21:02 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-06-09 21:02 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-06-09 21:02 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-06-09 21:02 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-06-09 21:02 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-06-09 21:02 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-06-08 21:24 - 2015-06-11 20:34 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-06-08 21:24 - 2015-06-09 21:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-08 21:24 - 2015-06-08 21:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-06-08 21:23 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-06-08 20:35 - 2015-06-08 20:35 - 00013367 _____ C:\Users\Bobomb\Desktop\Gmer.txt 2015-06-08 20:19 - 2015-06-08 20:27 - 00147288 _____ C:\Users\Bobomb\Desktop\Neues Textdokument.txt 2015-06-08 20:01 - 2015-06-11 22:03 - 00000000 ____D C:\FRST 2015-06-08 20:00 - 2015-06-08 20:00 - 00000000 _____ C:\Users\Bobomb\defogger_reenable 2015-06-07 23:30 - 2015-06-07 23:30 - 00278960 _____ C:\WINDOWS\Minidump\060715-10625-01.dmp 2015-06-05 18:19 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-06-05 18:19 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-06-05 18:19 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-06-05 18:19 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-06-05 18:19 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-06-05 18:19 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2015-06-05 18:19 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-06-05 18:19 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-06-03 19:08 - 2015-06-07 23:30 - 749613294 _____ C:\WINDOWS\MEMORY.DMP 2015-06-03 19:08 - 2015-06-03 19:08 - 00324848 _____ C:\WINDOWS\Minidump\060315-14843-01.dmp 2015-06-02 20:35 - 2015-06-02 20:35 - 00000000 ____D C:\Users\Bobomb\AppData\Local\GWX 2015-05-30 17:57 - 2015-06-09 21:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-05-14 16:31 - 2015-06-11 18:06 - 00007777 _____ C:\WINDOWS\setupact.log 2015-05-14 16:31 - 2015-06-09 21:58 - 00763632 _____ C:\WINDOWS\PFRO.log 2015-05-14 16:31 - 2015-05-14 16:31 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-05-13 20:30 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 20:30 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 20:22 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-05-13 20:22 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-05-13 20:22 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2015-05-13 20:22 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-05-13 20:22 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-05-13 20:22 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-05-13 20:22 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-05-13 20:22 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-05-13 20:22 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-05-13 20:22 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-05-13 20:22 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-05-13 20:22 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll 2015-05-13 20:22 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll 2015-05-13 20:22 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2015-05-13 20:22 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2015-05-13 20:22 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2015-05-13 20:22 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2015-05-13 20:22 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-05-13 20:22 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-05-13 20:22 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-05-13 20:22 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2015-05-13 20:22 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2015-05-13 20:22 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-05-13 20:22 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-05-13 20:22 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe 2015-05-13 20:22 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe 2015-05-13 20:22 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-05-13 20:22 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2015-05-13 20:22 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2015-05-13 20:22 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2015-05-13 20:22 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-05-13 20:22 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-05-13 20:22 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll 2015-05-13 20:21 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-05-13 20:21 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-05-13 20:21 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-05-13 20:21 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-05-13 20:20 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2015-05-13 20:20 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2015-05-13 20:15 - 2015-06-11 21:27 - 02004125 _____ C:\WINDOWS\WindowsUpdate.log ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-11 22:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-06-11 21:45 - 2014-09-09 20:04 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-11 21:21 - 2015-04-22 20:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-06-11 20:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-06-11 19:45 - 2014-09-09 20:04 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-11 17:58 - 2014-06-28 20:27 - 00000000 ____D C:\Users\Bobomb\AppData\Local\Adobe 2015-06-11 17:58 - 2013-11-14 09:26 - 02063924 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-06-11 17:58 - 2013-11-14 09:11 - 00876992 _____ C:\WINDOWS\system32\perfh007.dat 2015-06-11 17:58 - 2013-11-14 09:11 - 00201082 _____ C:\WINDOWS\system32\perfc007.dat 2015-06-11 17:54 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-06-11 17:54 - 2013-08-22 16:44 - 05346312 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-06-10 21:20 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-06-10 21:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-06-10 20:25 - 2014-02-24 16:26 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-506915567-3553688366-1548111016-1000 2015-06-10 19:46 - 2014-09-09 20:05 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-10 19:17 - 2014-02-24 16:41 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-06-10 19:17 - 2014-02-24 16:41 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-06-10 19:04 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-06-09 21:58 - 2014-05-23 22:11 - 00000000 ____D C:\ProgramData\AVAST Software 2015-06-09 21:43 - 2014-02-24 15:50 - 00000000 ____D C:\ProgramData\Package Cache 2015-06-09 21:21 - 2015-04-22 20:17 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-06-09 21:05 - 2014-02-24 21:04 - 00000000 ____D C:\Users\Bobomb 2015-06-08 18:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-06-07 23:37 - 2014-02-24 20:01 - 00000000 ____D C:\Users\Bobomb\AppData\Roaming\Skype 2015-06-07 23:30 - 2015-04-16 20:41 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-06-07 23:30 - 2014-12-03 20:55 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-06-07 23:30 - 2014-08-10 14:38 - 00000000 ____D C:\WINDOWS\Minidump 2015-06-07 23:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-06-03 20:13 - 2014-03-03 17:43 - 00000000 ____D C:\Users\Bobomb\Documents\Native Instruments 2015-06-03 19:08 - 2014-02-24 19:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-22 21:20 - 2015-04-13 21:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-05-22 21:20 - 2015-04-13 21:50 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-05-20 19:40 - 2014-09-09 20:04 - 00004110 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-20 19:40 - 2014-09-09 20:04 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-14 16:31 - 2014-06-28 20:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-05-14 16:31 - 2014-06-28 20:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-05-13 20:43 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-05-13 20:43 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2015-05-13 20:27 - 2014-06-28 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-13 20:26 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal 2015-05-12 22:26 - 2014-03-10 14:40 - 00000695 _____ C:\Users\Public\Desktop\CCleaner.lnk ==================== Files in the root of some directories ======= 2014-06-25 18:34 - 2015-04-29 22:01 - 0001456 _____ () C:\Users\Bobomb\AppData\Local\Adobe Für Web speichern 12.0 Prefs 2014-02-24 15:57 - 2014-11-24 02:48 - 0007597 _____ () C:\Users\Bobomb\AppData\Local\resmon.resmoncfg Some files in TEMP: ==================== C:\Users\Bobomb\AppData\Local\Temp\avgnt.exe C:\Users\Bobomb\AppData\Local\Temp\Quarantine.exe C:\Users\Bobomb\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-08 18:29 ==================== End of log ============================ |
|
12.06.2015, 17:46
| #8 |
| /// the machine /// TB-Ausbilder | Win 8.1 // DHL Statusreport Sendung Virus Wir haben hier auf jeden Fall Sachen entfernt. Wir können aber den andern auch kontrollieren ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 8.1 // DHL Statusreport Sendung Virus |
| .dll, adobe, adware, antivirus, avast, bonjour, browser, cpu, cubase, cyanogen, defender, desktop, dhl sendungsstatus, e-mail, explorer, firefox, firefox 38.0.5, flash player, homepage, mailer deamon, maleware, mozilla, newtab, ohne befund, registry, scan, security, software, spark, system, trojaner, trojaner board, virus, warnung, windows |
Linear-Darstellung
