Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Antivir zeigt viele laufenden Prozesse als Virus an (https://www.trojaner-board.de/152759-antivir-zeigt-viele-laufenden-prozesse-virus.html)

PhilMcDevil 19.04.2014 18:11
Antivir zeigt viele laufenden Prozesse als Virus an
 
Hallo !

Seit ein paar Tagen startet Antivir direkt nach dem Start des Computers einen Scan und zeigt mir dann mehrere Prozesse als Viren an. Soweit ich weiß sind einige davon auch Windowsprozesse/Daten. Wenn ich die Prozesse in Quarantäne lege oder lösche, stürzt der PC direkt ab, ich kann ihn jedoch wieder normal starten. Woher weiß ich jetzt ob es wirklich Viren sind, und wenn ja, wie kriege ich sie vom PC ?

Ich hoffe ihr könnt mir schnell helfen,

MFG

PhilMcDevil

deeprybka 19.04.2014 18:17
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweise: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean :daumenhoc bist.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Das dauert dann zwar ein paar Stunden länger, garantiert aber, dass Du kompetente Hilfe und geprüfte Antworten bekommst. Siehe hier...

Ich bedanke mich für Deine Geduld! :)



Schritt 1 (Scan mit FRST)
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://s14.directupload.net/images/140328/2qpwxt79.gif


Kannst DU bitte wenn möglich auch die Logfiles von Avira mit den Funden posten oder einen Screenshot?

PhilMcDevil 19.04.2014 18:58
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2014
Ran by Philip (administrator) on PHILIP-PC on 19-04-2014 19:53:20
Running from C:\Users\Philip\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avscan.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
() C:\Users\Philip\Downloads\FRST64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8321568 2009-11-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-01-13] (Softthinks)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [Facebook Update] => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-27] (Facebook Inc.)
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [Spotify Web Helper] => C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-15] (Spotify Ltd)
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {8e41c074-87b3-11e0-a0e7-00262d1cb7b6} - I:\Autorun.exe
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {9c53062c-9805-11e0-a906-00262d1cb7b6} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {ac588f44-b7d8-11e2-b3ed-00262d1cb7b6} - J:\autorun.exe
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {f76e5f60-0be8-11e2-b5cc-00262d1cb7b6} - I:\LaunchU3.exe -a
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs:  c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss_gin2g&mntrId=26D100262D1CB7B6&affID=119292&tsp=4930
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {E491B4A4-BC58-49B8-BE46-84D7FA1DF57A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=26D100262D1CB7B6&affID=119292&tsp=4930
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {51B79B53-627C-4DDA-9A17-6B306B77196A} URL =
SearchScopes: HKCU - {E491B4A4-BC58-49B8-BE46-84D7FA1DF57A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - {F1347901-060E-4775-8679-390DA5814695} URL =
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip
FF user.js: detected! => C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://battlelog.battlefield.com/bf3/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Philip\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Philip\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\116 [2013-07-04]
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\122 [2013-07-15]
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\125 [2013-07-23]
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\128 [2013-08-23]
FF Extension: Delta Toolbar - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\ffxtlbr@delta.com [2013-07-01]
FF Extension: WebCake - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\plugin@getwebcake.com [2013-07-01]
FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-08-23]
FF Extension: WEB.DE MailCheck - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\toolbar@web.de.xpi [2013-10-31]
FF Extension: Adblock Plus - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-10]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-04-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-04-10]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-28]
FF HKCU\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\Philip\AppData\Roaming\5018
FF Extension: Java String Helper - C:\Users\Philip\AppData\Roaming\5018 [2011-06-14]
FF HKCU\...\Firefox\Extensions: [lspeaker@lyricsspeaker.net] - C:\Program Files (x86)\LyricsSpeaker\128.xpi
FF Extension: LyricsSpeaker - C:\Program Files (x86)\LyricsSpeaker\128.xpi [2013-08-23]

==================== Services (Whitelisted) =================

S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2011-06-16] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-27] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-27] (DealPly Technologies Ltd)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [173344 2007-03-06] (Labtec Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-08] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S2 SystemStoreService; "C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe"  -displayname "System Store" -servicename "SystemStoreService" [X]

==================== Drivers (Whitelisted) ====================

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-05-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-08] (DT Soft Ltd)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658432 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19456 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-05-19] ()
S3 LVcKap64; C:\Windows\System32\DRIVERS\LVcKap64.sys [1029024 2007-03-06] (Labtec Inc.)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2496928 2007-03-06] (Labtec Inc.)
S3 LVUSBS64; C:\Windows\System32\DRIVERS\LVUSBS64.sys [58400 2007-03-06] (Labtec Inc.)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561V64.SYS [468000 2007-03-06] (Labtec Inc.)
R2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [12528 2013-06-30] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 ALSysIO; \??\C:\Users\Philip\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 19:53 - 2014-04-19 19:53 - 00023353 _____ () C:\Users\Philip\Downloads\FRST.txt
2014-04-19 19:52 - 2014-04-19 19:53 - 00000000 ____D () C:\FRST
2014-04-19 19:51 - 2014-04-19 19:52 - 02055680 _____ (Farbar) C:\Users\Philip\Desktop\FRST64.exe
2014-04-19 10:58 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-19 10:58 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-19 10:58 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-19 10:58 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-19 10:57 - 2014-04-19 10:58 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-15 11:53 - 2014-04-15 11:54 - 00000000 ____D () C:\Users\Philip\Desktop\Abitur
2014-04-10 16:40 - 2014-04-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-19 19:53 - 2014-04-19 19:53 - 00023353 _____ () C:\Users\Philip\Downloads\FRST.txt
2014-04-19 19:53 - 2014-04-19 19:52 - 00000000 ____D () C:\FRST
2014-04-19 19:52 - 2014-04-19 19:51 - 02055680 _____ (Farbar) C:\Users\Philip\Desktop\FRST64.exe
2014-04-19 19:52 - 2011-05-17 15:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-19 19:23 - 2013-09-27 21:18 - 00000906 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2014-04-19 19:23 - 2012-03-30 12:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-19 19:18 - 2013-09-27 21:18 - 00000294 _____ () C:\Windows\Tasks\Dealply.job
2014-04-19 19:10 - 2011-10-03 22:54 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-19 17:44 - 2011-06-08 20:40 - 00000000 ____D () C:\ProgramData\Origin
2014-04-19 17:43 - 2011-06-14 18:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-19 17:15 - 2013-01-27 15:10 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job
2014-04-19 16:59 - 2011-05-23 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-04-19 16:24 - 2013-09-27 21:18 - 00000902 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2014-04-19 16:24 - 2011-10-03 22:54 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-19 16:23 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-19 16:23 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-19 16:20 - 2009-07-14 19:58 - 09089640 _____ () C:\Windows\system32\perfh007.dat
2014-04-19 16:20 - 2009-07-14 19:58 - 02768438 _____ () C:\Windows\system32\perfc007.dat
2014-04-19 16:20 - 2009-07-14 07:13 - 00006458 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-19 16:19 - 2012-06-15 14:03 - 01536689 ____N () C:\Windows\WindowsUpdate.log
2014-04-19 16:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-19 12:57 - 2012-02-20 17:13 - 00000000 ___RD () C:\Users\Philip\Desktop\Ordner
2014-04-19 11:11 - 2011-05-18 21:42 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-04-19 10:58 - 2014-04-19 10:57 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-19 10:58 - 2013-10-03 20:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 10:58 - 2010-03-18 13:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-18 16:01 - 2012-04-17 17:41 - 00000000 ____D () C:\Users\Philip\AppData\Roaming\Spotify
2014-04-18 14:15 - 2013-01-27 15:10 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job
2014-04-18 00:51 - 2011-05-17 16:04 - 00000000 ____D () C:\Users\Philip\AppData\Roaming\Skype
2014-04-16 15:05 - 2011-05-17 16:51 - 00000000 ____D () C:\ProgramData\Apple
2014-04-16 13:02 - 2012-04-17 17:42 - 00000000 ____D () C:\Users\Philip\AppData\Local\Spotify
2014-04-15 20:05 - 2013-04-17 19:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-15 11:54 - 2014-04-15 11:53 - 00000000 ____D () C:\Users\Philip\Desktop\Abitur
2014-04-14 20:13 - 2014-04-19 10:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-19 10:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-19 10:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-19 10:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 17:22 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-10 16:40 - 2014-04-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 20:05 - 2011-10-03 22:54 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-07 20:05 - 2011-10-03 22:54 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 16:18 - 2013-12-19 17:18 - 00000137 _____ () C:\Users\Philip\AppData\Roaming\WB.CFG
2014-03-29 20:46 - 2010-03-18 13:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2010-03-18 22:06] - [2010-03-18 22:06] - 2868736 ____A (Microsoft Corporation) 6D4F9E4B640B413C6F73414327484C80

C:\Windows\SysWOW64\explorer.exe
[2010-03-18 22:06] - [2010-03-18 22:06] - 2613248 ____A (Microsoft Corporation) FC89FACA0473641CB625EDA9277D0885

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!


LastRegBack: 2014-04-19 19:29

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2014
Ran by Philip at 2014-04-19 19:53:58
Running from C:\Users\Philip\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader 9.5.3 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{1D420647-DF79-D93E-66E1-6B053F1F9BE0}) (Version: 2.0.4224.34064 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{D726D186-0BA7-8BC4-6273-A9AED17C7B8A}) (Version: 2.0.4532.34673 - Advanced Micro Devices, Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23268 - Ask.com) <==== ATTENTION
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.3.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.02 - Broadcom Corporation)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1209.2335.42329 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source v17 (HKLM-x32\...\Counter-Strike: Source v17) (Version:  - )
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CycoreFX HD-64 1.7 for After Effects (HKLM-x32\...\CycoreFX HD-64 1.7 for After Effects) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTION
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.34 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.74 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Delta toolbar  (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
Der Herr der Ringe® - Die Eroberung™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
ffdshow [rev 2202] [2008-10-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free DVD Creator version 2.0 (HKLM-x32\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Free Video to DVD Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FXAA Post Process Injector (HKLM-x32\...\FXAA Post Process Injector) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
HWiNFO64 Version 4.24 (HKLM\...\HWiNFO64_is1) (Version: 4.24 - Martin Malík - REALiX)
iCloud (HKLM\...\{89BDAE1A-7B8E-4A0E-A169-02F7F366451D}) (Version: 2.1.0.39 - Apple Inc.)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kingdoms of Amalur: Reckoning - Demo (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
K-Lite Mega Codec Pack 9.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.0 - )
Labtec WebCam (HKLM\...\{FA4DA5D7-5140-4024-BADD-FCB540833E5D}) (Version: 10.51.1130 - Labtec, Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Little Fighter 2 version 2.0a (HKLM-x32\...\Little Fighter 2) (Version: version 2.0a - )
LyricsSpeaker (HKLM-x32\...\lspeaker@lyricsspeaker.net) (Version:  - LyricsSpeaker LTD) <==== ATTENTION
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5977 - Realtek Semiconductor Corp.)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.170 - Sony Online Entertainment)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Incorporated)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Toolbar (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode Version 3.1.6.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.9 - XMedia Recode)

==================== Restore Points  =========================

07-04-2014 18:29:14 Geplanter Prüfpunkt
17-04-2014 12:09:37 Geplanter Prüfpunkt
19-04-2014 08:56:22 Installed Java 7 Update 55

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0099E1E5-9B86-4FCB-A7F6-4BD5D05C64E7} - System32\Tasks\{A406987F-3F4C-49A7-A287-24551A9594A9} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {0213C5ED-2D34-4EAD-ABDB-4CB74225AA2D} - System32\Tasks\{28E75563-13A6-4254-8B72-BB4157562C9C} => C:\Users\Philip\Downloads\webcam1051deu_x64.exe
Task: {05C1F3A1-4B9D-423D-B3C3-528BF7FA8E85} - System32\Tasks\{DBAD9574-D40E-4C5C-BF14-AB7EE2FB5477} => D:\_ISDEL.EXE
Task: {0D7ED96B-366D-4F5B-8867-FEE0A9DD5570} - System32\Tasks\{EAE55B9B-D7E3-45C6-80BD-7E5CC68678D8} => C:\Program Files (x86)\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe
Task: {0E61AC01-50AB-46A4-85EE-767176085F8D} - System32\Tasks\{B322BD7A-B257-4E3C-B0E9-500B60459896} => Firefox.exe
Task: {172B81B0-418A-4ED2-9629-999968EA481A} - System32\Tasks\{339B9848-2240-4216-B66F-E77F1BF99E51} => C:\Program Files (x86)\Call of Duty\CoDSP.exe [2003-10-30] ()
Task: {2150CC91-8BED-492F-9F42-1D0B67CB8E71} - System32\Tasks\{EE26D74C-73AD-456E-AF8D-70C5CA3A9AE2} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {22479661-BAFA-4F7E-B2A6-E5AAAF098D3F} - System32\Tasks\{D0EDE78D-A43A-4F20-8562-BF134BDBE8F6} => C:\Users\Philip\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
Task: {24B79D1D-86B3-4A2B-9723-69B54DD76785} - System32\Tasks\{4B6380BE-EA5F-4567-A815-2B97EF2648AF} => D:\_ISDEL.EXE
Task: {2929858A-3F02-42BD-AD4A-6AD117D85C7E} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {295B845D-C1CC-4B24-B2E9-C025FF793BB6} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {2ABD5925-608E-4E5F-81B4-AB9403C05988} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {2B5C5DFA-14E5-4146-A870-01B5060C5DDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {2D021799-9AE0-4FED-84EB-389C6FF4C39B} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Safari\1Click.exe
Task: {2D65B94D-65CC-44C3-B3EC-5E7471FAFD75} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-05-29] () <==== ATTENTION
Task: {2DA9CBE9-5784-4784-BFEB-DA9792FF1EAA} - System32\Tasks\{EBD97FBF-CE8C-41F3-BC03-64C1160C3D54} => D:\_ISDEL.EXE
Task: {340D9D15-6C85-424D-8413-E442C593E546} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {349C0DE6-713E-497C-9CA7-D6F9CECAD891} - System32\Tasks\Dealply => C:\Users\Philip\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe [2013-09-27] () <==== ATTENTION
Task: {43CBA4BC-EA97-4038-842D-92DC51E36A89} - System32\Tasks\{AFCCA13B-6683-402F-9AD9-98203F9A9EF3} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {463F7FD2-4934-484B-B15E-CF9CA5C8097A} - System32\Tasks\{0BDA5E34-7DC4-4A5D-B017-8470CC5F80AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {4C7ED2FF-B91B-452A-A3B7-A7734902B3B2} - System32\Tasks\BrowserDefendert
Task: {53483F72-5404-4D63-9390-D610BB5F19F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5697979B-FEF7-4021-A43E-C3DBC3955D3A} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-23] ()
Task: {580FEA43-CE45-4CFA-8E22-F8BE8094A077} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5CF0C940-18C1-49F8-A8E5-FE84DB7EB891} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-27] (DealPly Technologies Ltd) <==== ATTENTION
Task: {6B41705E-A9F1-44A2-92CA-0E16978C2A75} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-27] (DealPly Technologies Ltd) <==== ATTENTION
Task: {74E2AFA8-A481-43D7-AA80-E1CE43815649} - System32\Tasks\{88549521-5DA0-4AA4-BBC2-3429EBA6EC43} => D:\_ISDEL.EXE
Task: {788C7039-5C32-4B08-ADF8-AB70F2417D99} - System32\Tasks\Google Updater and Installer => C:\Users\Philip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {827C6551-75F2-49F7-86A0-0CEB6267277A} - System32\Tasks\{42305BEC-5A2F-400E-B430-22D1CBFDE48D} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {83263FEC-94C6-4033-9D70-6B537FB87A79} - System32\Tasks\JavaUpdateSched => C:\Windows\System32\jusched.exe [2010-03-18] (Sun Microsystems, Inc.)
Task: {90754EB8-CB92-490D-A552-A0FF188CD72F} - System32\Tasks\{A398B4A3-513D-4839-9DA2-6711B9DF118F} => Firefox.exe
Task: {917A5E7D-A34C-4F36-BC6E-BA5EDA8A9636} - System32\Tasks\{55B1E58B-7D30-434C-8814-99BB8A404BB7} => Firefox.exe
Task: {91876DDF-1A2E-45FA-8660-60EC7912DA98} - System32\Tasks\{213989E0-3C20-44C4-8734-3D4F319DFE88} => Firefox.exe
Task: {98BAD724-F4AA-4ECD-8E98-284BF6B108DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {99377543-CA83-425B-A2D1-3B2C398EA15C} - System32\Tasks\{8877A725-1921-4B7B-9838-9FFA8A3A4175} => D:\_ISDEL.EXE
Task: {9CC41521-CA2B-4A1F-8444-B0A322BE8BEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9D39864D-A9C5-464D-9024-CF516FD4D7A0} - System32\Tasks\{C157E6D4-2A46-401B-B244-C2893079D826} => Firefox.exe
Task: {9DBDCD30-B958-4104-9226-CFB2C010866C} - System32\Tasks\{9DDB1B82-3DF6-4829-AE8D-EF5C090169A5} => D:\SETUP.EXE
Task: {9F031F4D-8C0E-4FB1-985A-F5959EDB81D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9FA80E47-961A-4A84-A6AB-368ED1FE94F2} - System32\Tasks\{D4448B81-CC1B-480A-AFDF-F94309F17813} => D:\_ISDEL.EXE
Task: {A4BAF711-0B99-4372-A9EA-945B23F0F5D0} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {A956EF08-5DCC-47F0-A6CB-A4DC673446EA} - System32\Tasks\{732325CA-8798-431C-BBEF-2095A65F1828} => D:\SETUP.EXE
Task: {AD847B47-6996-41B9-BC5B-59B294189393} - System32\Tasks\{8183A7B3-F7D8-4D5C-837E-E358125DAB75} => C:\Users\Philip\Downloads\SoftonicDownloader_fuer_sonicstage.exe [2013-06-24] (Softonic                                        )
Task: {B1658FAD-FFD3-4AA1-8077-A8DE51194D3F} - System32\Tasks\{DA0BCC55-4B5F-4A68-A1AC-CB853AF4DD04} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {B9902F32-72DE-484E-8D55-948E7DABB2AD} - System32\Tasks\{499AF17F-67AF-4D0D-978C-87E24C4644DB} => Firefox.exe
Task: {BE9F6BA8-FB43-46E5-A1BA-54541160FFCB} - System32\Tasks\{DC011BCD-0A67-4D3A-95AF-347D7118AEBE} => D:\SETUP.EXE
Task: {C481A97C-21BD-469E-813D-AAAFC8271EC4} - System32\Tasks\{FDAF1706-86BF-4F0A-AAC9-F554A1278D9F} => D:\SETUP.EXE
Task: {C5A1C017-3ABA-47DB-9428-1C782DEE4BA5} - System32\Tasks\LyricsSpeaker Update => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe <==== ATTENTION
Task: {DC72AF65-2C74-4B57-99BE-FA2A44C2156F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {E4D32404-08AE-4DCC-89D8-D85726394C07} - System32\Tasks\{CB306D73-D4A5-4C9E-B046-3D69F817BC25} => D:\SETUP.EXE
Task: {EECFDD11-93A8-484C-8F92-AFB883983DE4} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {F3F81F65-2AD4-4E58-B8C2-648E272CEE0C} - System32\Tasks\{512AF1ED-5EA6-4AE4-BECB-FDB76F6F9328} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {F40DC4E7-8883-4728-84A5-4720C14C0415} - System32\Tasks\{6B56370F-D515-4E08-86E0-2C8154E6FB42} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {F4CE2786-5462-481D-9E31-9447BCF1CAF4} - System32\Tasks\{6BB9C277-EBFF-4895-83CE-AE553C07320E} => Firefox.exe
Task: {F795D2D4-C2AC-48E6-BFFB-3AB960870473} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03] (Adobe Systems Incorporated)
Task: {FE21CDC3-5F38-442E-B63E-513A1666EC5D} - System32\Tasks\{672D2BF0-FA32-4E89-B98C-5AF98918C167} => D:\Setup.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Philip\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsSpeaker Update.job => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-11-21 17:44 - 2013-11-18 16:32 - 01958880 ____N () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll
2013-05-08 15:20 - 2013-05-08 15:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-28 17:37 - 2012-11-28 17:37 - 00954256 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-05-26 21:44 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-03-18 13:32 - 2011-01-13 20:39 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2013-03-28 22:30 - 2013-03-28 22:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: SftService => 2
MSCONFIG\startupfolder: C:^Users^Philip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe                                                                                                                                                                                                               
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                     
MSCONFIG\startupreg: Facebook Update => "C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver                                                                                                                                                                                   
MSCONFIG\startupreg: LogitechCommunicationsManager => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"                                                                                                                                                                                       
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files (x86)\Labtec\WebCam\WebCam10.exe" /hide                                                                                                                                                                                                               
MSCONFIG\startupreg: LVCOMSX => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe"                                                                                                                                                                                                     
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Okfas => C:\Users\Philip\AppData\Roaming\Ubusc\tuixu.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"                                                                                                                                                                                         
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Userinit => C:\Users\Philip\AppData\Roaming\appconf32.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: AODDriver4.2
Description: AODDriver4.2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2014 07:36:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (04/19/2014 06:30:57 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/19/2014 04:57:27 PM) (Source: Application Hang) (User: )
Description: Programm WebKit2WebProcess.exe, Version 7534.57.2.4 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f98

Startzeit: 01cf5bdf86710dd6

Endzeit: 13

Anwendungspfad: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe

Berichts-ID: ea31eeec-c7d2-11e3-8239-00262d1cb7b6

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2014 04:16:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (04/19/2014 00:08:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WebKit2WebProcess.exe, Version: 7534.57.2.4, Zeitstempel: 0x4f97642d
Name des fehlerhaften Moduls: WebKit.dll, Version: 7534.57.2.4, Zeitstempel: 0x4f976417
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001f5f03
ID des fehlerhaften Prozesses: 0xdd0
Startzeit der fehlerhaften Anwendung: 0xWebKit2WebProcess.exe0
Pfad der fehlerhaften Anwendung: WebKit2WebProcess.exe1
Pfad des fehlerhaften Moduls: WebKit2WebProcess.exe2
Berichtskennung: WebKit2WebProcess.exe3

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (04/19/2014 07:49:44 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/19/2014 06:20:05 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2014 06:09:41 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2014 04:28:56 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/19/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/19/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/19/2014 04:24:17 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422

Error: (04/19/2014 04:18:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/19/2014 04:18:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058


Microsoft Office Sessions:
=========================
Error: (04/19/2014 07:36:21 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (04/19/2014 06:30:57 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/19/2014 04:57:27 PM) (Source: Application Hang)(User: )
Description: WebKit2WebProcess.exe7534.57.2.4f9801cf5bdf86710dd613C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exeea31eeec-c7d2-11e3-8239-00262d1cb7b6

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/19/2014 04:16:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (04/19/2014 00:08:07 PM) (Source: Application Error)(User: )
Description: WebKit2WebProcess.exe7534.57.2.44f97642dWebKit.dll7534.57.2.44f976417c0000005001f5f03dd001cf5bad66a122adC:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exeC:\Program Files (x86)\Safari\Apple Application Support\WebKit.dll80844098-c7aa-11e3-8b4c-00262d1cb7b6

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2014-04-19 19:49:44.413
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:52:40.701
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:41:09.984
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:17:04.646
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:10:26.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 17:39:52.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 16:38:41.273
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 16:24:10.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 16:15:53.013
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 13:30:15.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 6142.98 MB
Available physical RAM: 3669.34 MB
Total Pagefile: 12284.1 MB
Available Pagefile: 9363.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:585.42 GB) (Free:90.3 GB) NTFS
Drive j: (Far Cry 3) (CDROM) (Total:7.7 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: B8000000)
Partition 1: (Not Active) - (Size=71 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585 GB) - (Type=07 NTFS)

==================== End Of Log ============================

deeprybka 19.04.2014 19:03
Kannst Du mir bitte wenn möglich auch noch die Funde in den Avira-Logs posten? Das geht so...

:dankeschoen:

PhilMcDevil 19.04.2014 19:04
Liste der Anhänge anzeigen (Anzahl: 3)
Anhang 66330

Anhang 66331

Anhang 66332

deeprybka 19.04.2014 19:13
OK.
Melde mich wieder mit weiteren Anweisungen. (Wahrscheinlich morgen schon)... ;)
Bis dahin bitte keine Veränderungen etc. am PC vornehmen.

PhilMcDevil 19.04.2014 19:14
Ich kann die Funde nicht posten, die Datei ist zu groß. Und das obwohl ich nur die von heut nachmittag genommen habe..

Ok wenn die Bilder reichen dann ist gut. Ok und dankeschön schonmal für die Hilfe :)

deeprybka 19.04.2014 19:15
Schon OK! :)
Siehe das Posting davor....

deeprybka 20.04.2014 17:44
Hallo,
machst Du mit dem PC Onlinebanking, Paypal, ebay etc.? Der Firefox scheint mit einem Keylogger infiziert zu sein.

Lesestoff:
Banking-Trojaner
Wenn du mit diesem Computer beispielsweise Onlinebanking machst, dann solltest Du zumindest dein Passwort von deiner Bank ändern lassen, wenn Du ein ansonsten sicheres Verfahren wie beispielsweise "chip-TAN-comfort" nutzt. Hast Du noch alte TAN-Bögen auf Papierbasis? Dann ist es höchste Zeit Dich bei Deiner Bank zu melden und notfalls das Konto temporär sperren zu lassen. Der Sperrnotruf 116 116 von www.sperr-notruf.de kann Tag und Nacht dafür benutzt werden.


Zur Bestätigung einer anderen Infektion müssen wir noch einen Kontrollscan durchführen:

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

PhilMcDevil 20.04.2014 19:01
Firefox benutze ich eigentlich eh nie, also sollte das nicht allzu schlimm sein oder?

19:52:51.0864 0x0db4 TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
19:53:41.0455 0x0db4 ============================================================
19:53:41.0455 0x0db4 Current date / time: 2014/04/20 19:53:41.0455
19:53:41.0455 0x0db4 SystemInfo:
19:53:41.0455 0x0db4
19:53:41.0455 0x0db4 OS Version: 6.1.7600 ServicePack: 0.0
19:53:41.0455 0x0db4 Product type: Workstation
19:53:41.0455 0x0db4 ComputerName: PHILIP-PC
19:53:41.0455 0x0db4 UserName: Philip
19:53:41.0455 0x0db4 Windows directory: C:\Windows
19:53:41.0455 0x0db4 System windows directory: C:\Windows
19:53:41.0455 0x0db4 Running under WOW64
19:53:41.0455 0x0db4 Processor architecture: Intel x64
19:53:41.0455 0x0db4 Number of processors: 4
19:53:41.0455 0x0db4 Page size: 0x1000
19:53:41.0455 0x0db4 Boot type: Normal boot
19:53:41.0455 0x0db4 ============================================================
19:53:42.0727 0x0db4 KLMD registered as C:\Windows\system32\drivers\63803899.sys
19:53:42.0894 0x0db4 System UUID: {BA202CF7-87B9-432A-F42B-5009CAF5A2C4}
19:53:43.0476 0x0db4 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:53:43.0497 0x0db4 ============================================================
19:53:43.0497 0x0db4 \Device\Harddisk0\DR0:
19:53:43.0497 0x0db4 MBR partitions:
19:53:43.0497 0x0db4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x155F000
19:53:43.0497 0x0db4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1582800, BlocksNum 0x492D5000
19:53:43.0497 0x0db4 ============================================================
19:53:43.0525 0x0db4 C: <-> \Device\Harddisk0\DR0\Partition2
19:53:43.0525 0x0db4 ============================================================
19:53:43.0525 0x0db4 Initialize success
19:53:43.0525 0x0db4 ============================================================
19:55:53.0700 0x101c ============================================================
19:55:53.0700 0x101c Scan started
19:55:53.0700 0x101c Mode: Manual; SigCheck; TDLFS;
19:55:53.0700 0x101c ============================================================
19:55:53.0700 0x101c KSN ping started
19:56:07.0428 0x101c KSN ping finished: true
19:56:08.0223 0x101c ================ Scan system memory ========================
19:56:08.0223 0x101c System memory - ok
19:56:08.0223 0x101c ================ Scan services =============================
19:56:08.0364 0x101c [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:56:08.0473 0x101c 1394ohci - ok
19:56:08.0520 0x101c [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:56:08.0535 0x101c ACPI - ok
19:56:08.0551 0x101c [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:56:08.0613 0x101c AcpiPmi - ok
19:56:08.0691 0x101c [ F84C9DEE4698DF3C1D76801B7B1B55D7, 071A3938ED7B9E20E30E873011C8039382C7EFE90D39EC8C0F3E457B2873406E ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:56:08.0722 0x101c Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
19:56:11.0468 0x101c Detect skipped due to KSN trusted
19:56:11.0468 0x101c Adobe LM Service - ok
19:56:11.0593 0x101c [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:11.0608 0x101c AdobeFlashPlayerUpdateSvc - ok
19:56:11.0655 0x101c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:56:11.0702 0x101c adp94xx - ok
19:56:11.0733 0x101c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:56:11.0764 0x101c adpahci - ok
19:56:11.0780 0x101c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:56:11.0780 0x101c adpu320 - ok
19:56:11.0811 0x101c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:11.0936 0x101c AeLookupSvc - ok
19:56:12.0030 0x101c [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
19:56:12.0092 0x101c AFD - ok
19:56:12.0123 0x101c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:56:12.0139 0x101c agp440 - ok
19:56:12.0154 0x101c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:56:12.0201 0x101c ALG - ok
19:56:12.0248 0x101c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:56:12.0248 0x101c aliide - ok
19:56:12.0342 0x101c ALSysIO - ok
19:56:12.0373 0x101c [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:56:12.0466 0x101c AMD External Events Utility - ok
19:56:12.0513 0x101c AMD FUEL Service - ok
19:56:12.0544 0x101c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:56:12.0544 0x101c amdide - ok
19:56:12.0576 0x101c [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:56:12.0607 0x101c amdiox64 - ok
19:56:12.0622 0x101c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:56:12.0654 0x101c AmdK8 - ok
19:56:12.0997 0x101c [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:56:13.0449 0x101c amdkmdag - ok
19:56:13.0527 0x101c [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:56:13.0558 0x101c amdkmdap - ok
19:56:13.0590 0x101c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:56:13.0621 0x101c AmdPPM - ok
19:56:13.0652 0x101c [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:56:13.0668 0x101c amdsata - ok
19:56:13.0699 0x101c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:56:13.0714 0x101c amdsbs - ok
19:56:13.0730 0x101c [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
19:56:13.0730 0x101c amdxata - ok
19:56:13.0808 0x101c [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:56:13.0824 0x101c AntiVirSchedulerService - ok
19:56:13.0855 0x101c [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:56:13.0870 0x101c AntiVirService - ok
19:56:13.0917 0x101c [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:56:13.0964 0x101c AntiVirWebService - ok
19:56:13.0995 0x101c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:56:13.0995 0x101c AODDriver4.01 - ok
19:56:14.0026 0x101c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:56:14.0026 0x101c AODDriver4.1 - ok
19:56:14.0042 0x101c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:56:14.0042 0x101c AODDriver4.2 - ok
19:56:14.0073 0x101c [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
19:56:14.0136 0x101c AppID - ok
19:56:14.0182 0x101c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:56:14.0214 0x101c AppIDSvc - ok
19:56:14.0260 0x101c [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:14.0338 0x101c Appinfo - ok
19:56:14.0385 0x101c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:56:14.0385 0x101c Apple Mobile Device - ok
19:56:14.0416 0x101c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:56:14.0416 0x101c arc - ok
19:56:14.0432 0x101c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:56:14.0448 0x101c arcsas - ok
19:56:14.0510 0x101c aspnet_state - ok
19:56:14.0541 0x101c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:14.0604 0x101c AsyncMac - ok
19:56:14.0619 0x101c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:56:14.0619 0x101c atapi - ok
19:56:14.0666 0x101c [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:56:14.0744 0x101c AtiHDAudioService - ok
19:56:14.0791 0x101c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:56:14.0791 0x101c AtiHdmiService - ok
19:56:14.0838 0x101c [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:56:14.0838 0x101c AtiPcie - ok
19:56:14.0869 0x101c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:56:14.0900 0x101c atksgt - ok
19:56:14.0931 0x101c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:15.0009 0x101c AudioEndpointBuilder - ok
19:56:15.0040 0x101c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:56:15.0087 0x101c AudioSrv - ok
19:56:15.0134 0x101c [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:56:15.0134 0x101c avgntflt - ok
19:56:15.0165 0x101c [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:56:15.0181 0x101c avipbb - ok
19:56:15.0212 0x101c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:56:15.0212 0x101c avkmgr - ok
19:56:15.0228 0x101c [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:56:15.0337 0x101c AxInstSV - ok
19:56:15.0384 0x101c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:56:15.0430 0x101c b06bdrv - ok
19:56:15.0462 0x101c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:15.0508 0x101c b57nd60a - ok
19:56:15.0540 0x101c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:56:15.0602 0x101c BDESVC - ok
19:56:15.0633 0x101c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:15.0680 0x101c Beep - ok
19:56:15.0742 0x101c [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
19:56:15.0805 0x101c BFE - ok
19:56:15.0867 0x101c [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
19:56:15.0945 0x101c BITS - ok
19:56:15.0992 0x101c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:16.0008 0x101c blbdrive - ok
19:56:16.0070 0x101c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:16.0086 0x101c Bonjour Service - ok
19:56:16.0148 0x101c [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:16.0195 0x101c bowser - ok
19:56:16.0226 0x101c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:56:16.0257 0x101c BrFiltLo - ok
19:56:16.0304 0x101c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:56:16.0351 0x101c BrFiltUp - ok
19:56:16.0398 0x101c [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
19:56:16.0444 0x101c Browser - ok
19:56:16.0460 0x101c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:56:16.0522 0x101c Brserid - ok
19:56:16.0538 0x101c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:16.0554 0x101c BrSerWdm - ok
19:56:16.0554 0x101c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:16.0600 0x101c BrUsbMdm - ok
19:56:16.0632 0x101c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:16.0663 0x101c BrUsbSer - ok
19:56:16.0694 0x101c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:56:16.0725 0x101c BTHMODEM - ok
19:56:16.0788 0x101c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:56:16.0834 0x101c bthserv - ok
19:56:16.0866 0x101c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:16.0912 0x101c cdfs - ok
19:56:16.0944 0x101c [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:16.0959 0x101c cdrom - ok
19:56:16.0975 0x101c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:17.0006 0x101c CertPropSvc - ok
19:56:17.0022 0x101c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:56:17.0068 0x101c circlass - ok
19:56:17.0100 0x101c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:56:17.0115 0x101c CLFS - ok
19:56:17.0146 0x101c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:17.0162 0x101c clr_optimization_v2.0.50727_32 - ok
19:56:17.0224 0x101c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:17.0224 0x101c clr_optimization_v2.0.50727_64 - ok
19:56:17.0302 0x101c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:17.0302 0x101c clr_optimization_v4.0.30319_32 - ok
19:56:17.0349 0x101c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:17.0365 0x101c clr_optimization_v4.0.30319_64 - ok
19:56:17.0380 0x101c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:17.0396 0x101c CmBatt - ok
19:56:17.0412 0x101c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:56:17.0427 0x101c cmdide - ok
19:56:17.0443 0x101c [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
19:56:17.0474 0x101c CNG - ok
19:56:17.0490 0x101c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:56:17.0505 0x101c Compbatt - ok
19:56:17.0521 0x101c [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:56:17.0568 0x101c CompositeBus - ok
19:56:17.0568 0x101c COMSysApp - ok
19:56:17.0599 0x101c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:56:17.0614 0x101c crcdisk - ok
19:56:17.0692 0x101c [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:17.0739 0x101c CryptSvc - ok
19:56:17.0770 0x101c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:17.0848 0x101c DcomLaunch - ok
19:56:17.0911 0x101c dealplylive - ok
19:56:17.0911 0x101c dealplylivem - ok
19:56:17.0958 0x101c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:56:18.0020 0x101c defragsvc - ok
19:56:18.0067 0x101c [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:18.0098 0x101c DfsC - ok
19:56:18.0114 0x101c [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:56:18.0192 0x101c Dhcp - ok
19:56:18.0207 0x101c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:56:18.0238 0x101c discache - ok
19:56:18.0270 0x101c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:56:18.0270 0x101c Disk - ok
19:56:18.0316 0x101c [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:18.0363 0x101c Dnscache - ok
19:56:18.0394 0x101c [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:18.0441 0x101c dot3svc - ok
19:56:18.0488 0x101c [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
19:56:18.0535 0x101c DPS - ok
19:56:18.0566 0x101c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:18.0582 0x101c drmkaud - ok
19:56:18.0628 0x101c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:56:18.0660 0x101c dtsoftbus01 - ok
19:56:18.0706 0x101c [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:18.0738 0x101c DXGKrnl - ok
19:56:18.0784 0x101c EagleX64 - ok
19:56:18.0800 0x101c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:18.0847 0x101c EapHost - ok
19:56:18.0956 0x101c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:56:19.0112 0x101c ebdrv - ok
19:56:19.0159 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
19:56:19.0190 0x101c EFS - ok
19:56:19.0268 0x101c [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:19.0362 0x101c ehRecvr - ok
19:56:19.0377 0x101c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:56:19.0393 0x101c ehSched - ok
19:56:19.0440 0x101c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:56:19.0471 0x101c elxstor - ok
19:56:19.0486 0x101c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:56:19.0518 0x101c ErrDev - ok
19:56:19.0564 0x101c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:56:19.0611 0x101c EventSystem - ok
19:56:19.0627 0x101c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:19.0689 0x101c exfat - ok
19:56:19.0720 0x101c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:19.0752 0x101c fastfat - ok
19:56:19.0798 0x101c [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
19:56:19.0876 0x101c Fax - ok
19:56:19.0892 0x101c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:19.0923 0x101c fdc - ok
19:56:19.0954 0x101c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:20.0001 0x101c fdPHost - ok
19:56:20.0032 0x101c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:20.0048 0x101c FDResPub - ok
19:56:20.0064 0x101c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:20.0079 0x101c FileInfo - ok
19:56:20.0079 0x101c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:20.0126 0x101c Filetrace - ok
19:56:20.0157 0x101c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:20.0173 0x101c flpydisk - ok
19:56:20.0220 0x101c [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:20.0235 0x101c FltMgr - ok
19:56:20.0282 0x101c [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
19:56:20.0344 0x101c FontCache - ok
19:56:20.0391 0x101c [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:20.0391 0x101c FontCache3.0.0.0 - ok
19:56:20.0407 0x101c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:56:20.0422 0x101c FsDepends - ok
19:56:20.0438 0x101c [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:20.0438 0x101c Fs_Rec - ok
19:56:20.0485 0x101c [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:56:20.0500 0x101c fvevol - ok
19:56:20.0516 0x101c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:56:20.0516 0x101c gagp30kx - ok
19:56:20.0563 0x101c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:56:20.0578 0x101c GEARAspiWDM - ok
19:56:20.0625 0x101c [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:20.0688 0x101c gpsvc - ok
19:56:20.0750 0x101c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:20.0750 0x101c gupdate - ok
19:56:20.0781 0x101c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:20.0781 0x101c gupdatem - ok
19:56:20.0797 0x101c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:56:20.0828 0x101c hcw85cir - ok
19:56:20.0890 0x101c [ 2249B35899312A3AE137B23636B31763, 84E242456CFECB9F198836B818514C011F80F2879C29A1C5A277C1F9B96D3C5A ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
19:56:20.0968 0x101c hcw95bda - ok
19:56:20.0984 0x101c [ 3688D4B84E9F98F70A71D5B4B720940E, 67F6571C9613CED4CD3A9A7123122273C6274E012EB6AD5BE16BBDE458981AAB ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
19:56:21.0015 0x101c hcw95rc - ok
19:56:21.0062 0x101c [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:21.0078 0x101c HDAudBus - ok
19:56:21.0093 0x101c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:56:21.0109 0x101c HidBatt - ok
19:56:21.0124 0x101c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:56:21.0140 0x101c HidBth - ok
19:56:21.0156 0x101c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:56:21.0187 0x101c HidIr - ok
19:56:21.0234 0x101c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:56:21.0280 0x101c hidserv - ok
19:56:21.0312 0x101c [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:21.0358 0x101c HidUsb - ok
19:56:21.0390 0x101c [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:21.0436 0x101c hkmsvc - ok
19:56:21.0483 0x101c [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:21.0546 0x101c HomeGroupListener - ok
19:56:21.0577 0x101c [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:21.0608 0x101c HomeGroupProvider - ok
19:56:21.0655 0x101c [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:56:21.0655 0x101c HpSAMD - ok
19:56:21.0702 0x101c [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:21.0764 0x101c HTTP - ok
19:56:21.0780 0x101c [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:56:21.0795 0x101c hwpolicy - ok
19:56:21.0811 0x101c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:21.0826 0x101c i8042prt - ok
19:56:21.0858 0x101c [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
19:56:21.0889 0x101c iaStorV - ok
19:56:21.0936 0x101c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:56:21.0967 0x101c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:56:24.0868 0x101c Detect skipped due to KSN trusted
19:56:24.0868 0x101c IDriverT - ok
19:56:24.0962 0x101c [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:25.0009 0x101c idsvc - ok
19:56:25.0024 0x101c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:56:25.0040 0x101c iirsp - ok
19:56:25.0071 0x101c [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:25.0134 0x101c IKEEXT - ok
19:56:25.0212 0x101c [ 9526F32B8A76F8DC25A1587400E30084, 9EA361DFAD88B3482863541644C5077B02B331167A20C5FE12420CBC88A3AE3D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:56:25.0290 0x101c IntcAzAudAddService - ok
19:56:25.0305 0x101c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:56:25.0321 0x101c intelide - ok
19:56:25.0336 0x101c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:25.0352 0x101c intelppm - ok
19:56:25.0368 0x101c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:25.0414 0x101c IPBusEnum - ok
19:56:25.0446 0x101c [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:25.0508 0x101c IpFilterDriver - ok
19:56:25.0555 0x101c [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:25.0617 0x101c iphlpsvc - ok
19:56:25.0648 0x101c [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:56:25.0680 0x101c IPMIDRV - ok
19:56:25.0742 0x101c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:56:25.0773 0x101c IPNAT - ok
19:56:25.0820 0x101c [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:56:25.0836 0x101c iPod Service - ok
19:56:25.0867 0x101c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:25.0882 0x101c IRENUM - ok
19:56:25.0882 0x101c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:56:25.0882 0x101c isapnp - ok
19:56:25.0914 0x101c [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:56:25.0929 0x101c iScsiPrt - ok
19:56:25.0960 0x101c [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
19:56:25.0992 0x101c k57nd60a - ok
19:56:26.0007 0x101c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:26.0007 0x101c kbdclass - ok
19:56:26.0038 0x101c [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:26.0070 0x101c kbdhid - ok
19:56:26.0101 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
19:56:26.0101 0x101c KeyIso - ok
19:56:26.0148 0x101c [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:26.0163 0x101c KSecDD - ok
19:56:26.0179 0x101c [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:56:26.0194 0x101c KSecPkg - ok
19:56:26.0194 0x101c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:56:26.0241 0x101c ksthunk - ok
19:56:26.0288 0x101c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:26.0335 0x101c KtmRm - ok
19:56:26.0382 0x101c [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
19:56:26.0460 0x101c LanmanServer - ok
19:56:26.0491 0x101c [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:26.0538 0x101c LanmanWorkstation - ok
19:56:26.0584 0x101c libusb0 - ok
19:56:26.0600 0x101c libusbd - ok
19:56:26.0631 0x101c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:56:26.0631 0x101c lirsgt - ok
19:56:26.0662 0x101c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:26.0694 0x101c lltdio - ok
19:56:26.0725 0x101c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:26.0787 0x101c lltdsvc - ok
19:56:26.0818 0x101c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:26.0865 0x101c lmhosts - ok
19:56:26.0896 0x101c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:56:26.0912 0x101c LSI_FC - ok
19:56:26.0943 0x101c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:56:26.0959 0x101c LSI_SAS - ok
19:56:26.0959 0x101c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:56:26.0974 0x101c LSI_SAS2 - ok
19:56:26.0990 0x101c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:56:27.0006 0x101c LSI_SCSI - ok
19:56:27.0021 0x101c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:27.0084 0x101c luafv - ok
19:56:27.0162 0x101c [ 5D43CC3ECD4F2E733460A6E4AF576128, 96B0EBD1DF2C7C27DE10C009AE14A6C5B7CDF39D103019110597C27F4CB32E85 ] LVcKap64 C:\Windows\system32\DRIVERS\LVcKap64.sys
19:56:27.0193 0x101c LVcKap64 - ok
19:56:27.0318 0x101c [ 2404A511B682BFD8790E663A3E432473, 39984AEFEE7DF92035465D1F0B342B048637B84521C7F7859D4F489CFD861F07 ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
19:56:27.0396 0x101c LVMVDrv - ok
19:56:27.0489 0x101c [ 25F430702E3923F9DFB6B9A4D1DD9C29, 5112751DF03D89C1CCA362F5940FE0F4FC352CBE6F945E51F11D2A6A509BC19C ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
19:56:27.0505 0x101c LVSrvLauncher - ok
19:56:27.0505 0x101c [ 6F9B043FD18C17D7E719382608817C72, 612A2284AAD9E0DB2C9B1E4513B7127D8BA83D4DD0CD7234682D0285782551AD ] LVUSBS64 C:\Windows\system32\DRIVERS\LVUSBS64.sys
19:56:27.0520 0x101c LVUSBS64 - ok
19:56:27.0536 0x101c [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:27.0583 0x101c Mcx2Svc - ok
19:56:27.0614 0x101c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:56:27.0630 0x101c megasas - ok
19:56:27.0661 0x101c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:56:27.0676 0x101c MegaSR - ok
19:56:27.0692 0x101c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:56:27.0754 0x101c MMCSS - ok
19:56:27.0786 0x101c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:56:27.0817 0x101c Modem - ok
19:56:27.0848 0x101c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:27.0864 0x101c monitor - ok
19:56:27.0895 0x101c [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
19:56:27.0910 0x101c MotioninJoyXFilter - ok
19:56:27.0926 0x101c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:27.0942 0x101c mouclass - ok
19:56:27.0973 0x101c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:28.0020 0x101c mouhid - ok
19:56:28.0051 0x101c [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:56:28.0051 0x101c mountmgr - ok
19:56:28.0144 0x101c [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:28.0144 0x101c MozillaMaintenance - ok
19:56:28.0160 0x101c [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:56:28.0176 0x101c mpio - ok
19:56:28.0207 0x101c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:28.0238 0x101c mpsdrv - ok
19:56:28.0269 0x101c [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:28.0332 0x101c MpsSvc - ok
19:56:28.0347 0x101c [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:28.0363 0x101c MRxDAV - ok
19:56:28.0394 0x101c [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:28.0425 0x101c mrxsmb - ok
19:56:28.0441 0x101c [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:28.0503 0x101c mrxsmb10 - ok
19:56:28.0534 0x101c [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:28.0581 0x101c mrxsmb20 - ok
19:56:28.0612 0x101c [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:56:28.0628 0x101c msahci - ok
19:56:28.0644 0x101c [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:56:28.0659 0x101c msdsm - ok
19:56:28.0675 0x101c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:56:28.0722 0x101c MSDTC - ok
19:56:28.0737 0x101c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:28.0768 0x101c Msfs - ok
19:56:28.0784 0x101c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:56:28.0831 0x101c mshidkmdf - ok
19:56:28.0846 0x101c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:56:28.0862 0x101c msisadrv - ok
19:56:28.0878 0x101c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:28.0924 0x101c MSiSCSI - ok
19:56:28.0924 0x101c msiserver - ok
19:56:28.0971 0x101c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:29.0002 0x101c MSKSSRV - ok
19:56:29.0034 0x101c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:29.0096 0x101c MSPCLOCK - ok
19:56:29.0112 0x101c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:29.0158 0x101c MSPQM - ok
19:56:29.0190 0x101c [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:29.0221 0x101c MsRPC - ok
19:56:29.0236 0x101c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:29.0252 0x101c mssmbios - ok
19:56:29.0252 0x101c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:29.0283 0x101c MSTEE - ok
19:56:29.0299 0x101c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:56:29.0330 0x101c MTConfig - ok
19:56:29.0346 0x101c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:29.0361 0x101c Mup - ok
19:56:29.0408 0x101c [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
19:56:29.0470 0x101c napagent - ok
19:56:29.0517 0x101c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:29.0533 0x101c NativeWifiP - ok
19:56:29.0595 0x101c [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:29.0611 0x101c NDIS - ok
19:56:29.0642 0x101c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:29.0689 0x101c NdisCap - ok
19:56:29.0736 0x101c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:29.0782 0x101c NdisTapi - ok
19:56:29.0814 0x101c [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:29.0860 0x101c Ndisuio - ok
19:56:29.0892 0x101c [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:29.0954 0x101c NdisWan - ok
19:56:29.0985 0x101c [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:30.0032 0x101c NDProxy - ok
19:56:30.0079 0x101c [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
19:56:30.0079 0x101c Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
19:56:32.0824 0x101c Detect skipped due to KSN trusted
19:56:32.0824 0x101c Netaapl - ok
19:56:32.0856 0x101c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:32.0902 0x101c NetBIOS - ok
19:56:32.0934 0x101c [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:56:32.0965 0x101c NetBT - ok
19:56:32.0980 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
19:56:32.0980 0x101c Netlogon - ok
19:56:33.0012 0x101c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:56:33.0074 0x101c Netman - ok
19:56:33.0121 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0136 0x101c NetMsmqActivator - ok
19:56:33.0152 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0152 0x101c NetPipeActivator - ok
19:56:33.0183 0x101c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:56:33.0246 0x101c netprofm - ok
19:56:33.0277 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0277 0x101c NetTcpActivator - ok
19:56:33.0292 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0292 0x101c NetTcpPortSharing - ok
19:56:33.0308 0x101c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:56:33.0324 0x101c nfrd960 - ok
19:56:33.0339 0x101c [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:33.0402 0x101c NlaSvc - ok
19:56:33.0433 0x101c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:33.0480 0x101c Npfs - ok
19:56:33.0511 0x101c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:56:33.0542 0x101c nsi - ok
19:56:33.0542 0x101c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:33.0589 0x101c nsiproxy - ok
19:56:33.0667 0x101c [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:33.0729 0x101c Ntfs - ok
19:56:33.0745 0x101c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:56:33.0792 0x101c Null - ok
19:56:33.0823 0x101c nvlddmkm - ok
19:56:33.0838 0x101c [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
19:56:33.0854 0x101c nvraid - ok
19:56:33.0870 0x101c [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
19:56:33.0870 0x101c nvstor - ok
19:56:33.0901 0x101c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:56:33.0916 0x101c nv_agp - ok
19:56:33.0916 0x101c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:56:33.0932 0x101c ohci1394 - ok
19:56:33.0963 0x101c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:56:34.0041 0x101c p2pimsvc - ok
19:56:34.0057 0x101c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:34.0104 0x101c p2psvc - ok
19:56:34.0119 0x101c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:56:34.0166 0x101c Parport - ok
19:56:34.0213 0x101c [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:34.0228 0x101c partmgr - ok
19:56:34.0260 0x101c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:34.0306 0x101c PcaSvc - ok
19:56:34.0369 0x101c PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
19:56:34.0384 0x101c [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
19:56:34.0384 0x101c pci - ok
19:56:34.0400 0x101c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:56:34.0416 0x101c pciide - ok
19:56:34.0431 0x101c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:56:34.0447 0x101c pcmcia - ok
19:56:34.0462 0x101c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:56:34.0478 0x101c pcw - ok
19:56:34.0494 0x101c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:34.0587 0x101c PEAUTH - ok
19:56:34.0665 0x101c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:56:34.0696 0x101c PerfHost - ok
19:56:34.0759 0x101c [ DD797B8B2B295AFBDCD9F35CF62B5DCC, 1716C0B9F9282BC3D3D07F3C96FD457E8188B6029F0181BECFD32CE59F77FC31 ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
19:56:34.0790 0x101c PID_0928 - ok
19:56:34.0837 0x101c [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
19:56:34.0946 0x101c pla - ok
19:56:35.0024 0x101c [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:35.0086 0x101c PlugPlay - ok
19:56:35.0118 0x101c PnkBstrA - ok
19:56:35.0133 0x101c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:56:35.0149 0x101c PNRPAutoReg - ok
19:56:35.0164 0x101c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:56:35.0180 0x101c PNRPsvc - ok
19:56:35.0227 0x101c [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:35.0289 0x101c PolicyAgent - ok
19:56:35.0320 0x101c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:56:35.0383 0x101c Power - ok
19:56:35.0414 0x101c [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:35.0476 0x101c PptpMiniport - ok
19:56:35.0508 0x101c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:56:35.0523 0x101c Processor - ok
19:56:35.0539 0x101c [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:35.0586 0x101c ProfSvc - ok
19:56:35.0586 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:35.0601 0x101c ProtectedStorage - ok
19:56:35.0617 0x101c [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:56:35.0664 0x101c Psched - ok
19:56:35.0695 0x101c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:56:35.0710 0x101c PxHlpa64 - ok
19:56:35.0773 0x101c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:56:35.0851 0x101c ql2300 - ok
19:56:35.0882 0x101c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:56:35.0898 0x101c ql40xx - ok
19:56:35.0944 0x101c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:56:35.0960 0x101c QWAVE - ok
19:56:35.0976 0x101c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:35.0991 0x101c QWAVEdrv - ok
19:56:35.0991 0x101c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:36.0022 0x101c RasAcd - ok
19:56:36.0069 0x101c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:36.0132 0x101c RasAgileVpn - ok
19:56:36.0163 0x101c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:56:36.0210 0x101c RasAuto - ok
19:56:36.0225 0x101c [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:36.0272 0x101c Rasl2tp - ok
19:56:36.0303 0x101c [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
19:56:36.0366 0x101c RasMan - ok
19:56:36.0397 0x101c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:36.0428 0x101c RasPppoe - ok
19:56:36.0459 0x101c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:36.0506 0x101c RasSstp - ok
19:56:36.0537 0x101c [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:36.0584 0x101c rdbss - ok
19:56:36.0600 0x101c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:36.0615 0x101c rdpbus - ok
19:56:36.0631 0x101c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:36.0662 0x101c RDPCDD - ok
19:56:36.0678 0x101c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:36.0709 0x101c RDPENCDD - ok
19:56:36.0709 0x101c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:56:36.0756 0x101c RDPREFMP - ok
19:56:36.0802 0x101c [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:36.0834 0x101c RDPWD - ok
19:56:36.0865 0x101c [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:56:36.0865 0x101c rdyboost - ok
19:56:36.0896 0x101c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:36.0943 0x101c RemoteAccess - ok
19:56:36.0974 0x101c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:37.0021 0x101c RemoteRegistry - ok
19:56:37.0068 0x101c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:56:37.0114 0x101c RpcEptMapper - ok
19:56:37.0146 0x101c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:56:37.0177 0x101c RpcLocator - ok
19:56:37.0208 0x101c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
19:56:37.0255 0x101c RpcSs - ok
19:56:37.0255 0x101c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:37.0302 0x101c rspndr - ok
19:56:37.0333 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
19:56:37.0333 0x101c SamSs - ok
19:56:37.0364 0x101c [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:56:37.0364 0x101c sbp2port - ok
19:56:37.0380 0x101c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:37.0442 0x101c SCardSvr - ok
19:56:37.0473 0x101c [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:56:37.0504 0x101c scfilter - ok
19:56:37.0582 0x101c [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
19:56:37.0660 0x101c Schedule - ok
19:56:37.0676 0x101c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:37.0707 0x101c SCPolicySvc - ok
19:56:37.0723 0x101c [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:37.0770 0x101c SDRSVC - ok
19:56:37.0879 0x101c [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:56:37.0894 0x101c SeaPort - ok
19:56:37.0926 0x101c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] SecDrv C:\Windows\system32\drivers\SECDRV.SYS
19:56:37.0972 0x101c SecDrv - ok
19:56:38.0004 0x101c [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
19:56:38.0066 0x101c seclogon - ok
19:56:38.0097 0x101c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:56:38.0144 0x101c SENS - ok
19:56:38.0160 0x101c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:56:38.0222 0x101c SensrSvc - ok
19:56:38.0222 0x101c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:56:38.0269 0x101c Serenum - ok
19:56:38.0316 0x101c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:56:38.0347 0x101c Serial - ok
19:56:38.0362 0x101c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:56:38.0394 0x101c sermouse - ok
19:56:38.0440 0x101c [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:38.0472 0x101c SessionEnv - ok
19:56:38.0503 0x101c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:56:38.0534 0x101c sffdisk - ok
19:56:38.0565 0x101c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:56:38.0612 0x101c sffp_mmc - ok
19:56:38.0643 0x101c [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:56:38.0659 0x101c sffp_sd - ok
19:56:38.0674 0x101c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:56:38.0706 0x101c sfloppy - ok
19:56:38.0799 0x101c [ 16A5CC62F79A32A974B55110A898945C, 9CCC56C44A1C19418F96CD4B16EAC476DDD5CEAB7CAD9DF2FD062013AE6B2244 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:56:38.0830 0x101c SftService - ok
19:56:38.0877 0x101c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:38.0940 0x101c SharedAccess - ok
19:56:38.0971 0x101c [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:39.0002 0x101c ShellHWDetection - ok
19:56:39.0018 0x101c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:56:39.0033 0x101c SiSRaid2 - ok
19:56:39.0049 0x101c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:56:39.0049 0x101c SiSRaid4 - ok
19:56:39.0220 0x101c [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:56:39.0314 0x101c Skype C2C Service - ok
19:56:39.0376 0x101c [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:39.0376 0x101c SkypeUpdate - ok
19:56:39.0408 0x101c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:39.0439 0x101c Smb - ok
19:56:39.0470 0x101c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:39.0501 0x101c SNMPTRAP - ok
19:56:39.0532 0x101c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:39.0548 0x101c spldr - ok
19:56:39.0610 0x101c [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
19:56:39.0657 0x101c Spooler - ok
19:56:39.0766 0x101c [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
19:56:39.0907 0x101c sppsvc - ok
19:56:39.0938 0x101c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:56:39.0985 0x101c sppuinotify - ok
19:56:40.0047 0x101c [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:40.0110 0x101c srv - ok
19:56:40.0141 0x101c [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:40.0203 0x101c srv2 - ok
19:56:40.0234 0x101c [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:40.0266 0x101c srvnet - ok
19:56:40.0281 0x101c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:40.0312 0x101c SSDPSRV - ok
19:56:40.0328 0x101c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:40.0359 0x101c SstpSvc - ok
19:56:40.0437 0x101c [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:56:40.0468 0x101c Steam Client Service - ok
19:56:40.0484 0x101c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:56:40.0500 0x101c stexstor - ok
19:56:40.0531 0x101c [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:40.0593 0x101c stisvc - ok
19:56:40.0624 0x101c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:56:40.0640 0x101c swenum - ok
19:56:40.0671 0x101c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:56:40.0718 0x101c swprv - ok
19:56:40.0780 0x101c [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
19:56:40.0858 0x101c SysMain - ok
19:56:40.0890 0x101c SystemStoreService - ok
19:56:40.0905 0x101c [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:40.0921 0x101c TabletInputService - ok
19:56:40.0936 0x101c [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
19:56:40.0968 0x101c tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
19:56:43.0698 0x101c Detect skipped due to KSN trusted
19:56:43.0698 0x101c tap0901t - ok
19:56:43.0729 0x101c [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:43.0776 0x101c TapiSrv - ok
19:56:43.0776 0x101c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:56:43.0807 0x101c TBS - ok
19:56:43.0869 0x101c [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:43.0932 0x101c Tcpip - ok
19:56:44.0010 0x101c [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:44.0056 0x101c TCPIP6 - ok
19:56:44.0072 0x101c [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:44.0119 0x101c tcpipreg - ok
19:56:44.0134 0x101c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:44.0212 0x101c TDPIPE - ok
19:56:44.0228 0x101c [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:44.0259 0x101c TDTCP - ok
19:56:44.0275 0x101c [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:44.0306 0x101c tdx - ok
19:56:44.0306 0x101c [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:56:44.0322 0x101c TermDD - ok
19:56:44.0353 0x101c [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
19:56:44.0431 0x101c TermService - ok
19:56:44.0446 0x101c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:56:44.0478 0x101c Themes - ok
19:56:44.0524 0x101c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:44.0556 0x101c THREADORDER - ok
19:56:44.0602 0x101c [ 199C2E87D9A5EC58D0BCD94E893BF629, A3CE21A62BB3D31FEE36E517D7ED7B86E41D4A80F22A51B9821AC57991014DC9 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
19:56:44.0649 0x101c TIEHDUSB - ok
19:56:44.0665 0x101c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:56:44.0696 0x101c TrkWks - ok
19:56:44.0743 0x101c [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:44.0774 0x101c TrustedInstaller - ok
19:56:44.0805 0x101c [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:44.0836 0x101c tssecsrv - ok
19:56:44.0868 0x101c [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:44.0899 0x101c tunnel - ok
19:56:44.0977 0x101c [ 97D6177C2DCCDA2BA25F053B3C75D74E, DFB449E51978433F21BD85E42C5012DE64992CC0101FD9FFA6BA418233C6E70A ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
19:56:45.0039 0x101c TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
19:56:47.0769 0x101c Detect skipped due to KSN trusted
19:56:47.0769 0x101c TunngleService - ok
19:56:47.0785 0x101c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:56:47.0800 0x101c uagp35 - ok
19:56:47.0832 0x101c [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:47.0878 0x101c udfs - ok
19:56:47.0910 0x101c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:47.0925 0x101c UI0Detect - ok
19:56:47.0941 0x101c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:56:47.0956 0x101c uliagpkx - ok
19:56:47.0972 0x101c [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:56:48.0019 0x101c umbus - ok
19:56:48.0050 0x101c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:56:48.0081 0x101c UmPass - ok
19:56:48.0112 0x101c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:56:48.0159 0x101c upnphost - ok
19:56:48.0206 0x101c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:56:48.0253 0x101c USBAAPL64 - ok
19:56:48.0268 0x101c [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:48.0284 0x101c usbccgp - ok
19:56:48.0315 0x101c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:56:48.0362 0x101c usbcir - ok
19:56:48.0378 0x101c [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:56:48.0409 0x101c usbehci - ok
19:56:48.0456 0x101c [ 7CC1C95896D60E868AA6DD2DD2F97EAD, 8A6BCA8A8C209EBDC31E8992AA925DDEE469E2E32A30AE1F7E3D1E09B9327DDC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:56:48.0502 0x101c usbhub - ok
19:56:48.0534 0x101c [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:56:48.0549 0x101c usbohci - ok
19:56:48.0596 0x101c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:48.0596 0x101c usbprint - ok
19:56:48.0612 0x101c [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:48.0643 0x101c USBSTOR - ok
19:56:48.0674 0x101c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:48.0705 0x101c usbuhci - ok
19:56:48.0768 0x101c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:56:48.0814 0x101c UxSms - ok
19:56:48.0846 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
19:56:48.0861 0x101c VaultSvc - ok
19:56:48.0877 0x101c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:56:48.0877 0x101c vdrvroot - ok
19:56:48.0908 0x101c [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
19:56:48.0939 0x101c vds - ok
19:56:48.0955 0x101c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:48.0970 0x101c vga - ok
19:56:48.0986 0x101c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:49.0033 0x101c VgaSave - ok
19:56:49.0064 0x101c [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:56:49.0080 0x101c vhdmp - ok
19:56:49.0080 0x101c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:56:49.0095 0x101c viaide - ok
19:56:49.0111 0x101c [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:56:49.0126 0x101c volmgr - ok
19:56:49.0142 0x101c [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:49.0158 0x101c volmgrx - ok
19:56:49.0220 0x101c [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:56:49.0236 0x101c volsnap - ok
19:56:49.0251 0x101c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:56:49.0267 0x101c vsmraid - ok
19:56:49.0329 0x101c [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
19:56:49.0407 0x101c VSS - ok
19:56:49.0454 0x101c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:56:49.0485 0x101c vwifibus - ok
19:56:49.0548 0x101c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:56:49.0579 0x101c W32Time - ok
19:56:49.0594 0x101c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:56:49.0626 0x101c WacomPen - ok
19:56:49.0672 0x101c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:56:49.0704 0x101c WANARP - ok
19:56:49.0719 0x101c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:49.0750 0x101c Wanarpv6 - ok
19:56:49.0797 0x101c [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
19:56:49.0922 0x101c wbengine - ok
19:56:49.0938 0x101c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:56:49.0953 0x101c WbioSrvc - ok
19:56:50.0000 0x101c [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:50.0047 0x101c wcncsvc - ok
19:56:50.0062 0x101c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:50.0094 0x101c WcsPlugInService - ok
19:56:50.0094 0x101c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:56:50.0094 0x101c Wd - ok
19:56:50.0156 0x101c [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:50.0187 0x101c Wdf01000 - ok
19:56:50.0203 0x101c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:50.0234 0x101c WdiServiceHost - ok
19:56:50.0250 0x101c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:50.0265 0x101c WdiSystemHost - ok
19:56:50.0281 0x101c [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
19:56:50.0312 0x101c WebClient - ok
19:56:50.0343 0x101c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:50.0390 0x101c Wecsvc - ok
19:56:50.0421 0x101c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:50.0452 0x101c wercplsupport - ok
19:56:50.0468 0x101c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:50.0499 0x101c WerSvc - ok
19:56:50.0515 0x101c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:50.0546 0x101c WfpLwf - ok
19:56:50.0593 0x101c [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:56:50.0608 0x101c WimFltr - ok
19:56:50.0608 0x101c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:56:50.0624 0x101c WIMMount - ok
19:56:50.0624 0x101c WinDefend - ok
19:56:50.0640 0x101c WinHttpAutoProxySvc - ok
19:56:50.0686 0x101c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:50.0718 0x101c Winmgmt - ok
19:56:50.0842 0x101c [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
19:56:50.0842 0x101c WinRing0_1_2_0 - ok
19:56:50.0905 0x101c [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:51.0030 0x101c WinRM - ok
19:56:51.0076 0x101c [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:51.0092 0x101c WinUsb - ok
19:56:51.0123 0x101c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:51.0186 0x101c Wlansvc - ok
19:56:51.0326 0x101c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:51.0420 0x101c wlidsvc - ok
19:56:51.0451 0x101c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:56:51.0466 0x101c WmiAcpi - ok
19:56:51.0529 0x101c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:51.0544 0x101c wmiApSrv - ok
19:56:51.0576 0x101c WMPNetworkSvc - ok
19:56:51.0591 0x101c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:51.0607 0x101c WPCSvc - ok
19:56:51.0622 0x101c [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:51.0638 0x101c WPDBusEnum - ok
19:56:51.0654 0x101c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:51.0685 0x101c ws2ifsl - ok
19:56:51.0716 0x101c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:56:51.0732 0x101c wscsvc - ok
19:56:51.0732 0x101c WSearch - ok
19:56:51.0810 0x101c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:51.0903 0x101c wuauserv - ok
19:56:51.0919 0x101c [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:56:51.0950 0x101c WudfPf - ok
19:56:51.0981 0x101c [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:52.0028 0x101c WUDFRd - ok
19:56:52.0059 0x101c [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:52.0090 0x101c wudfsvc - ok
19:56:52.0122 0x101c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:56:52.0153 0x101c WwanSvc - ok
19:56:52.0184 0x101c [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:56:52.0200 0x101c xusb21 - ok
19:56:52.0215 0x101c ================ Scan global ===============================
19:56:52.0231 0x101c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:56:52.0293 0x101c [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
19:56:52.0309 0x101c [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
19:56:52.0324 0x101c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:56:52.0371 0x101c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:56:52.0387 0x101c [ Global ] - ok
19:56:52.0387 0x101c ================ Scan MBR ==================================
19:56:52.0387 0x101c [ DE1996B5390BAC8242E23168F828C750 ] \Device\Harddisk0\DR0
19:56:52.0387 0x101c Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:56:52.0418 0x101c \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 ( 0 )
19:56:52.0418 0x101c \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
19:56:55.0132 0x101c \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
19:56:55.0132 0x101c \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:56:57.0816 0x101c ================ Scan VBR ==================================
19:56:57.0816 0x101c [ 7BCFCB3DD65651198987D67DED5CFE2A ] \Device\Harddisk0\DR0\Partition1
19:56:57.0816 0x101c \Device\Harddisk0\DR0\Partition1 - ok
19:56:57.0831 0x101c [ 3E1BC4CE00F50D398178CADB64968F3C ] \Device\Harddisk0\DR0\Partition2
19:56:57.0831 0x101c \Device\Harddisk0\DR0\Partition2 - ok
19:56:57.0878 0x101c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
19:56:57.0878 0x101c Win FW state via NFP2: disabled
19:57:00.0561 0x101c ============================================================
19:57:00.0561 0x101c Scan finished
19:57:00.0561 0x101c ============================================================
19:57:00.0561 0x1324 Detected object count: 2
19:57:00.0561 0x1324 Actual detected object count: 2
19:57:13.0993 0x1324 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user
19:57:13.0993 0x1324 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip
19:57:14.0008 0x1324 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:57:14.0008 0x1324 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:58:17.0210 0x1028 Deinitialize success

deeprybka 20.04.2014 19:07
Gut gemacht mit dem Scan!

Zitat:
Zitat von PhilMcDevil (Beitrag 1287768)
Firefox benutze ich eigentlich eh nie, also sollte das nicht allzu schlimm sein oder?
Naja, das mag ich jetzt nicht abschließend evaluieren, aber wenn Du damit keine sensiblen Logins machst, ist das schon mal nicht schlecht... ;)

Melde mich wieder...

deeprybka 21.04.2014 19:21
Hi... ;)

Frage: Hast Du Backups von Deinen wichtigen Dateien und Daten?


Lesestoff:
Rootkit-Warnung
Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für Dich?
  • Entscheide bitte ganz bewußt, ob du mit der Bereinigung fortfahren möchtest. Ein einmal derartig kompromittiertes System kann man niemals mit 100%iger Sicherheit wieder absichern. Auch wenn wir gute Chancen haben, Deinen Computer zu bereinigen, kann es dennoch möglich sein, dass uns am Ende nur die Neuinstallation bleibt.
  • Hast Du ansonsten sensible Daten auf Deinem Computer, dann solltest Du auch darüber nachdenken, wie Du damit umgehst, da sie sich praktisch "jeder" ansehen konnte.
Teile mir also mit, ob Du eine Bereinigung versuchen möchtest oder nicht...

PhilMcDevil 21.04.2014 20:02
Back-Ups habe ich leider nicht..
Also wenn ich die Bereinigung weitermache, kann es sein dass ich alles Neu installieren muss ?
Das würde ich zwar gerne verhindern, aber ich möchte auch nicht wirklich den Virus auf dem PC lassen. Also werde ich es mit der Bereinigung versuchen.

deeprybka 21.04.2014 20:12
:daumenhoc

OK! :)

Zitat:
Also wenn ich die Bereinigung weitermache, kann es sein dass ich alles Neu installieren muss ?
Es ist so gemeint: Entweder Du installierst gleich neu oder Du installierst neu, wenn alle Bereinigungsversuche nicht funktionieren oder was schief geht! ;)

Alles klar? :)

PhilMcDevil 21.04.2014 20:13
Achso, in dem Fall will ich erst versuchen den PC zu bereinigen :)

deeprybka 21.04.2014 20:20
Alles klar...Melde mich dann mit weiteren Anweisungen...(morgen vermutlich) :abklatsch:

deeprybka 22.04.2014 07:45
Hi, wir machen so weiter... ;)

Schritt 1
Starte bitte http://filepony.de/icon/tdsskiller.pngTDSSkiller.exe erneut.
Vista und Win7 User mit Rechtsklick "als Administrator ausführen".
  • Falls ein Update zur Verfügung steht, bestätige die Aktualisierung von TDSSKiller.
  • Klicke auf "Change parameters". (Bild 1)
  • Setze die Haken auch bei "Additional options" (Bild 2) und klicke auf OK.
  • Drücke auf Start Scan.
    Mache während des Scans nichts am Rechner!
  • Gehe sicher, dass bei Rootkit und TDSS File System die Option Cure bzw. Delete ausgewählt ist. (Bild 3) [Evtl. andere Einträge - Skip wählen]
  • Drücke Continue
  • Bestätige den Reboot (Bild 4)
  • TDSSKiller wird ein Logfile auf deinem Systemlaufwerk speichern (C:\TDSSKiller.<version_date_time>log.txt).

Poste bitte den Inhalt dieses Logfiles in den Thread hier.

Bildanleitung
http://s1.directupload.net/images/140421/pxzhlzmw.png

(Durch Anklicken vergrößerbar)

http://s1.directupload.net/images/14...p/4zzyhe2u.pnghttp://s1.directupload.net/images/14...p/m5u3tj9j.pnghttp://s14.directupload.net/images/1...p/3dc8ugzy.pnghttp://s14.directupload.net/images/1...p/r9ful9vi.png

PhilMcDevil 22.04.2014 10:33
11:30:01.0718 0x0d34 TDSS rootkit removing tool 3.0.0.32 Apr 21 2014 18:31:25
11:30:01.0889 0x0d34 ============================================================
11:30:01.0889 0x0d34 Current date / time: 2014/04/22 11:30:01.0889
11:30:01.0889 0x0d34 SystemInfo:
11:30:01.0889 0x0d34
11:30:01.0889 0x0d34 OS Version: 6.1.7600 ServicePack: 0.0
11:30:01.0889 0x0d34 Product type: Workstation
11:30:01.0889 0x0d34 ComputerName: PHILIP-PC
11:30:01.0889 0x0d34 UserName: Philip
11:30:01.0889 0x0d34 Windows directory: C:\Windows
11:30:01.0889 0x0d34 System windows directory: C:\Windows
11:30:01.0889 0x0d34 Running under WOW64
11:30:01.0889 0x0d34 Processor architecture: Intel x64
11:30:01.0889 0x0d34 Number of processors: 4
11:30:01.0889 0x0d34 Page size: 0x1000
11:30:01.0889 0x0d34 Boot type: Normal boot
11:30:01.0889 0x0d34 ============================================================
11:30:01.0889 0x0d34 BG loaded
11:30:02.0061 0x0d34 System UUID: {BA202CF7-87B9-432A-F42B-5009CAF5A2C4}
11:30:02.0685 0x0d34 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:30:02.0700 0x0d34 ============================================================
11:30:02.0700 0x0d34 \Device\Harddisk0\DR0:
11:30:02.0700 0x0d34 MBR partitions:
11:30:02.0700 0x0d34 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x155F000
11:30:02.0700 0x0d34 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1582800, BlocksNum 0x492D5000
11:30:02.0700 0x0d34 ============================================================
11:30:02.0732 0x0d34 C: <-> \Device\Harddisk0\DR0\Partition2
11:30:02.0732 0x0d34 ============================================================
11:30:02.0732 0x0d34 Initialize success
11:30:02.0732 0x0d34 ============================================================

deeprybka 22.04.2014 12:06
Ok, bitte jetzt nochmal einen Scan mit TDSS-Killer durchführen und das Log posten.
Das muss wieder ein längeres sein, wie das vom ersten Scan- jetzt aber hoffentlich ohne Funde... ;)

PhilMcDevil 22.04.2014 12:18
13:16:08.0768 0x08c4 TDSS rootkit removing tool 3.0.0.32 Apr 21 2014 18:31:25
13:16:13.0131 0x08c4 ============================================================
13:16:13.0131 0x08c4 Current date / time: 2014/04/22 13:16:13.0131
13:16:13.0131 0x08c4 SystemInfo:
13:16:13.0131 0x08c4
13:16:13.0131 0x08c4 OS Version: 6.1.7600 ServicePack: 0.0
13:16:13.0131 0x08c4 Product type: Workstation
13:16:13.0131 0x08c4 ComputerName: PHILIP-PC
13:16:13.0131 0x08c4 UserName: Philip
13:16:13.0131 0x08c4 Windows directory: C:\Windows
13:16:13.0131 0x08c4 System windows directory: C:\Windows
13:16:13.0131 0x08c4 Running under WOW64
13:16:13.0131 0x08c4 Processor architecture: Intel x64
13:16:13.0131 0x08c4 Number of processors: 4
13:16:13.0131 0x08c4 Page size: 0x1000
13:16:13.0131 0x08c4 Boot type: Normal boot
13:16:13.0131 0x08c4 ============================================================
13:16:13.0133 0x08c4 BG loaded
13:16:13.0249 0x08c4 System UUID: {BA202CF7-87B9-432A-F42B-5009CAF5A2C4}
13:16:13.0662 0x08c4 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:16:13.0683 0x08c4 ============================================================
13:16:13.0683 0x08c4 \Device\Harddisk0\DR0:
13:16:13.0683 0x08c4 MBR partitions:
13:16:13.0683 0x08c4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x155F000
13:16:13.0683 0x08c4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1582800, BlocksNum 0x492D5000
13:16:13.0683 0x08c4 ============================================================
13:16:13.0714 0x08c4 C: <-> \Device\Harddisk0\DR0\Partition2
13:16:13.0714 0x08c4 ============================================================
13:16:13.0714 0x08c4 Initialize success
13:16:13.0714 0x08c4 ============================================================
13:16:19.0826 0x0ae4 ============================================================
13:16:19.0826 0x0ae4 Scan started
13:16:19.0826 0x0ae4 Mode: Manual; SigCheck; TDLFS;
13:16:19.0826 0x0ae4 ============================================================
13:16:19.0826 0x0ae4 KSN ping started
13:16:33.0486 0x0ae4 KSN ping finished: true
13:16:34.0031 0x0ae4 ================ Scan system memory ========================
13:16:34.0031 0x0ae4 System memory - ok
13:16:34.0031 0x0ae4 ================ Scan services =============================
13:16:34.0178 0x0ae4 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:16:34.0293 0x0ae4 1394ohci - ok
13:16:34.0330 0x0ae4 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
13:16:34.0354 0x0ae4 ACPI - ok
13:16:34.0373 0x0ae4 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
13:16:34.0434 0x0ae4 AcpiPmi - ok
13:16:34.0514 0x0ae4 [ F84C9DEE4698DF3C1D76801B7B1B55D7, 071A3938ED7B9E20E30E873011C8039382C7EFE90D39EC8C0F3E457B2873406E ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
13:16:34.0545 0x0ae4 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
13:16:37.0231 0x0ae4 Detect skipped due to KSN trusted
13:16:37.0231 0x0ae4 Adobe LM Service - ok
13:16:37.0339 0x0ae4 [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:16:37.0350 0x0ae4 AdobeFlashPlayerUpdateSvc - ok
13:16:37.0390 0x0ae4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:16:37.0439 0x0ae4 adp94xx - ok
13:16:37.0475 0x0ae4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:16:37.0498 0x0ae4 adpahci - ok
13:16:37.0513 0x0ae4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:16:37.0527 0x0ae4 adpu320 - ok
13:16:37.0557 0x0ae4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:16:37.0684 0x0ae4 AeLookupSvc - ok
13:16:37.0760 0x0ae4 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
13:16:37.0826 0x0ae4 AFD - ok
13:16:37.0854 0x0ae4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
13:16:37.0866 0x0ae4 agp440 - ok
13:16:37.0879 0x0ae4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:16:37.0921 0x0ae4 ALG - ok
13:16:37.0958 0x0ae4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
13:16:37.0968 0x0ae4 aliide - ok
13:16:38.0052 0x0ae4 ALSysIO - ok
13:16:38.0094 0x0ae4 [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:16:38.0168 0x0ae4 AMD External Events Utility - ok
13:16:38.0218 0x0ae4 AMD FUEL Service - ok
13:16:38.0240 0x0ae4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
13:16:38.0250 0x0ae4 amdide - ok
13:16:38.0276 0x0ae4 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
13:16:38.0312 0x0ae4 amdiox64 - ok
13:16:38.0327 0x0ae4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:16:38.0366 0x0ae4 AmdK8 - ok
13:16:38.0712 0x0ae4 [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:16:39.0062 0x0ae4 amdkmdag - ok
13:16:39.0123 0x0ae4 [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:16:39.0155 0x0ae4 amdkmdap - ok
13:16:39.0183 0x0ae4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:16:39.0212 0x0ae4 AmdPPM - ok
13:16:39.0254 0x0ae4 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
13:16:39.0267 0x0ae4 amdsata - ok
13:16:39.0286 0x0ae4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:16:39.0309 0x0ae4 amdsbs - ok
13:16:39.0321 0x0ae4 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
13:16:39.0331 0x0ae4 amdxata - ok
13:16:39.0396 0x0ae4 [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:16:39.0410 0x0ae4 AntiVirSchedulerService - ok
13:16:39.0449 0x0ae4 [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:16:39.0462 0x0ae4 AntiVirService - ok
13:16:39.0504 0x0ae4 [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:16:39.0530 0x0ae4 AntiVirWebService - ok
13:16:39.0548 0x0ae4 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:16:39.0558 0x0ae4 AODDriver4.01 - ok
13:16:39.0580 0x0ae4 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:16:39.0585 0x0ae4 AODDriver4.1 - ok
13:16:39.0606 0x0ae4 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:16:39.0611 0x0ae4 AODDriver4.2 - ok
13:16:39.0627 0x0ae4 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
13:16:39.0706 0x0ae4 AppID - ok
13:16:39.0741 0x0ae4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:16:39.0795 0x0ae4 AppIDSvc - ok
13:16:39.0822 0x0ae4 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
13:16:39.0851 0x0ae4 Appinfo - ok
13:16:39.0935 0x0ae4 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:16:39.0941 0x0ae4 Apple Mobile Device - ok
13:16:39.0967 0x0ae4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:16:39.0979 0x0ae4 arc - ok
13:16:39.0991 0x0ae4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:16:40.0004 0x0ae4 arcsas - ok
13:16:40.0075 0x0ae4 aspnet_state - ok
13:16:40.0095 0x0ae4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:16:40.0146 0x0ae4 AsyncMac - ok
13:16:40.0173 0x0ae4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
13:16:40.0179 0x0ae4 atapi - ok
13:16:40.0222 0x0ae4 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:16:40.0292 0x0ae4 AtiHDAudioService - ok
13:16:40.0326 0x0ae4 [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:16:40.0338 0x0ae4 AtiHdmiService - ok
13:16:40.0376 0x0ae4 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
13:16:40.0384 0x0ae4 AtiPcie - ok
13:16:40.0425 0x0ae4 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
13:16:40.0442 0x0ae4 atksgt - ok
13:16:40.0485 0x0ae4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:16:40.0546 0x0ae4 AudioEndpointBuilder - ok
13:16:40.0585 0x0ae4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:16:40.0628 0x0ae4 AudioSrv - ok
13:16:40.0671 0x0ae4 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:16:40.0684 0x0ae4 avgntflt - ok
13:16:40.0721 0x0ae4 [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:16:40.0735 0x0ae4 avipbb - ok
13:16:40.0753 0x0ae4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:16:40.0763 0x0ae4 avkmgr - ok
13:16:40.0782 0x0ae4 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:16:40.0832 0x0ae4 AxInstSV - ok
13:16:40.0883 0x0ae4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:16:40.0919 0x0ae4 b06bdrv - ok
13:16:40.0956 0x0ae4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:16:41.0002 0x0ae4 b57nd60a - ok
13:16:41.0037 0x0ae4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:16:41.0076 0x0ae4 BDESVC - ok
13:16:41.0109 0x0ae4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:16:41.0159 0x0ae4 Beep - ok
13:16:41.0211 0x0ae4 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
13:16:41.0273 0x0ae4 BFE - ok
13:16:41.0324 0x0ae4 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
13:16:41.0393 0x0ae4 BITS - ok
13:16:41.0433 0x0ae4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:16:41.0463 0x0ae4 blbdrive - ok
13:16:41.0519 0x0ae4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:16:41.0533 0x0ae4 Bonjour Service - ok
13:16:41.0583 0x0ae4 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:16:41.0633 0x0ae4 bowser - ok
13:16:41.0659 0x0ae4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:16:41.0693 0x0ae4 BrFiltLo - ok
13:16:41.0715 0x0ae4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:16:41.0748 0x0ae4 BrFiltUp - ok
13:16:41.0789 0x0ae4 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
13:16:41.0838 0x0ae4 Browser - ok
13:16:41.0865 0x0ae4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:16:41.0904 0x0ae4 Brserid - ok
13:16:41.0931 0x0ae4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:16:41.0946 0x0ae4 BrSerWdm - ok
13:16:41.0959 0x0ae4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:16:41.0996 0x0ae4 BrUsbMdm - ok
13:16:42.0016 0x0ae4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:16:42.0048 0x0ae4 BrUsbSer - ok
13:16:42.0078 0x0ae4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:16:42.0111 0x0ae4 BTHMODEM - ok
13:16:42.0164 0x0ae4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:16:42.0218 0x0ae4 bthserv - ok
13:16:42.0247 0x0ae4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:16:42.0291 0x0ae4 cdfs - ok
13:16:42.0324 0x0ae4 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:16:42.0341 0x0ae4 cdrom - ok
13:16:42.0363 0x0ae4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
13:16:42.0392 0x0ae4 CertPropSvc - ok
13:16:42.0408 0x0ae4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:16:42.0442 0x0ae4 circlass - ok
13:16:42.0480 0x0ae4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
13:16:42.0512 0x0ae4 CLFS - ok
13:16:42.0553 0x0ae4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:16:42.0565 0x0ae4 clr_optimization_v2.0.50727_32 - ok
13:16:42.0619 0x0ae4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:16:42.0631 0x0ae4 clr_optimization_v2.0.50727_64 - ok
13:16:42.0681 0x0ae4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:16:42.0695 0x0ae4 clr_optimization_v4.0.30319_32 - ok
13:16:42.0745 0x0ae4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:16:42.0759 0x0ae4 clr_optimization_v4.0.30319_64 - ok
13:16:42.0786 0x0ae4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:16:42.0797 0x0ae4 CmBatt - ok
13:16:42.0809 0x0ae4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
13:16:42.0819 0x0ae4 cmdide - ok
13:16:42.0844 0x0ae4 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
13:16:42.0880 0x0ae4 CNG - ok
13:16:42.0905 0x0ae4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:16:42.0915 0x0ae4 Compbatt - ok
13:16:42.0935 0x0ae4 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:16:42.0979 0x0ae4 CompositeBus - ok
13:16:43.0010 0x0ae4 COMSysApp - ok
13:16:43.0025 0x0ae4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:16:43.0035 0x0ae4 crcdisk - ok
13:16:43.0093 0x0ae4 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:16:43.0143 0x0ae4 CryptSvc - ok
13:16:43.0201 0x0ae4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:16:43.0258 0x0ae4 DcomLaunch - ok
13:16:43.0317 0x0ae4 dealplylive - ok
13:16:43.0325 0x0ae4 dealplylivem - ok
13:16:43.0362 0x0ae4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:16:43.0426 0x0ae4 defragsvc - ok
13:16:43.0469 0x0ae4 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:16:43.0502 0x0ae4 DfsC - ok
13:16:43.0519 0x0ae4 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:16:43.0583 0x0ae4 Dhcp - ok
13:16:43.0613 0x0ae4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:16:43.0644 0x0ae4 discache - ok
13:16:43.0665 0x0ae4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:16:43.0677 0x0ae4 Disk - ok
13:16:43.0703 0x0ae4 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:16:43.0758 0x0ae4 Dnscache - ok
13:16:43.0798 0x0ae4 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
13:16:43.0862 0x0ae4 dot3svc - ok
13:16:43.0889 0x0ae4 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
13:16:43.0938 0x0ae4 DPS - ok
13:16:43.0966 0x0ae4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:16:43.0993 0x0ae4 drmkaud - ok
13:16:44.0065 0x0ae4 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:16:44.0076 0x0ae4 dtsoftbus01 - ok
13:16:44.0124 0x0ae4 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:16:44.0160 0x0ae4 DXGKrnl - ok
13:16:44.0180 0x0ae4 EagleX64 - ok
13:16:44.0198 0x0ae4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:16:44.0246 0x0ae4 EapHost - ok
13:16:44.0353 0x0ae4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:16:44.0501 0x0ae4 ebdrv - ok
13:16:44.0536 0x0ae4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
13:16:44.0566 0x0ae4 EFS - ok
13:16:44.0630 0x0ae4 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:16:44.0694 0x0ae4 ehRecvr - ok
13:16:44.0737 0x0ae4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:16:44.0753 0x0ae4 ehSched - ok
13:16:44.0797 0x0ae4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:16:44.0830 0x0ae4 elxstor - ok
13:16:44.0849 0x0ae4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
13:16:44.0878 0x0ae4 ErrDev - ok
13:16:44.0929 0x0ae4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:16:44.0965 0x0ae4 EventSystem - ok
13:16:44.0987 0x0ae4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:16:45.0046 0x0ae4 exfat - ok
13:16:45.0072 0x0ae4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:16:45.0104 0x0ae4 fastfat - ok
13:16:45.0144 0x0ae4 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
13:16:45.0192 0x0ae4 Fax - ok
13:16:45.0216 0x0ae4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:16:45.0243 0x0ae4 fdc - ok
13:16:45.0275 0x0ae4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:16:45.0333 0x0ae4 fdPHost - ok
13:16:45.0352 0x0ae4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:16:45.0387 0x0ae4 FDResPub - ok
13:16:45.0441 0x0ae4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:16:45.0453 0x0ae4 FileInfo - ok
13:16:45.0478 0x0ae4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:16:45.0530 0x0ae4 Filetrace - ok
13:16:45.0558 0x0ae4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:16:45.0586 0x0ae4 flpydisk - ok
13:16:45.0627 0x0ae4 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:16:45.0645 0x0ae4 FltMgr - ok
13:16:45.0701 0x0ae4 [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
13:16:45.0738 0x0ae4 FontCache - ok
13:16:45.0779 0x0ae4 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:16:45.0789 0x0ae4 FontCache3.0.0.0 - ok
13:16:45.0803 0x0ae4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:16:45.0814 0x0ae4 FsDepends - ok
13:16:45.0840 0x0ae4 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:16:45.0851 0x0ae4 Fs_Rec - ok
13:16:45.0883 0x0ae4 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:16:45.0908 0x0ae4 fvevol - ok
13:16:45.0920 0x0ae4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:16:45.0932 0x0ae4 gagp30kx - ok
13:16:45.0975 0x0ae4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:16:45.0984 0x0ae4 GEARAspiWDM - ok
13:16:46.0025 0x0ae4 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
13:16:46.0057 0x0ae4 gpsvc - ok
13:16:46.0113 0x0ae4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:46.0120 0x0ae4 gupdate - ok
13:16:46.0147 0x0ae4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:46.0153 0x0ae4 gupdatem - ok
13:16:46.0169 0x0ae4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:16:46.0182 0x0ae4 hcw85cir - ok
13:16:46.0242 0x0ae4 [ 2249B35899312A3AE137B23636B31763, 84E242456CFECB9F198836B818514C011F80F2879C29A1C5A277C1F9B96D3C5A ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
13:16:46.0308 0x0ae4 hcw95bda - ok
13:16:46.0333 0x0ae4 [ 3688D4B84E9F98F70A71D5B4B720940E, 67F6571C9613CED4CD3A9A7123122273C6274E012EB6AD5BE16BBDE458981AAB ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
13:16:46.0364 0x0ae4 hcw95rc - ok
13:16:46.0403 0x0ae4 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:16:46.0416 0x0ae4 HDAudBus - ok
13:16:46.0429 0x0ae4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:16:46.0441 0x0ae4 HidBatt - ok
13:16:46.0456 0x0ae4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:16:46.0473 0x0ae4 HidBth - ok
13:16:46.0485 0x0ae4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:16:46.0522 0x0ae4 HidIr - ok
13:16:46.0560 0x0ae4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:16:46.0608 0x0ae4 hidserv - ok
13:16:46.0642 0x0ae4 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:16:46.0672 0x0ae4 HidUsb - ok
13:16:46.0709 0x0ae4 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
13:16:46.0758 0x0ae4 hkmsvc - ok
13:16:46.0789 0x0ae4 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:16:46.0840 0x0ae4 HomeGroupListener - ok
13:16:46.0886 0x0ae4 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:16:46.0914 0x0ae4 HomeGroupProvider - ok
13:16:46.0949 0x0ae4 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
13:16:46.0962 0x0ae4 HpSAMD - ok
13:16:47.0004 0x0ae4 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:16:47.0056 0x0ae4 HTTP - ok
13:16:47.0065 0x0ae4 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:16:47.0074 0x0ae4 hwpolicy - ok
13:16:47.0096 0x0ae4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:16:47.0112 0x0ae4 i8042prt - ok
13:16:47.0148 0x0ae4 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
13:16:47.0196 0x0ae4 iaStorV - ok
13:16:47.0276 0x0ae4 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:16:47.0323 0x0ae4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:16:50.0004 0x0ae4 Detect skipped due to KSN trusted
13:16:50.0004 0x0ae4 IDriverT - ok
13:16:50.0065 0x0ae4 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:16:50.0115 0x0ae4 idsvc - ok
13:16:50.0155 0x0ae4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:16:50.0166 0x0ae4 iirsp - ok
13:16:50.0211 0x0ae4 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
13:16:50.0276 0x0ae4 IKEEXT - ok
13:16:50.0371 0x0ae4 [ 9526F32B8A76F8DC25A1587400E30084, 9EA361DFAD88B3482863541644C5077B02B331167A20C5FE12420CBC88A3AE3D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:16:50.0429 0x0ae4 IntcAzAudAddService - ok
13:16:50.0449 0x0ae4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
13:16:50.0459 0x0ae4 intelide - ok
13:16:50.0478 0x0ae4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:16:50.0508 0x0ae4 intelppm - ok
13:16:50.0542 0x0ae4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:16:50.0601 0x0ae4 IPBusEnum - ok
13:16:50.0644 0x0ae4 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:16:50.0695 0x0ae4 IpFilterDriver - ok
13:16:50.0736 0x0ae4 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:16:50.0797 0x0ae4 iphlpsvc - ok
13:16:50.0821 0x0ae4 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:16:50.0856 0x0ae4 IPMIDRV - ok
13:16:50.0892 0x0ae4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:16:50.0925 0x0ae4 IPNAT - ok
13:16:50.0975 0x0ae4 [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:16:50.0993 0x0ae4 iPod Service - ok
13:16:51.0018 0x0ae4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:16:51.0032 0x0ae4 IRENUM - ok
13:16:51.0036 0x0ae4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
13:16:51.0046 0x0ae4 isapnp - ok
13:16:51.0066 0x0ae4 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:16:51.0083 0x0ae4 iScsiPrt - ok
13:16:51.0117 0x0ae4 [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
13:16:51.0134 0x0ae4 k57nd60a - ok
13:16:51.0158 0x0ae4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:16:51.0169 0x0ae4 kbdclass - ok
13:16:51.0192 0x0ae4 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:16:51.0225 0x0ae4 kbdhid - ok
13:16:51.0244 0x0ae4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
13:16:51.0254 0x0ae4 KeyIso - ok
13:16:51.0296 0x0ae4 [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:16:51.0308 0x0ae4 KSecDD - ok
13:16:51.0319 0x0ae4 [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:16:51.0334 0x0ae4 KSecPkg - ok
13:16:51.0338 0x0ae4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:16:51.0388 0x0ae4 ksthunk - ok
13:16:51.0431 0x0ae4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:16:51.0485 0x0ae4 KtmRm - ok
13:16:51.0538 0x0ae4 [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
13:16:51.0585 0x0ae4 LanmanServer - ok
13:16:51.0625 0x0ae4 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:16:51.0676 0x0ae4 LanmanWorkstation - ok
13:16:51.0717 0x0ae4 libusb0 - ok
13:16:51.0736 0x0ae4 libusbd - ok
13:16:51.0757 0x0ae4 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
13:16:51.0766 0x0ae4 lirsgt - ok
13:16:51.0792 0x0ae4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:16:51.0823 0x0ae4 lltdio - ok
13:16:51.0858 0x0ae4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:16:51.0920 0x0ae4 lltdsvc - ok
13:16:51.0946 0x0ae4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:16:51.0999 0x0ae4 lmhosts - ok
13:16:52.0044 0x0ae4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:16:52.0056 0x0ae4 LSI_FC - ok
13:16:52.0080 0x0ae4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:16:52.0092 0x0ae4 LSI_SAS - ok
13:16:52.0105 0x0ae4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:16:52.0116 0x0ae4 LSI_SAS2 - ok
13:16:52.0129 0x0ae4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:16:52.0142 0x0ae4 LSI_SCSI - ok
13:16:52.0167 0x0ae4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:16:52.0224 0x0ae4 luafv - ok
13:16:52.0298 0x0ae4 [ 5D43CC3ECD4F2E733460A6E4AF576128, 96B0EBD1DF2C7C27DE10C009AE14A6C5B7CDF39D103019110597C27F4CB32E85 ] LVcKap64 C:\Windows\system32\DRIVERS\LVcKap64.sys
13:16:52.0339 0x0ae4 LVcKap64 - ok
13:16:52.0454 0x0ae4 [ 2404A511B682BFD8790E663A3E432473, 39984AEFEE7DF92035465D1F0B342B048637B84521C7F7859D4F489CFD861F07 ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
13:16:52.0545 0x0ae4 LVMVDrv - ok
13:16:52.0618 0x0ae4 [ 25F430702E3923F9DFB6B9A4D1DD9C29, 5112751DF03D89C1CCA362F5940FE0F4FC352CBE6F945E51F11D2A6A509BC19C ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
13:16:52.0633 0x0ae4 LVSrvLauncher - ok
13:16:52.0643 0x0ae4 [ 6F9B043FD18C17D7E719382608817C72, 612A2284AAD9E0DB2C9B1E4513B7127D8BA83D4DD0CD7234682D0285782551AD ] LVUSBS64 C:\Windows\system32\DRIVERS\LVUSBS64.sys
13:16:52.0653 0x0ae4 LVUSBS64 - ok
13:16:52.0674 0x0ae4 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:16:52.0707 0x0ae4 Mcx2Svc - ok
13:16:52.0738 0x0ae4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:16:52.0750 0x0ae4 megasas - ok
13:16:52.0785 0x0ae4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:16:52.0808 0x0ae4 MegaSR - ok
13:16:52.0828 0x0ae4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:16:52.0886 0x0ae4 MMCSS - ok
13:16:52.0920 0x0ae4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:16:52.0950 0x0ae4 Modem - ok
13:16:52.0986 0x0ae4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:16:52.0996 0x0ae4 monitor - ok
13:16:53.0021 0x0ae4 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
13:16:53.0034 0x0ae4 MotioninJoyXFilter - ok
13:16:53.0056 0x0ae4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:16:53.0068 0x0ae4 mouclass - ok
13:16:53.0099 0x0ae4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:16:53.0132 0x0ae4 mouhid - ok
13:16:53.0156 0x0ae4 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:16:53.0169 0x0ae4 mountmgr - ok
13:16:53.0247 0x0ae4 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:16:53.0261 0x0ae4 MozillaMaintenance - ok
13:16:53.0279 0x0ae4 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
13:16:53.0294 0x0ae4 mpio - ok
13:16:53.0326 0x0ae4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:16:53.0358 0x0ae4 mpsdrv - ok
13:16:53.0388 0x0ae4 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:16:53.0436 0x0ae4 MpsSvc - ok
13:16:53.0456 0x0ae4 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:16:53.0476 0x0ae4 MRxDAV - ok
13:16:53.0521 0x0ae4 [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:16:53.0556 0x0ae4 mrxsmb - ok
13:16:53.0572 0x0ae4 [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:16:53.0632 0x0ae4 mrxsmb10 - ok
13:16:53.0669 0x0ae4 [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:16:53.0703 0x0ae4 mrxsmb20 - ok
13:16:53.0713 0x0ae4 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
13:16:53.0723 0x0ae4 msahci - ok
13:16:53.0745 0x0ae4 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
13:16:53.0759 0x0ae4 msdsm - ok
13:16:53.0774 0x0ae4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:16:53.0811 0x0ae4 MSDTC - ok
13:16:53.0834 0x0ae4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:16:53.0864 0x0ae4 Msfs - ok
13:16:53.0879 0x0ae4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:16:53.0930 0x0ae4 mshidkmdf - ok
13:16:53.0957 0x0ae4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
13:16:53.0966 0x0ae4 msisadrv - ok
13:16:53.0991 0x0ae4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:16:54.0028 0x0ae4 MSiSCSI - ok
13:16:54.0032 0x0ae4 msiserver - ok
13:16:54.0055 0x0ae4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:16:54.0100 0x0ae4 MSKSSRV - ok
13:16:54.0138 0x0ae4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:16:54.0189 0x0ae4 MSPCLOCK - ok
13:16:54.0209 0x0ae4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:16:54.0254 0x0ae4 MSPQM - ok
13:16:54.0296 0x0ae4 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:16:54.0325 0x0ae4 MsRPC - ok
13:16:54.0342 0x0ae4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:16:54.0348 0x0ae4 mssmbios - ok
13:16:54.0365 0x0ae4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:16:54.0394 0x0ae4 MSTEE - ok
13:16:54.0402 0x0ae4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:16:54.0430 0x0ae4 MTConfig - ok
13:16:54.0473 0x0ae4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:16:54.0485 0x0ae4 Mup - ok
13:16:54.0525 0x0ae4 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
13:16:54.0593 0x0ae4 napagent - ok
13:16:54.0636 0x0ae4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:16:54.0666 0x0ae4 NativeWifiP - ok
13:16:54.0705 0x0ae4 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
13:16:54.0732 0x0ae4 NDIS - ok
13:16:54.0759 0x0ae4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:16:54.0811 0x0ae4 NdisCap - ok
13:16:54.0855 0x0ae4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:16:54.0903 0x0ae4 NdisTapi - ok
13:16:54.0941 0x0ae4 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:16:54.0987 0x0ae4 Ndisuio - ok
13:16:55.0014 0x0ae4 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:16:55.0064 0x0ae4 NdisWan - ok
13:16:55.0096 0x0ae4 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:16:55.0143 0x0ae4 NDProxy - ok
13:16:55.0192 0x0ae4 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
13:16:55.0200 0x0ae4 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
13:16:57.0885 0x0ae4 Detect skipped due to KSN trusted
13:16:57.0885 0x0ae4 Netaapl - ok
13:16:57.0909 0x0ae4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:16:57.0956 0x0ae4 NetBIOS - ok
13:16:58.0004 0x0ae4 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:16:58.0042 0x0ae4 NetBT - ok
13:16:58.0052 0x0ae4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
13:16:58.0062 0x0ae4 Netlogon - ok
13:16:58.0091 0x0ae4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:16:58.0142 0x0ae4 Netman - ok
13:16:58.0189 0x0ae4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:16:58.0205 0x0ae4 NetMsmqActivator - ok
13:16:58.0224 0x0ae4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:16:58.0231 0x0ae4 NetPipeActivator - ok
13:16:58.0258 0x0ae4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:16:58.0312 0x0ae4 netprofm - ok
13:16:58.0347 0x0ae4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:16:58.0354 0x0ae4 NetTcpActivator - ok
13:16:58.0359 0x0ae4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:16:58.0367 0x0ae4 NetTcpPortSharing - ok
13:16:58.0384 0x0ae4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:16:58.0396 0x0ae4 nfrd960 - ok
13:16:58.0414 0x0ae4 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
13:16:58.0467 0x0ae4 NlaSvc - ok
13:16:58.0500 0x0ae4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:16:58.0551 0x0ae4 Npfs - ok
13:16:58.0582 0x0ae4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:16:58.0610 0x0ae4 nsi - ok
13:16:58.0618 0x0ae4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:16:58.0665 0x0ae4 nsiproxy - ok
13:16:58.0733 0x0ae4 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:16:58.0828 0x0ae4 Ntfs - ok
13:16:58.0838 0x0ae4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:16:58.0886 0x0ae4 Null - ok
13:16:58.0916 0x0ae4 nvlddmkm - ok
13:16:58.0935 0x0ae4 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
13:16:58.0949 0x0ae4 nvraid - ok
13:16:58.0961 0x0ae4 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
13:16:58.0975 0x0ae4 nvstor - ok
13:16:59.0002 0x0ae4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
13:16:59.0016 0x0ae4 nv_agp - ok
13:16:59.0027 0x0ae4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:16:59.0042 0x0ae4 ohci1394 - ok
13:16:59.0073 0x0ae4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:16:59.0117 0x0ae4 p2pimsvc - ok
13:16:59.0151 0x0ae4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:16:59.0208 0x0ae4 p2psvc - ok
13:16:59.0237 0x0ae4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:16:59.0252 0x0ae4 Parport - ok
13:16:59.0302 0x0ae4 [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:16:59.0314 0x0ae4 partmgr - ok
13:16:59.0327 0x0ae4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
13:16:59.0364 0x0ae4 PcaSvc - ok
13:16:59.0424 0x0ae4 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
13:16:59.0439 0x0ae4 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
13:16:59.0449 0x0ae4 pci - ok
13:16:59.0460 0x0ae4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
13:16:59.0469 0x0ae4 pciide - ok
13:16:59.0492 0x0ae4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:16:59.0509 0x0ae4 pcmcia - ok
13:16:59.0521 0x0ae4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:16:59.0532 0x0ae4 pcw - ok
13:16:59.0559 0x0ae4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:16:59.0628 0x0ae4 PEAUTH - ok
13:16:59.0698 0x0ae4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:16:59.0734 0x0ae4 PerfHost - ok
13:16:59.0791 0x0ae4 [ DD797B8B2B295AFBDCD9F35CF62B5DCC, 1716C0B9F9282BC3D3D07F3C96FD457E8188B6029F0181BECFD32CE59F77FC31 ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
13:16:59.0822 0x0ae4 PID_0928 - ok
13:16:59.0882 0x0ae4 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
13:16:59.0988 0x0ae4 pla - ok
13:17:00.0043 0x0ae4 [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:17:00.0100 0x0ae4 PlugPlay - ok
13:17:00.0120 0x0ae4 PnkBstrA - ok
13:17:00.0132 0x0ae4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:17:00.0148 0x0ae4 PNRPAutoReg - ok
13:17:00.0172 0x0ae4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:17:00.0189 0x0ae4 PNRPsvc - ok
13:17:00.0227 0x0ae4 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:17:00.0282 0x0ae4 PolicyAgent - ok
13:17:00.0325 0x0ae4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:17:00.0377 0x0ae4 Power - ok
13:17:00.0420 0x0ae4 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:17:00.0475 0x0ae4 PptpMiniport - ok
13:17:00.0503 0x0ae4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:17:00.0517 0x0ae4 Processor - ok
13:17:00.0544 0x0ae4 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
13:17:00.0577 0x0ae4 ProfSvc - ok
13:17:00.0585 0x0ae4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:17:00.0595 0x0ae4 ProtectedStorage - ok
13:17:00.0619 0x0ae4 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:17:00.0674 0x0ae4 Psched - ok
13:17:00.0707 0x0ae4 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:17:00.0717 0x0ae4 PxHlpa64 - ok
13:17:00.0779 0x0ae4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:17:00.0841 0x0ae4 ql2300 - ok
13:17:00.0863 0x0ae4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:17:00.0877 0x0ae4 ql40xx - ok
13:17:00.0900 0x0ae4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:17:00.0937 0x0ae4 QWAVE - ok
13:17:00.0955 0x0ae4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:17:00.0993 0x0ae4 QWAVEdrv - ok
13:17:01.0019 0x0ae4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:17:01.0047 0x0ae4 RasAcd - ok
13:17:01.0080 0x0ae4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:17:01.0131 0x0ae4 RasAgileVpn - ok
13:17:01.0157 0x0ae4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:17:01.0218 0x0ae4 RasAuto - ok
13:17:01.0249 0x0ae4 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:17:01.0307 0x0ae4 Rasl2tp - ok
13:17:01.0416 0x0ae4 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
13:17:01.0475 0x0ae4 RasMan - ok
13:17:01.0499 0x0ae4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:17:01.0533 0x0ae4 RasPppoe - ok
13:17:01.0548 0x0ae4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:17:01.0598 0x0ae4 RasSstp - ok
13:17:01.0632 0x0ae4 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:17:01.0672 0x0ae4 rdbss - ok
13:17:01.0684 0x0ae4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:17:01.0698 0x0ae4 rdpbus - ok
13:17:01.0710 0x0ae4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:17:01.0739 0x0ae4 RDPCDD - ok
13:17:01.0760 0x0ae4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:17:01.0789 0x0ae4 RDPENCDD - ok
13:17:01.0802 0x0ae4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:17:01.0849 0x0ae4 RDPREFMP - ok
13:17:01.0877 0x0ae4 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:17:01.0929 0x0ae4 RDPWD - ok
13:17:01.0958 0x0ae4 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:17:01.0974 0x0ae4 rdyboost - ok
13:17:01.0997 0x0ae4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:17:02.0034 0x0ae4 RemoteAccess - ok
13:17:02.0052 0x0ae4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:17:02.0109 0x0ae4 RemoteRegistry - ok
13:17:02.0143 0x0ae4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:17:02.0193 0x0ae4 RpcEptMapper - ok
13:17:02.0223 0x0ae4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:17:02.0253 0x0ae4 RpcLocator - ok
13:17:02.0292 0x0ae4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
13:17:02.0332 0x0ae4 RpcSs - ok
13:17:02.0353 0x0ae4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:17:02.0399 0x0ae4 rspndr - ok
13:17:02.0419 0x0ae4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
13:17:02.0429 0x0ae4 SamSs - ok
13:17:02.0447 0x0ae4 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
13:17:02.0460 0x0ae4 sbp2port - ok
13:17:02.0475 0x0ae4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:17:02.0534 0x0ae4 SCardSvr - ok
13:17:02.0568 0x0ae4 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:17:02.0599 0x0ae4 scfilter - ok
13:17:02.0679 0x0ae4 [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
13:17:02.0734 0x0ae4 Schedule - ok
13:17:02.0755 0x0ae4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:17:02.0784 0x0ae4 SCPolicySvc - ok
13:17:02.0805 0x0ae4 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:17:02.0860 0x0ae4 SDRSVC - ok
13:17:02.0987 0x0ae4 [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:17:02.0997 0x0ae4 SeaPort - ok
13:17:03.0045 0x0ae4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] SecDrv C:\Windows\system32\drivers\SECDRV.SYS
13:17:03.0089 0x0ae4 SecDrv - ok
13:17:03.0122 0x0ae4 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
13:17:03.0170 0x0ae4 seclogon - ok
13:17:03.0202 0x0ae4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:17:03.0251 0x0ae4 SENS - ok
13:17:03.0270 0x0ae4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:17:03.0304 0x0ae4 SensrSvc - ok
13:17:03.0344 0x0ae4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:17:03.0376 0x0ae4 Serenum - ok
13:17:03.0419 0x0ae4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:17:03.0456 0x0ae4 Serial - ok
13:17:03.0475 0x0ae4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:17:03.0501 0x0ae4 sermouse - ok
13:17:03.0532 0x0ae4 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
13:17:03.0584 0x0ae4 SessionEnv - ok
13:17:03.0618 0x0ae4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
13:17:03.0631 0x0ae4 sffdisk - ok
13:17:03.0641 0x0ae4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:17:03.0673 0x0ae4 sffp_mmc - ok
13:17:03.0695 0x0ae4 [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
13:17:03.0708 0x0ae4 sffp_sd - ok
13:17:03.0720 0x0ae4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:17:03.0753 0x0ae4 sfloppy - ok
13:17:03.0833 0x0ae4 [ 16A5CC62F79A32A974B55110A898945C, 9CCC56C44A1C19418F96CD4B16EAC476DDD5CEAB7CAD9DF2FD062013AE6B2244 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:17:03.0872 0x0ae4 SftService - ok
13:17:03.0908 0x0ae4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:17:03.0976 0x0ae4 SharedAccess - ok
13:17:04.0008 0x0ae4 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:17:04.0030 0x0ae4 ShellHWDetection - ok
13:17:04.0057 0x0ae4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:17:04.0067 0x0ae4 SiSRaid2 - ok
13:17:04.0084 0x0ae4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:17:04.0095 0x0ae4 SiSRaid4 - ok
13:17:04.0254 0x0ae4 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:17:04.0327 0x0ae4 Skype C2C Service - ok
13:17:04.0387 0x0ae4 [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:17:04.0435 0x0ae4 SkypeUpdate - ok
13:17:04.0464 0x0ae4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:17:04.0497 0x0ae4 Smb - ok
13:17:04.0525 0x0ae4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:17:04.0557 0x0ae4 SNMPTRAP - ok
13:17:04.0579 0x0ae4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:17:04.0590 0x0ae4 spldr - ok
13:17:04.0646 0x0ae4 [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
13:17:04.0686 0x0ae4 Spooler - ok
13:17:04.0797 0x0ae4 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
13:17:04.0916 0x0ae4 sppsvc - ok
13:17:04.0957 0x0ae4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:17:05.0013 0x0ae4 sppuinotify - ok
13:17:05.0120 0x0ae4 [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:17:05.0182 0x0ae4 srv - ok
13:17:05.0249 0x0ae4 [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:17:05.0313 0x0ae4 srv2 - ok
13:17:05.0340 0x0ae4 [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:17:05.0375 0x0ae4 srvnet - ok
13:17:05.0391 0x0ae4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:17:05.0435 0x0ae4 SSDPSRV - ok
13:17:05.0447 0x0ae4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:17:05.0480 0x0ae4 SstpSvc - ok
13:17:05.0550 0x0ae4 [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:17:05.0581 0x0ae4 Steam Client Service - ok
13:17:05.0600 0x0ae4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:17:05.0610 0x0ae4 stexstor - ok
13:17:05.0657 0x0ae4 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
13:17:05.0716 0x0ae4 stisvc - ok
13:17:05.0737 0x0ae4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:17:05.0746 0x0ae4 swenum - ok
13:17:05.0780 0x0ae4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:17:05.0827 0x0ae4 swprv - ok
13:17:05.0892 0x0ae4 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
13:17:05.0950 0x0ae4 SysMain - ok
13:17:05.0976 0x0ae4 SystemStoreService - ok
13:17:05.0993 0x0ae4 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:17:06.0015 0x0ae4 TabletInputService - ok
13:17:06.0043 0x0ae4 [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
13:17:06.0063 0x0ae4 tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
13:17:08.0743 0x0ae4 Detect skipped due to KSN trusted
13:17:08.0743 0x0ae4 tap0901t - ok
13:17:08.0776 0x0ae4 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:17:08.0821 0x0ae4 TapiSrv - ok
13:17:08.0829 0x0ae4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:17:08.0858 0x0ae4 TBS - ok
13:17:08.0919 0x0ae4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:17:08.0982 0x0ae4 Tcpip - ok
13:17:09.0052 0x0ae4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:17:09.0099 0x0ae4 TCPIP6 - ok
13:17:09.0129 0x0ae4 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:17:09.0177 0x0ae4 tcpipreg - ok
13:17:09.0206 0x0ae4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:17:09.0246 0x0ae4 TDPIPE - ok
13:17:09.0275 0x0ae4 [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:17:09.0305 0x0ae4 TDTCP - ok
13:17:09.0329 0x0ae4 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:17:09.0362 0x0ae4 tdx - ok
13:17:09.0369 0x0ae4 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:17:09.0380 0x0ae4 TermDD - ok
13:17:09.0408 0x0ae4 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
13:17:09.0472 0x0ae4 TermService - ok
13:17:09.0493 0x0ae4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:17:09.0524 0x0ae4 Themes - ok
13:17:09.0569 0x0ae4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:17:09.0598 0x0ae4 THREADORDER - ok
13:17:09.0637 0x0ae4 [ 199C2E87D9A5EC58D0BCD94E893BF629, A3CE21A62BB3D31FEE36E517D7ED7B86E41D4A80F22A51B9821AC57991014DC9 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
13:17:09.0666 0x0ae4 TIEHDUSB - ok
13:17:09.0695 0x0ae4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:17:09.0725 0x0ae4 TrkWks - ok
13:17:09.0764 0x0ae4 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:17:09.0791 0x0ae4 TrustedInstaller - ok
13:17:09.0810 0x0ae4 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:17:09.0841 0x0ae4 tssecsrv - ok
13:17:09.0863 0x0ae4 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:17:09.0897 0x0ae4 tunnel - ok
13:17:09.0973 0x0ae4 [ 97D6177C2DCCDA2BA25F053B3C75D74E, DFB449E51978433F21BD85E42C5012DE64992CC0101FD9FFA6BA418233C6E70A ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
13:17:10.0014 0x0ae4 TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
13:17:12.0699 0x0ae4 Detect skipped due to KSN trusted
13:17:12.0700 0x0ae4 TunngleService - ok
13:17:12.0720 0x0ae4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:17:12.0732 0x0ae4 uagp35 - ok
13:17:12.0757 0x0ae4 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:17:12.0818 0x0ae4 udfs - ok
13:17:12.0847 0x0ae4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:17:12.0863 0x0ae4 UI0Detect - ok
13:17:12.0879 0x0ae4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
13:17:12.0891 0x0ae4 uliagpkx - ok
13:17:12.0914 0x0ae4 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:17:12.0956 0x0ae4 umbus - ok
13:17:12.0988 0x0ae4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:17:13.0017 0x0ae4 UmPass - ok
13:17:13.0058 0x0ae4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:17:13.0111 0x0ae4 upnphost - ok
13:17:13.0149 0x0ae4 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:17:13.0176 0x0ae4 USBAAPL64 - ok
13:17:13.0202 0x0ae4 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:17:13.0216 0x0ae4 usbccgp - ok
13:17:13.0233 0x0ae4 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
13:17:13.0251 0x0ae4 usbcir - ok
13:17:13.0276 0x0ae4 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:17:13.0305 0x0ae4 usbehci - ok
13:17:13.0334 0x0ae4 [ 7CC1C95896D60E868AA6DD2DD2F97EAD, 8A6BCA8A8C209EBDC31E8992AA925DDEE469E2E32A30AE1F7E3D1E09B9327DDC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:17:13.0372 0x0ae4 usbhub - ok
13:17:13.0394 0x0ae4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:17:13.0420 0x0ae4 usbohci - ok
13:17:13.0462 0x0ae4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:17:13.0476 0x0ae4 usbprint - ok
13:17:13.0487 0x0ae4 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:17:13.0522 0x0ae4 USBSTOR - ok
13:17:13.0555 0x0ae4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:17:13.0586 0x0ae4 usbuhci - ok
13:17:13.0606 0x0ae4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:17:13.0654 0x0ae4 UxSms - ok
13:17:13.0677 0x0ae4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
13:17:13.0686 0x0ae4 VaultSvc - ok
13:17:13.0710 0x0ae4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
13:17:13.0720 0x0ae4 vdrvroot - ok
13:17:13.0755 0x0ae4 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
13:17:13.0792 0x0ae4 vds - ok
13:17:13.0811 0x0ae4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:17:13.0825 0x0ae4 vga - ok
13:17:13.0837 0x0ae4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:17:13.0887 0x0ae4 VgaSave - ok
13:17:13.0915 0x0ae4 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
13:17:13.0932 0x0ae4 vhdmp - ok
13:17:13.0943 0x0ae4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
13:17:13.0953 0x0ae4 viaide - ok
13:17:13.0969 0x0ae4 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
13:17:13.0981 0x0ae4 volmgr - ok
13:17:14.0001 0x0ae4 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:17:14.0025 0x0ae4 volmgrx - ok
13:17:14.0088 0x0ae4 [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
13:17:14.0111 0x0ae4 volsnap - ok
13:17:14.0134 0x0ae4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:17:14.0151 0x0ae4 vsmraid - ok
13:17:14.0213 0x0ae4 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
13:17:14.0310 0x0ae4 VSS - ok
13:17:14.0335 0x0ae4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:17:14.0366 0x0ae4 vwifibus - ok
13:17:14.0399 0x0ae4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:17:14.0444 0x0ae4 W32Time - ok
13:17:14.0457 0x0ae4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:17:14.0488 0x0ae4 WacomPen - ok
13:17:14.0532 0x0ae4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:17:14.0565 0x0ae4 WANARP - ok
13:17:14.0577 0x0ae4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:17:14.0605 0x0ae4 Wanarpv6 - ok
13:17:14.0661 0x0ae4 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
13:17:14.0748 0x0ae4 wbengine - ok
13:17:14.0776 0x0ae4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:17:14.0804 0x0ae4 WbioSrvc - ok
13:17:14.0835 0x0ae4 [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:17:14.0889 0x0ae4 wcncsvc - ok
13:17:14.0909 0x0ae4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:17:14.0943 0x0ae4 WcsPlugInService - ok
13:17:14.0947 0x0ae4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:17:14.0957 0x0ae4 Wd - ok
13:17:15.0006 0x0ae4 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:17:15.0039 0x0ae4 Wdf01000 - ok
13:17:15.0063 0x0ae4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:17:15.0096 0x0ae4 WdiServiceHost - ok
13:17:15.0100 0x0ae4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:17:15.0115 0x0ae4 WdiSystemHost - ok
13:17:15.0142 0x0ae4 [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
13:17:15.0187 0x0ae4 WebClient - ok
13:17:15.0221 0x0ae4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:17:15.0274 0x0ae4 Wecsvc - ok
13:17:15.0290 0x0ae4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:17:15.0319 0x0ae4 wercplsupport - ok
13:17:15.0341 0x0ae4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:17:15.0370 0x0ae4 WerSvc - ok
13:17:15.0381 0x0ae4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:17:15.0410 0x0ae4 WfpLwf - ok
13:17:15.0459 0x0ae4 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
13:17:15.0473 0x0ae4 WimFltr - ok
13:17:15.0477 0x0ae4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:17:15.0487 0x0ae4 WIMMount - ok
13:17:15.0497 0x0ae4 WinDefend - ok
13:17:15.0502 0x0ae4 WinHttpAutoProxySvc - ok
13:17:15.0545 0x0ae4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:17:15.0579 0x0ae4 Winmgmt - ok
13:17:15.0675 0x0ae4 [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
13:17:15.0684 0x0ae4 WinRing0_1_2_0 - ok
13:17:15.0761 0x0ae4 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
13:17:15.0878 0x0ae4 WinRM - ok
13:17:15.0925 0x0ae4 [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:17:15.0936 0x0ae4 WinUsb - ok
13:17:15.0980 0x0ae4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:17:16.0041 0x0ae4 Wlansvc - ok
13:17:16.0185 0x0ae4 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:17:16.0240 0x0ae4 wlidsvc - ok
13:17:16.0268 0x0ae4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:17:16.0297 0x0ae4 WmiAcpi - ok
13:17:16.0347 0x0ae4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:17:16.0361 0x0ae4 wmiApSrv - ok
13:17:16.0393 0x0ae4 WMPNetworkSvc - ok
13:17:16.0415 0x0ae4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:17:16.0430 0x0ae4 WPCSvc - ok
13:17:16.0447 0x0ae4 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:17:16.0477 0x0ae4 WPDBusEnum - ok
13:17:16.0482 0x0ae4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:17:16.0515 0x0ae4 ws2ifsl - ok
13:17:16.0543 0x0ae4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:17:16.0558 0x0ae4 wscsvc - ok
13:17:16.0561 0x0ae4 WSearch - ok
13:17:16.0647 0x0ae4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
13:17:16.0708 0x0ae4 wuauserv - ok
13:17:16.0728 0x0ae4 [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:17:16.0762 0x0ae4 WudfPf - ok
13:17:16.0788 0x0ae4 [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:17:16.0838 0x0ae4 WUDFRd - ok
13:17:16.0864 0x0ae4 [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:17:16.0900 0x0ae4 wudfsvc - ok
13:17:16.0919 0x0ae4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:17:16.0967 0x0ae4 WwanSvc - ok
13:17:16.0998 0x0ae4 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:17:17.0009 0x0ae4 xusb21 - ok
13:17:17.0027 0x0ae4 ================ Scan global ===============================
13:17:17.0048 0x0ae4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:17:17.0104 0x0ae4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:17:17.0121 0x0ae4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:17:17.0147 0x0ae4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:17:17.0180 0x0ae4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:17:17.0187 0x0ae4 [ Global ] - ok
13:17:17.0187 0x0ae4 ================ Scan MBR ==================================
13:17:17.0218 0x0ae4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:17:17.0470 0x0ae4 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
13:17:17.0470 0x0ae4 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:17:20.0123 0x0ae4 ================ Scan VBR ==================================
13:17:20.0126 0x0ae4 [ 7BCFCB3DD65651198987D67DED5CFE2A ] \Device\Harddisk0\DR0\Partition1
13:17:20.0128 0x0ae4 \Device\Harddisk0\DR0\Partition1 - ok
13:17:20.0130 0x0ae4 [ 3E1BC4CE00F50D398178CADB64968F3C ] \Device\Harddisk0\DR0\Partition2
13:17:20.0131 0x0ae4 \Device\Harddisk0\DR0\Partition2 - ok
13:17:20.0131 0x0ae4 Waiting for KSN requests completion. In queue: 66
13:17:21.0131 0x0ae4 Waiting for KSN requests completion. In queue: 66
13:17:22.0131 0x0ae4 Waiting for KSN requests completion. In queue: 66
13:17:23.0204 0x0ae4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
13:17:23.0255 0x0ae4 Win FW state via NFP2: disabled
13:17:25.0881 0x0ae4 ============================================================
13:17:25.0881 0x0ae4 Scan finished
13:17:25.0881 0x0ae4 ============================================================
13:17:25.0886 0x0ba8 Detected object count: 1
13:17:25.0887 0x0ba8 Actual detected object count: 1
13:17:44.0061 0x0ba8 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:17:44.0061 0x0ba8 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

deeprybka 22.04.2014 12:39
Hi, bitte gehe sicher, dass bei TDSS-Filesystem Cure oder Delete ausgewählt ist.
Bitte Scan wiederholen und "Löschen"...nach dem Reboot gleich wieder scannen und Log posten.

PhilMcDevil 22.04.2014 12:52
13:50:11.0985 0x06d0 TDSS rootkit removing tool 3.0.0.32 Apr 21 2014 18:31:25
13:50:14.0247 0x06d0 ============================================================
13:50:14.0247 0x06d0 Current date / time: 2014/04/22 13:50:14.0247
13:50:14.0247 0x06d0 SystemInfo:
13:50:14.0247 0x06d0
13:50:14.0247 0x06d0 OS Version: 6.1.7600 ServicePack: 0.0
13:50:14.0247 0x06d0 Product type: Workstation
13:50:14.0247 0x06d0 ComputerName: PHILIP-PC
13:50:14.0247 0x06d0 UserName: Philip
13:50:14.0247 0x06d0 Windows directory: C:\Windows
13:50:14.0247 0x06d0 System windows directory: C:\Windows
13:50:14.0247 0x06d0 Running under WOW64
13:50:14.0247 0x06d0 Processor architecture: Intel x64
13:50:14.0247 0x06d0 Number of processors: 4
13:50:14.0247 0x06d0 Page size: 0x1000
13:50:14.0247 0x06d0 Boot type: Normal boot
13:50:14.0247 0x06d0 ============================================================
13:50:17.0445 0x06d0 KLMD registered as C:\Windows\system32\drivers\80327962.sys
13:50:17.0648 0x06d0 System UUID: {BA202CF7-87B9-432A-F42B-5009CAF5A2C4}
13:50:18.0163 0x06d0 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:50:18.0178 0x06d0 ============================================================
13:50:18.0178 0x06d0 \Device\Harddisk0\DR0:
13:50:18.0178 0x06d0 MBR partitions:
13:50:18.0178 0x06d0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x155F000
13:50:18.0178 0x06d0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1582800, BlocksNum 0x492D5000
13:50:18.0178 0x06d0 ============================================================
13:50:18.0225 0x06d0 C: <-> \Device\Harddisk0\DR0\Partition2
13:50:18.0225 0x06d0 ============================================================
13:50:18.0241 0x06d0 Initialize success
13:50:18.0241 0x06d0 ============================================================
13:50:24.0028 0x065c ============================================================
13:50:24.0028 0x065c Scan started
13:50:24.0028 0x065c Mode: Manual; SigCheck; TDLFS;
13:50:24.0028 0x065c ============================================================
13:50:24.0028 0x065c KSN ping started
13:50:26.0727 0x065c KSN ping finished: true
13:50:27.0242 0x065c ================ Scan system memory ========================
13:50:27.0242 0x065c System memory - ok
13:50:27.0242 0x065c ================ Scan services =============================
13:50:27.0601 0x065c [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:50:27.0819 0x065c 1394ohci - ok
13:50:27.0881 0x065c [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
13:50:27.0928 0x065c ACPI - ok
13:50:27.0959 0x065c [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
13:50:28.0209 0x065c AcpiPmi - ok
13:50:28.0412 0x065c [ F84C9DEE4698DF3C1D76801B7B1B55D7, 071A3938ED7B9E20E30E873011C8039382C7EFE90D39EC8C0F3E457B2873406E ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
13:50:28.0505 0x065c Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
13:50:31.0236 0x065c Detect skipped due to KSN trusted
13:50:31.0236 0x065c Adobe LM Service - ok
13:50:31.0423 0x065c [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:50:31.0438 0x065c AdobeFlashPlayerUpdateSvc - ok
13:50:31.0501 0x065c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:50:31.0594 0x065c adp94xx - ok
13:50:31.0657 0x065c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:50:31.0688 0x065c adpahci - ok
13:50:31.0735 0x065c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:50:31.0750 0x065c adpu320 - ok
13:50:31.0828 0x065c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:50:32.0749 0x065c AeLookupSvc - ok
13:50:33.0716 0x065c [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
13:50:34.0122 0x065c AFD - ok
13:50:34.0184 0x065c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
13:50:34.0200 0x065c agp440 - ok
13:50:34.0262 0x065c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:50:34.0324 0x065c ALG - ok
13:50:34.0418 0x065c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
13:50:34.0418 0x065c aliide - ok
13:50:34.0652 0x065c ALSysIO - ok
13:50:34.0746 0x065c [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:50:34.0980 0x065c AMD External Events Utility - ok
13:50:35.0058 0x065c AMD FUEL Service - ok
13:50:35.0073 0x065c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
13:50:35.0089 0x065c amdide - ok
13:50:35.0120 0x065c [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
13:50:35.0229 0x065c amdiox64 - ok
13:50:35.0260 0x065c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:50:35.0354 0x065c AmdK8 - ok
13:50:35.0728 0x065c [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:50:36.0524 0x065c amdkmdag - ok
13:50:36.0758 0x065c [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:50:36.0805 0x065c amdkmdap - ok
13:50:36.0883 0x065c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:50:36.0961 0x065c AmdPPM - ok
13:50:37.0023 0x065c [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
13:50:37.0039 0x065c amdsata - ok
13:50:37.0070 0x065c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:50:37.0273 0x065c amdsbs - ok
13:50:37.0304 0x065c [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
13:50:37.0320 0x065c amdxata - ok
13:50:37.0460 0x065c [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:50:37.0476 0x065c AntiVirSchedulerService - ok
13:50:37.0569 0x065c [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:50:37.0585 0x065c AntiVirService - ok
13:50:37.0647 0x065c [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:50:37.0678 0x065c AntiVirWebService - ok
13:50:37.0772 0x065c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:50:37.0772 0x065c AODDriver4.01 - ok
13:50:37.0834 0x065c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:50:37.0834 0x065c AODDriver4.1 - ok
13:50:37.0881 0x065c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:50:37.0881 0x065c AODDriver4.2 - ok
13:50:37.0944 0x065c [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
13:50:38.0146 0x065c AppID - ok
13:50:38.0256 0x065c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:50:38.0521 0x065c AppIDSvc - ok
13:50:38.0568 0x065c [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
13:50:39.0176 0x065c Appinfo - ok
13:50:39.0332 0x065c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:50:39.0348 0x065c Apple Mobile Device - ok
13:50:39.0379 0x065c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:50:39.0394 0x065c arc - ok
13:50:39.0457 0x065c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:50:39.0472 0x065c arcsas - ok
13:50:39.0613 0x065c aspnet_state - ok
13:50:39.0644 0x065c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:50:39.0706 0x065c AsyncMac - ok
13:50:39.0722 0x065c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
13:50:39.0738 0x065c atapi - ok
13:50:39.0894 0x065c [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:50:39.0972 0x065c AtiHDAudioService - ok
13:50:40.0096 0x065c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:50:40.0112 0x065c AtiHdmiService - ok
13:50:40.0206 0x065c [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
13:50:40.0221 0x065c AtiPcie - ok
13:50:40.0330 0x065c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
13:50:40.0346 0x065c atksgt - ok
13:50:40.0440 0x065c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:50:40.0580 0x065c AudioEndpointBuilder - ok
13:50:40.0611 0x065c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:50:40.0642 0x065c AudioSrv - ok
13:50:40.0720 0x065c [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:50:40.0736 0x065c avgntflt - ok
13:50:40.0845 0x065c [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:50:40.0861 0x065c avipbb - ok
13:50:40.0861 0x065c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:50:40.0876 0x065c avkmgr - ok
13:50:40.0908 0x065c [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:50:40.0954 0x065c AxInstSV - ok
13:50:41.0032 0x065c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:50:41.0110 0x065c b06bdrv - ok
13:50:41.0157 0x065c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:50:41.0220 0x065c b57nd60a - ok
13:50:41.0266 0x065c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:50:41.0313 0x065c BDESVC - ok
13:50:41.0360 0x065c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:50:41.0407 0x065c Beep - ok
13:50:41.0547 0x065c [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
13:50:41.0625 0x065c BFE - ok
13:50:41.0672 0x065c [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
13:50:41.0750 0x065c BITS - ok
13:50:41.0797 0x065c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:50:41.0844 0x065c blbdrive - ok
13:50:41.0937 0x065c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:50:41.0953 0x065c Bonjour Service - ok
13:50:42.0078 0x065c [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:50:42.0140 0x065c bowser - ok
13:50:42.0187 0x065c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:50:42.0234 0x065c BrFiltLo - ok
13:50:42.0280 0x065c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:50:42.0312 0x065c BrFiltUp - ok
13:50:42.0405 0x065c [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
13:50:42.0468 0x065c Browser - ok
13:50:42.0530 0x065c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:50:42.0577 0x065c Brserid - ok
13:50:42.0624 0x065c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:50:42.0655 0x065c BrSerWdm - ok
13:50:42.0717 0x065c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:50:42.0764 0x065c BrUsbMdm - ok
13:50:42.0795 0x065c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:50:42.0826 0x065c BrUsbSer - ok
13:50:42.0842 0x065c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:50:42.0889 0x065c BTHMODEM - ok
13:50:42.0936 0x065c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:50:42.0982 0x065c bthserv - ok
13:50:43.0014 0x065c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:50:43.0076 0x065c cdfs - ok
13:50:43.0107 0x065c [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:50:43.0123 0x065c cdrom - ok
13:50:43.0138 0x065c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
13:50:43.0185 0x065c CertPropSvc - ok
13:50:43.0201 0x065c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:50:43.0232 0x065c circlass - ok
13:50:43.0263 0x065c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
13:50:43.0294 0x065c CLFS - ok
13:50:43.0310 0x065c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:50:43.0341 0x065c clr_optimization_v2.0.50727_32 - ok
13:50:43.0388 0x065c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:50:43.0404 0x065c clr_optimization_v2.0.50727_64 - ok
13:50:43.0450 0x065c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:50:43.0606 0x065c clr_optimization_v4.0.30319_32 - ok
13:50:43.0653 0x065c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:50:43.0762 0x065c clr_optimization_v4.0.30319_64 - ok
13:50:43.0809 0x065c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:50:43.0809 0x065c CmBatt - ok
13:50:43.0840 0x065c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
13:50:43.0840 0x065c cmdide - ok
13:50:43.0872 0x065c [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
13:50:43.0918 0x065c CNG - ok
13:50:43.0934 0x065c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:50:43.0950 0x065c Compbatt - ok
13:50:43.0965 0x065c [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:50:43.0996 0x065c CompositeBus - ok
13:50:44.0028 0x065c COMSysApp - ok
13:50:44.0043 0x065c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:50:44.0059 0x065c crcdisk - ok
13:50:44.0121 0x065c [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:50:44.0184 0x065c CryptSvc - ok
13:50:44.0230 0x065c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:50:44.0293 0x065c DcomLaunch - ok
13:50:44.0355 0x065c dealplylive - ok
13:50:44.0371 0x065c dealplylivem - ok
13:50:44.0402 0x065c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:50:44.0480 0x065c defragsvc - ok
13:50:44.0527 0x065c [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:50:44.0558 0x065c DfsC - ok
13:50:44.0574 0x065c [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:50:44.0652 0x065c Dhcp - ok
13:50:44.0683 0x065c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:50:44.0714 0x065c discache - ok
13:50:44.0730 0x065c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:50:44.0745 0x065c Disk - ok
13:50:44.0776 0x065c [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:50:44.0823 0x065c Dnscache - ok
13:50:44.0870 0x065c [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
13:50:44.0932 0x065c dot3svc - ok
13:50:44.0964 0x065c [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
13:50:45.0010 0x065c DPS - ok
13:50:45.0057 0x065c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:50:45.0088 0x065c drmkaud - ok
13:50:45.0166 0x065c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:50:45.0166 0x065c dtsoftbus01 - ok
13:50:45.0213 0x065c [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:50:45.0244 0x065c DXGKrnl - ok
13:50:45.0260 0x065c EagleX64 - ok
13:50:45.0276 0x065c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:50:45.0338 0x065c EapHost - ok
13:50:45.0432 0x065c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:50:45.0619 0x065c ebdrv - ok
13:50:45.0650 0x065c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
13:50:45.0681 0x065c EFS - ok
13:50:45.0744 0x065c [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:50:45.0806 0x065c ehRecvr - ok
13:50:45.0853 0x065c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:50:45.0868 0x065c ehSched - ok
13:50:45.0900 0x065c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:50:45.0931 0x065c elxstor - ok
13:50:45.0946 0x065c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
13:50:45.0978 0x065c ErrDev - ok
13:50:46.0040 0x065c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:50:46.0087 0x065c EventSystem - ok
13:50:46.0118 0x065c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:50:46.0180 0x065c exfat - ok
13:50:46.0212 0x065c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:50:46.0258 0x065c fastfat - ok
13:50:46.0290 0x065c [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
13:50:46.0336 0x065c Fax - ok
13:50:46.0383 0x065c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:50:46.0399 0x065c fdc - ok
13:50:46.0430 0x065c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:50:46.0492 0x065c fdPHost - ok
13:50:46.0508 0x065c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:50:46.0555 0x065c FDResPub - ok
13:50:46.0555 0x065c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:50:46.0570 0x065c FileInfo - ok
13:50:46.0570 0x065c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:50:46.0617 0x065c Filetrace - ok
13:50:46.0648 0x065c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:50:46.0664 0x065c flpydisk - ok
13:50:46.0711 0x065c [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:50:46.0742 0x065c FltMgr - ok
13:50:46.0789 0x065c [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
13:50:46.0851 0x065c FontCache - ok
13:50:46.0898 0x065c [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:50:46.0914 0x065c FontCache3.0.0.0 - ok
13:50:46.0929 0x065c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:50:46.0945 0x065c FsDepends - ok
13:50:46.0960 0x065c [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:50:46.0976 0x065c Fs_Rec - ok
13:50:47.0007 0x065c [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:50:47.0038 0x065c fvevol - ok
13:50:47.0070 0x065c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:50:47.0085 0x065c gagp30kx - ok
13:50:47.0132 0x065c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:50:47.0132 0x065c GEARAspiWDM - ok
13:50:47.0179 0x065c [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
13:50:47.0257 0x065c gpsvc - ok
13:50:47.0319 0x065c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:50:47.0335 0x065c gupdate - ok
13:50:47.0366 0x065c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:50:47.0366 0x065c gupdatem - ok
13:50:47.0382 0x065c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:50:47.0397 0x065c hcw85cir - ok
13:50:47.0460 0x065c [ 2249B35899312A3AE137B23636B31763, 84E242456CFECB9F198836B818514C011F80F2879C29A1C5A277C1F9B96D3C5A ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
13:50:47.0522 0x065c hcw95bda - ok
13:50:47.0553 0x065c [ 3688D4B84E9F98F70A71D5B4B720940E, 67F6571C9613CED4CD3A9A7123122273C6274E012EB6AD5BE16BBDE458981AAB ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
13:50:47.0584 0x065c hcw95rc - ok
13:50:47.0616 0x065c [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:50:47.0647 0x065c HDAudBus - ok
13:50:47.0662 0x065c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:50:47.0678 0x065c HidBatt - ok
13:50:47.0678 0x065c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:50:47.0694 0x065c HidBth - ok
13:50:47.0709 0x065c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:50:47.0756 0x065c HidIr - ok
13:50:47.0787 0x065c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:50:47.0850 0x065c hidserv - ok
13:50:47.0881 0x065c [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:50:47.0912 0x065c HidUsb - ok
13:50:47.0959 0x065c [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
13:50:48.0006 0x065c hkmsvc - ok
13:50:48.0052 0x065c [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:50:48.0115 0x065c HomeGroupListener - ok
13:50:48.0162 0x065c [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:50:48.0193 0x065c HomeGroupProvider - ok
13:50:48.0240 0x065c [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
13:50:48.0255 0x065c HpSAMD - ok
13:50:48.0318 0x065c [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:50:48.0411 0x065c HTTP - ok
13:50:48.0427 0x065c [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:50:48.0427 0x065c hwpolicy - ok
13:50:48.0458 0x065c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:50:48.0474 0x065c i8042prt - ok
13:50:48.0505 0x065c [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
13:50:48.0536 0x065c iaStorV - ok
13:50:48.0598 0x065c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:50:48.0630 0x065c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:50:58.0692 0x065c IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:51:02.0420 0x065c [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:51:02.0514 0x065c idsvc - ok
13:51:02.0592 0x065c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:51:02.0607 0x065c iirsp - ok
13:51:02.0654 0x065c [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
13:51:02.0763 0x065c IKEEXT - ok
13:51:02.0904 0x065c [ 9526F32B8A76F8DC25A1587400E30084, 9EA361DFAD88B3482863541644C5077B02B331167A20C5FE12420CBC88A3AE3D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:51:02.0950 0x065c IntcAzAudAddService - ok
13:51:02.0966 0x065c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
13:51:02.0982 0x065c intelide - ok
13:51:02.0997 0x065c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:51:03.0028 0x065c intelppm - ok
13:51:03.0075 0x065c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:51:03.0138 0x065c IPBusEnum - ok
13:51:03.0231 0x065c [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:51:03.0465 0x065c IpFilterDriver - ok
13:51:03.0684 0x065c [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:51:03.0793 0x065c iphlpsvc - ok
13:51:03.0824 0x065c [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:51:03.0886 0x065c IPMIDRV - ok
13:51:03.0949 0x065c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:51:03.0980 0x065c IPNAT - ok
13:51:04.0042 0x065c [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:51:04.0058 0x065c iPod Service - ok
13:51:04.0089 0x065c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:51:04.0167 0x065c IRENUM - ok
13:51:04.0167 0x065c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
13:51:04.0183 0x065c isapnp - ok
13:51:04.0292 0x065c [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:51:04.0323 0x065c iScsiPrt - ok
13:51:04.0354 0x065c [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
13:51:04.0370 0x065c k57nd60a - ok
13:51:04.0386 0x065c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:51:04.0401 0x065c kbdclass - ok
13:51:04.0417 0x065c [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:51:04.0464 0x065c kbdhid - ok
13:51:04.0479 0x065c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
13:51:04.0495 0x065c KeyIso - ok
13:51:04.0542 0x065c [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:51:04.0557 0x065c KSecDD - ok
13:51:04.0557 0x065c [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:51:04.0573 0x065c KSecPkg - ok
13:51:04.0588 0x065c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:51:04.0635 0x065c ksthunk - ok
13:51:04.0682 0x065c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:51:04.0729 0x065c KtmRm - ok
13:51:04.0776 0x065c [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
13:51:04.0854 0x065c LanmanServer - ok
13:51:04.0900 0x065c [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:51:04.0947 0x065c LanmanWorkstation - ok
13:51:04.0994 0x065c libusb0 - ok
13:51:05.0010 0x065c libusbd - ok
13:51:05.0041 0x065c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
13:51:05.0041 0x065c lirsgt - ok
13:51:05.0072 0x065c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:51:05.0103 0x065c lltdio - ok
13:51:05.0150 0x065c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:51:05.0212 0x065c lltdsvc - ok
13:51:05.0244 0x065c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:51:05.0306 0x065c lmhosts - ok
13:51:05.0353 0x065c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:51:05.0353 0x065c LSI_FC - ok
13:51:05.0384 0x065c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:51:05.0400 0x065c LSI_SAS - ok
13:51:05.0400 0x065c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:51:05.0415 0x065c LSI_SAS2 - ok
13:51:05.0431 0x065c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:51:05.0446 0x065c LSI_SCSI - ok
13:51:05.0478 0x065c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:51:05.0540 0x065c luafv - ok
13:51:05.0602 0x065c [ 5D43CC3ECD4F2E733460A6E4AF576128, 96B0EBD1DF2C7C27DE10C009AE14A6C5B7CDF39D103019110597C27F4CB32E85 ] LVcKap64 C:\Windows\system32\DRIVERS\LVcKap64.sys
13:51:05.0665 0x065c LVcKap64 - ok
13:51:05.0774 0x065c [ 2404A511B682BFD8790E663A3E432473, 39984AEFEE7DF92035465D1F0B342B048637B84521C7F7859D4F489CFD861F07 ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
13:51:05.0899 0x065c LVMVDrv - ok
13:51:05.0961 0x065c [ 25F430702E3923F9DFB6B9A4D1DD9C29, 5112751DF03D89C1CCA362F5940FE0F4FC352CBE6F945E51F11D2A6A509BC19C ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
13:51:05.0977 0x065c LVSrvLauncher - ok
13:51:05.0992 0x065c [ 6F9B043FD18C17D7E719382608817C72, 612A2284AAD9E0DB2C9B1E4513B7127D8BA83D4DD0CD7234682D0285782551AD ] LVUSBS64 C:\Windows\system32\DRIVERS\LVUSBS64.sys
13:51:05.0992 0x065c LVUSBS64 - ok
13:51:06.0024 0x065c [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:51:06.0055 0x065c Mcx2Svc - ok
13:51:06.0086 0x065c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:51:06.0102 0x065c megasas - ok
13:51:06.0117 0x065c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:51:06.0148 0x065c MegaSR - ok
13:51:06.0180 0x065c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:51:06.0226 0x065c MMCSS - ok
13:51:06.0258 0x065c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:51:06.0289 0x065c Modem - ok
13:51:06.0320 0x065c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:51:06.0336 0x065c monitor - ok
13:51:06.0367 0x065c [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
13:51:06.0382 0x065c MotioninJoyXFilter - ok
13:51:06.0398 0x065c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:51:06.0414 0x065c mouclass - ok
13:51:06.0429 0x065c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:51:06.0460 0x065c mouhid - ok
13:51:06.0507 0x065c [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:51:06.0507 0x065c mountmgr - ok
13:51:06.0601 0x065c [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:51:06.0616 0x065c MozillaMaintenance - ok
13:51:06.0632 0x065c [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
13:51:06.0648 0x065c mpio - ok
13:51:06.0679 0x065c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:51:06.0710 0x065c mpsdrv - ok
13:51:06.0741 0x065c [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:51:06.0819 0x065c MpsSvc - ok
13:51:06.0835 0x065c [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:51:06.0850 0x065c MRxDAV - ok
13:51:06.0913 0x065c [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:51:06.0944 0x065c mrxsmb - ok
13:51:06.0960 0x065c [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:51:07.0022 0x065c mrxsmb10 - ok
13:51:07.0053 0x065c [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:51:07.0084 0x065c mrxsmb20 - ok
13:51:07.0100 0x065c [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
13:51:07.0116 0x065c msahci - ok
13:51:07.0131 0x065c [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
13:51:07.0147 0x065c msdsm - ok
13:51:07.0162 0x065c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:51:07.0194 0x065c MSDTC - ok
13:51:07.0225 0x065c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:51:07.0256 0x065c Msfs - ok
13:51:07.0272 0x065c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:51:07.0318 0x065c mshidkmdf - ok
13:51:07.0334 0x065c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
13:51:07.0350 0x065c msisadrv - ok
13:51:07.0365 0x065c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:51:07.0412 0x065c MSiSCSI - ok
13:51:07.0412 0x065c msiserver - ok
13:51:07.0443 0x065c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:51:07.0490 0x065c MSKSSRV - ok
13:51:07.0521 0x065c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:51:07.0568 0x065c MSPCLOCK - ok
13:51:07.0599 0x065c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:51:07.0646 0x065c MSPQM - ok
13:51:07.0677 0x065c [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:51:07.0708 0x065c MsRPC - ok
13:51:07.0724 0x065c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:51:07.0724 0x065c mssmbios - ok
13:51:07.0740 0x065c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:51:07.0771 0x065c MSTEE - ok
13:51:07.0786 0x065c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:51:07.0802 0x065c MTConfig - ok
13:51:07.0849 0x065c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:51:07.0849 0x065c Mup - ok
13:51:07.0896 0x065c [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
13:51:07.0974 0x065c napagent - ok
13:51:08.0020 0x065c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:51:08.0052 0x065c NativeWifiP - ok
13:51:08.0114 0x065c [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
13:51:08.0161 0x065c NDIS - ok
13:51:08.0192 0x065c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:51:08.0239 0x065c NdisCap - ok
13:51:08.0286 0x065c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:51:08.0332 0x065c NdisTapi - ok
13:51:08.0364 0x065c [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:51:08.0410 0x065c Ndisuio - ok
13:51:08.0457 0x065c [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:51:08.0504 0x065c NdisWan - ok
13:51:08.0535 0x065c [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:51:08.0582 0x065c NDProxy - ok
13:51:08.0629 0x065c [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
13:51:08.0629 0x065c Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
13:51:11.0374 0x065c Detect skipped due to KSN trusted
13:51:11.0374 0x065c Netaapl - ok
13:51:11.0390 0x065c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:51:11.0437 0x065c NetBIOS - ok
13:51:11.0484 0x065c [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:51:11.0515 0x065c NetBT - ok
13:51:11.0530 0x065c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
13:51:11.0546 0x065c Netlogon - ok
13:51:11.0577 0x065c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:51:11.0640 0x065c Netman - ok
13:51:11.0686 0x065c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:51:11.0718 0x065c NetMsmqActivator - ok
13:51:11.0764 0x065c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:51:11.0764 0x065c NetPipeActivator - ok
13:51:11.0796 0x065c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:51:11.0858 0x065c netprofm - ok
13:51:11.0889 0x065c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:51:11.0889 0x065c NetTcpActivator - ok
13:51:11.0889 0x065c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:51:11.0905 0x065c NetTcpPortSharing - ok
13:51:11.0920 0x065c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:51:11.0936 0x065c nfrd960 - ok
13:51:11.0952 0x065c [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
13:51:12.0014 0x065c NlaSvc - ok
13:51:12.0061 0x065c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:51:12.0108 0x065c Npfs - ok
13:51:12.0139 0x065c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:51:12.0170 0x065c nsi - ok
13:51:12.0201 0x065c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:51:12.0248 0x065c nsiproxy - ok
13:51:12.0326 0x065c [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:51:12.0404 0x065c Ntfs - ok
13:51:12.0420 0x065c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:51:12.0466 0x065c Null - ok
13:51:12.0498 0x065c nvlddmkm - ok
13:51:12.0513 0x065c [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
13:51:12.0529 0x065c nvraid - ok
13:51:12.0544 0x065c [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
13:51:12.0560 0x065c nvstor - ok
13:51:12.0576 0x065c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
13:51:12.0591 0x065c nv_agp - ok
13:51:12.0607 0x065c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:51:12.0622 0x065c ohci1394 - ok
13:51:12.0654 0x065c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:51:12.0716 0x065c p2pimsvc - ok
13:51:12.0747 0x065c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:51:12.0810 0x065c p2psvc - ok
13:51:12.0825 0x065c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:51:12.0841 0x065c Parport - ok
13:51:12.0872 0x065c [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:51:12.0888 0x065c partmgr - ok
13:51:12.0903 0x065c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
13:51:12.0950 0x065c PcaSvc - ok
13:51:13.0012 0x065c PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
13:51:13.0028 0x065c [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
13:51:13.0044 0x065c pci - ok
13:51:13.0059 0x065c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
13:51:13.0059 0x065c pciide - ok
13:51:13.0090 0x065c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:51:13.0106 0x065c pcmcia - ok
13:51:13.0122 0x065c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:51:13.0137 0x065c pcw - ok
13:51:13.0168 0x065c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:51:13.0246 0x065c PEAUTH - ok
13:51:13.0324 0x065c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:51:13.0356 0x065c PerfHost - ok
13:51:13.0418 0x065c [ DD797B8B2B295AFBDCD9F35CF62B5DCC, 1716C0B9F9282BC3D3D07F3C96FD457E8188B6029F0181BECFD32CE59F77FC31 ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
13:51:13.0434 0x065c PID_0928 - ok
13:51:13.0496 0x065c [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
13:51:13.0621 0x065c pla - ok
13:51:13.0683 0x065c [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:51:13.0746 0x065c PlugPlay - ok
13:51:13.0777 0x065c PnkBstrA - ok
13:51:13.0777 0x065c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:51:13.0792 0x065c PNRPAutoReg - ok
13:51:13.0824 0x065c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:51:13.0839 0x065c PNRPsvc - ok
13:51:13.0886 0x065c [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:51:13.0948 0x065c PolicyAgent - ok
13:51:13.0995 0x065c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:51:14.0058 0x065c Power - ok
13:51:14.0104 0x065c [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:51:14.0167 0x065c PptpMiniport - ok
13:51:14.0182 0x065c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:51:14.0198 0x065c Processor - ok
13:51:14.0229 0x065c [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
13:51:14.0276 0x065c ProfSvc - ok
13:51:14.0276 0x065c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:51:14.0292 0x065c ProtectedStorage - ok
13:51:14.0307 0x065c [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:51:14.0370 0x065c Psched - ok
13:51:14.0401 0x065c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:51:14.0416 0x065c PxHlpa64 - ok
13:51:14.0479 0x065c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:51:14.0557 0x065c ql2300 - ok
13:51:14.0588 0x065c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:51:14.0604 0x065c ql40xx - ok
13:51:14.0619 0x065c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:51:14.0650 0x065c QWAVE - ok
13:51:14.0682 0x065c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:51:14.0713 0x065c QWAVEdrv - ok
13:51:14.0744 0x065c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:51:14.0775 0x065c RasAcd - ok
13:51:14.0806 0x065c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:51:14.0853 0x065c RasAgileVpn - ok
13:51:14.0900 0x065c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:51:14.0947 0x065c RasAuto - ok
13:51:14.0962 0x065c [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:51:15.0025 0x065c Rasl2tp - ok
13:51:15.0056 0x065c [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
13:51:15.0134 0x065c RasMan - ok
13:51:15.0165 0x065c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:51:15.0196 0x065c RasPppoe - ok
13:51:15.0212 0x065c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:51:15.0259 0x065c RasSstp - ok
13:51:15.0306 0x065c [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:51:15.0352 0x065c rdbss - ok
13:51:15.0368 0x065c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:51:15.0384 0x065c rdpbus - ok
13:51:15.0399 0x065c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:51:15.0430 0x065c RDPCDD - ok
13:51:15.0446 0x065c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:51:15.0477 0x065c RDPENCDD - ok
13:51:15.0493 0x065c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:51:15.0540 0x065c RDPREFMP - ok
13:51:15.0571 0x065c [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:51:15.0618 0x065c RDPWD - ok
13:51:15.0649 0x065c [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:51:15.0664 0x065c rdyboost - ok
13:51:15.0696 0x065c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:51:15.0742 0x065c RemoteAccess - ok
13:51:15.0758 0x065c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:51:15.0820 0x065c RemoteRegistry - ok
13:51:15.0852 0x065c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:51:15.0898 0x065c RpcEptMapper - ok
13:51:15.0945 0x065c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:51:15.0976 0x065c RpcLocator - ok
13:51:16.0008 0x065c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
13:51:16.0054 0x065c RpcSs - ok
13:51:16.0070 0x065c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:51:16.0117 0x065c rspndr - ok
13:51:16.0132 0x065c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
13:51:16.0148 0x065c SamSs - ok
13:51:16.0164 0x065c [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
13:51:16.0179 0x065c sbp2port - ok
13:51:16.0195 0x065c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:51:16.0257 0x065c SCardSvr - ok
13:51:16.0288 0x065c [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:51:16.0320 0x065c scfilter - ok
13:51:16.0398 0x065c [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
13:51:16.0491 0x065c Schedule - ok
13:51:16.0507 0x065c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:51:16.0538 0x065c SCPolicySvc - ok
13:51:16.0554 0x065c [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:51:16.0616 0x065c SDRSVC - ok
13:51:16.0741 0x065c [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:51:16.0756 0x065c SeaPort - ok
13:51:16.0772 0x065c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] SecDrv C:\Windows\system32\drivers\SECDRV.SYS
13:51:16.0834 0x065c SecDrv - ok
13:51:16.0866 0x065c [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
13:51:16.0912 0x065c seclogon - ok
13:51:16.0944 0x065c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:51:17.0006 0x065c SENS - ok
13:51:17.0022 0x065c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:51:17.0053 0x065c SensrSvc - ok
13:51:17.0084 0x065c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:51:17.0115 0x065c Serenum - ok
13:51:17.0146 0x065c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:51:17.0193 0x065c Serial - ok
13:51:17.0240 0x065c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:51:17.0256 0x065c sermouse - ok
13:51:17.0302 0x065c [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
13:51:17.0365 0x065c SessionEnv - ok
13:51:17.0380 0x065c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
13:51:17.0396 0x065c sffdisk - ok
13:51:17.0412 0x065c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:51:17.0443 0x065c sffp_mmc - ok
13:51:17.0474 0x065c [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
13:51:17.0490 0x065c sffp_sd - ok
13:51:17.0490 0x065c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:51:17.0536 0x065c sfloppy - ok
13:51:17.0614 0x065c [ 16A5CC62F79A32A974B55110A898945C, 9CCC56C44A1C19418F96CD4B16EAC476DDD5CEAB7CAD9DF2FD062013AE6B2244 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:51:17.0661 0x065c SftService - ok
13:51:17.0692 0x065c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:51:17.0770 0x065c SharedAccess - ok
13:51:17.0817 0x065c [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:51:17.0848 0x065c ShellHWDetection - ok
13:51:17.0880 0x065c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:51:17.0895 0x065c SiSRaid2 - ok
13:51:17.0911 0x065c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:51:17.0926 0x065c SiSRaid4 - ok
13:51:18.0082 0x065c [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:51:18.0223 0x065c Skype C2C Service - ok
13:51:18.0285 0x065c [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:51:18.0332 0x065c SkypeUpdate - ok
13:51:18.0363 0x065c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:51:18.0394 0x065c Smb - ok
13:51:18.0426 0x065c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:51:18.0472 0x065c SNMPTRAP - ok
13:51:18.0504 0x065c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:51:18.0504 0x065c spldr - ok
13:51:18.0566 0x065c [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
13:51:18.0613 0x065c Spooler - ok
13:51:18.0722 0x065c [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
13:51:18.0940 0x065c sppsvc - ok
13:51:18.0972 0x065c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:51:19.0034 0x065c sppuinotify - ok
13:51:19.0081 0x065c [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:51:19.0159 0x065c srv - ok
13:51:19.0190 0x065c [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:51:19.0268 0x065c srv2 - ok
13:51:19.0299 0x065c [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:51:19.0330 0x065c srvnet - ok
13:51:19.0346 0x065c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:51:19.0408 0x065c SSDPSRV - ok
13:51:19.0408 0x065c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:51:19.0455 0x065c SstpSvc - ok
13:51:19.0518 0x065c [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:51:19.0564 0x065c Steam Client Service - ok
13:51:19.0580 0x065c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:51:19.0596 0x065c stexstor - ok
13:51:19.0642 0x065c [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
13:51:19.0720 0x065c stisvc - ok
13:51:19.0752 0x065c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:51:19.0767 0x065c swenum - ok
13:51:19.0798 0x065c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:51:19.0861 0x065c swprv - ok
13:51:19.0923 0x065c [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
13:51:19.0986 0x065c SysMain - ok
13:51:20.0017 0x065c SystemStoreService - ok
13:51:20.0032 0x065c [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:51:20.0064 0x065c TabletInputService - ok
13:51:20.0079 0x065c [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
13:51:20.0110 0x065c tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
13:51:22.0840 0x065c Detect skipped due to KSN trusted
13:51:22.0840 0x065c tap0901t - ok
13:51:22.0872 0x065c [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:51:22.0918 0x065c TapiSrv - ok
13:51:22.0934 0x065c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:51:22.0965 0x065c TBS - ok
13:51:23.0028 0x065c [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:51:23.0090 0x065c Tcpip - ok
13:51:23.0168 0x065c [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:51:23.0215 0x065c TCPIP6 - ok
13:51:23.0230 0x065c [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:51:23.0277 0x065c tcpipreg - ok
13:51:23.0293 0x065c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:51:23.0324 0x065c TDPIPE - ok
13:51:23.0355 0x065c [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:51:23.0386 0x065c TDTCP - ok
13:51:23.0402 0x065c [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:51:23.0433 0x065c tdx - ok
13:51:23.0449 0x065c [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:51:23.0464 0x065c TermDD - ok
13:51:23.0480 0x065c [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
13:51:23.0589 0x065c TermService - ok
13:51:23.0605 0x065c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:51:23.0636 0x065c Themes - ok
13:51:23.0683 0x065c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:51:23.0714 0x065c THREADORDER - ok
13:51:23.0761 0x065c [ 199C2E87D9A5EC58D0BCD94E893BF629, A3CE21A62BB3D31FEE36E517D7ED7B86E41D4A80F22A51B9821AC57991014DC9 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
13:51:23.0792 0x065c TIEHDUSB - ok
13:51:23.0808 0x065c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:51:23.0854 0x065c TrkWks - ok
13:51:23.0886 0x065c [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:51:23.0917 0x065c TrustedInstaller - ok
13:51:23.0932 0x065c [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:51:23.0964 0x065c tssecsrv - ok
13:51:23.0995 0x065c [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:51:24.0026 0x065c tunnel - ok
13:51:24.0088 0x065c [ 97D6177C2DCCDA2BA25F053B3C75D74E, DFB449E51978433F21BD85E42C5012DE64992CC0101FD9FFA6BA418233C6E70A ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
13:51:24.0182 0x065c TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
13:51:26.0912 0x065c Detect skipped due to KSN trusted
13:51:26.0912 0x065c TunngleService - ok
13:51:26.0928 0x065c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:51:26.0943 0x065c uagp35 - ok
13:51:26.0974 0x065c [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:51:27.0052 0x065c udfs - ok
13:51:27.0068 0x065c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:51:27.0084 0x065c UI0Detect - ok
13:51:27.0099 0x065c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
13:51:27.0115 0x065c uliagpkx - ok
13:51:27.0146 0x065c [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:51:27.0177 0x065c umbus - ok
13:51:27.0224 0x065c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:51:27.0255 0x065c UmPass - ok
13:51:27.0286 0x065c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:51:27.0349 0x065c upnphost - ok
13:51:27.0380 0x065c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:51:27.0411 0x065c USBAAPL64 - ok
13:51:27.0442 0x065c [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:51:27.0458 0x065c usbccgp - ok
13:51:27.0474 0x065c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
13:51:27.0489 0x065c usbcir - ok
13:51:27.0505 0x065c [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:51:27.0552 0x065c usbehci - ok
13:51:27.0598 0x065c [ 7CC1C95896D60E868AA6DD2DD2F97EAD, 8A6BCA8A8C209EBDC31E8992AA925DDEE469E2E32A30AE1F7E3D1E09B9327DDC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:51:27.0661 0x065c usbhub - ok
13:51:27.0692 0x065c [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:51:27.0708 0x065c usbohci - ok
13:51:27.0754 0x065c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:51:27.0754 0x065c usbprint - ok
13:51:27.0770 0x065c [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:51:27.0801 0x065c USBSTOR - ok
13:51:27.0848 0x065c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:51:27.0879 0x065c usbuhci - ok
13:51:27.0895 0x065c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:51:27.0942 0x065c UxSms - ok
13:51:27.0973 0x065c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
13:51:27.0973 0x065c VaultSvc - ok
13:51:27.0988 0x065c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
13:51:28.0004 0x065c vdrvroot - ok
13:51:28.0035 0x065c [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
13:51:28.0082 0x065c vds - ok
13:51:28.0098 0x065c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:51:28.0113 0x065c vga - ok
13:51:28.0129 0x065c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:51:28.0176 0x065c VgaSave - ok
13:51:28.0207 0x065c [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
13:51:28.0222 0x065c vhdmp - ok
13:51:28.0238 0x065c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
13:51:28.0254 0x065c viaide - ok
13:51:28.0269 0x065c [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
13:51:28.0285 0x065c volmgr - ok
13:51:28.0300 0x065c [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:51:28.0332 0x065c volmgrx - ok
13:51:28.0394 0x065c [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
13:51:28.0425 0x065c volsnap - ok
13:51:28.0441 0x065c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:51:28.0456 0x065c vsmraid - ok
13:51:28.0519 0x065c [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
13:51:28.0628 0x065c VSS - ok
13:51:28.0659 0x065c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:51:28.0690 0x065c vwifibus - ok
13:51:28.0737 0x065c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:51:28.0784 0x065c W32Time - ok
13:51:28.0800 0x065c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:51:28.0831 0x065c WacomPen - ok
13:51:28.0878 0x065c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:51:28.0909 0x065c WANARP - ok
13:51:28.0924 0x065c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:51:28.0956 0x065c Wanarpv6 - ok
13:51:29.0002 0x065c [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
13:51:29.0127 0x065c wbengine - ok
13:51:29.0158 0x065c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:51:29.0205 0x065c WbioSrvc - ok
13:51:29.0221 0x065c [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:51:29.0283 0x065c wcncsvc - ok
13:51:29.0299 0x065c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:51:29.0330 0x065c WcsPlugInService - ok
13:51:29.0346 0x065c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:51:29.0346 0x065c Wd - ok
13:51:29.0392 0x065c [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:51:29.0439 0x065c Wdf01000 - ok
13:51:29.0470 0x065c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:51:29.0502 0x065c WdiServiceHost - ok
13:51:29.0517 0x065c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:51:29.0533 0x065c WdiSystemHost - ok
13:51:29.0548 0x065c [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
13:51:29.0595 0x065c WebClient - ok
13:51:29.0626 0x065c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:51:29.0673 0x065c Wecsvc - ok
13:51:29.0689 0x065c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:51:29.0736 0x065c wercplsupport - ok
13:51:29.0751 0x065c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:51:29.0782 0x065c WerSvc - ok
13:51:29.0814 0x065c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:51:29.0845 0x065c WfpLwf - ok
13:51:29.0892 0x065c [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
13:51:29.0907 0x065c WimFltr - ok
13:51:29.0907 0x065c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:51:29.0923 0x065c WIMMount - ok
13:51:29.0938 0x065c WinDefend - ok
13:51:29.0938 0x065c WinHttpAutoProxySvc - ok
13:51:29.0985 0x065c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:51:30.0032 0x065c Winmgmt - ok
13:51:30.0141 0x065c [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
13:51:30.0141 0x065c WinRing0_1_2_0 - ok
13:51:30.0219 0x065c [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
13:51:30.0375 0x065c WinRM - ok
13:51:30.0422 0x065c [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:51:30.0438 0x065c WinUsb - ok
13:51:30.0469 0x065c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:51:30.0547 0x065c Wlansvc - ok
13:51:30.0687 0x065c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:51:30.0781 0x065c wlidsvc - ok
13:51:30.0796 0x065c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:51:30.0828 0x065c WmiAcpi - ok
13:51:30.0874 0x065c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:51:30.0890 0x065c wmiApSrv - ok
13:51:30.0921 0x065c WMPNetworkSvc - ok
13:51:30.0952 0x065c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:51:30.0968 0x065c WPCSvc - ok
13:51:30.0984 0x065c [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:51:31.0015 0x065c WPDBusEnum - ok
13:51:31.0030 0x065c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:51:31.0062 0x065c ws2ifsl - ok
13:51:31.0093 0x065c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:51:31.0124 0x065c wscsvc - ok
13:51:31.0124 0x065c WSearch - ok
13:51:31.0202 0x065c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
13:51:31.0327 0x065c wuauserv - ok
13:51:31.0358 0x065c [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:51:31.0389 0x065c WudfPf - ok
13:51:31.0420 0x065c [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:51:31.0467 0x065c WUDFRd - ok
13:51:31.0514 0x065c [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:51:31.0545 0x065c wudfsvc - ok
13:51:31.0561 0x065c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:51:31.0623 0x065c WwanSvc - ok
13:51:31.0654 0x065c [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:51:31.0654 0x065c xusb21 - ok
13:51:31.0686 0x065c ================ Scan global ===============================
13:51:31.0701 0x065c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:51:31.0764 0x065c [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:51:31.0795 0x065c [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:51:31.0826 0x065c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:51:31.0857 0x065c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:51:31.0873 0x065c [ Global ] - ok
13:51:31.0873 0x065c ================ Scan MBR ==================================
13:51:31.0888 0x065c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:51:32.0294 0x065c \Device\Harddisk0\DR0 - ok
13:51:32.0294 0x065c ================ Scan VBR ==================================
13:51:32.0294 0x065c [ 7BCFCB3DD65651198987D67DED5CFE2A ] \Device\Harddisk0\DR0\Partition1
13:51:32.0294 0x065c \Device\Harddisk0\DR0\Partition1 - ok
13:51:32.0294 0x065c [ 3E1BC4CE00F50D398178CADB64968F3C ] \Device\Harddisk0\DR0\Partition2
13:51:32.0294 0x065c \Device\Harddisk0\DR0\Partition2 - ok
13:51:32.0294 0x065c Waiting for KSN requests completion. In queue: 66
13:51:33.0308 0x065c Waiting for KSN requests completion. In queue: 66
13:51:34.0322 0x065c Waiting for KSN requests completion. In queue: 66
13:51:35.0398 0x065c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
13:51:35.0430 0x065c Win FW state via NFP2: disabled
13:51:38.0128 0x065c ============================================================
13:51:38.0128 0x065c Scan finished
13:51:38.0128 0x065c ============================================================
13:51:38.0144 0x09d0 Detected object count: 1
13:51:38.0144 0x09d0 Actual detected object count: 1
13:51:50.0000 0x09d0 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:51:50.0000 0x09d0 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

deeprybka 22.04.2014 13:09
Hi,
so gehts weiter: ;)

Schritt 1

Bitte deinstalliere folgende Programme:

Ask Toolbar
Dealply
Delta toolbar
LyricsSpeaker
WebCake



Versuche es über die Systemsteuerung/Programme deinstallieren. Sollte das nicht gehen,
machen wir es mit Revo.

Lade Dir dazu bitte Revo hier herunter.
Entpacke die zip-Datei auf den Desktop und starte die Revouninstaller.exe. Klicke auf Optionen und wähle als Sprache deutsch. Suche dann im Uninstallerfeld nach den oben angegebenen Programmen.

Klicke dann auf Uninstall.
http://s1.directupload.net/images/140324/6hfhbnip.png

Wähle dann den Modus wie auf dem Bild gezeigt. (Bild durch Anklicken vergrößerbar)
http://s7.directupload.net/images/14...p/z4xyvwa7.png


Wenn etwas nicht gehen sollte, dann mach einfach mit Schritt 2 weiter... ;)

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.




Bitte poste mir die Inhalte der Logs von Adwarecleaner, Combofix hier in den Thread.

PhilMcDevil 22.04.2014 13:31
Liste der Anhänge anzeigen (Anzahl: 1)
Also Schritt 1 ist erldigt, aber Ask Toolbar konnte ich nicht finden.
Bei Schritt 2 kann ich das Programm nicht richtig starten. (siehe Bild)Anhang 66381

deeprybka 22.04.2014 13:43
Die Datei Löschen.
Download von hier und versuchen Downloading AdwCleaner


Sollte das auch nicht gehen. Ältere Version von hier testen
http://filepony.de/download-adwclean...rver-5332.html

PhilMcDevil 22.04.2014 14:10
Funktioniert immer noch nicht..

deeprybka 22.04.2014 14:12
Ältere Version auch nicht?

PhilMcDevil 22.04.2014 14:20
Die ältere Version geht auch nicht.

deeprybka 22.04.2014 15:44
Ok, liegt nicht an Dir...

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Und dann Schritt 3.

PhilMcDevil 22.04.2014 18:21
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Philip on 22.04.2014 at 18:51:57,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsspeaker
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskToolbarNRO3_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskToolbarNRO3_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DEALPL~1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DEALPL~1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsUpd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsUpd_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_xpadder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_xpadder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_combofix_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_combofix_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_ffdshow_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_ffdshow_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_sonicstage_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_sonicstage_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskToolbarNRO3_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskToolbarNRO3_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DEALPL~1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DEALPL~1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsUpd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsUpd_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_xpadder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_xpadder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_combofix_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_combofix_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_ffdshow_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_ffdshow_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_sonicstage_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_sonicstage_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\LyricsSpeaker Update.job
Successfully deleted: [File] C:\Windows\Tasks\Dealply.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Failed to delete: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\ProgramData\dealplylive"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Philip\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Philip\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\Philip\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Philip\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Philip\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Philip\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Philip\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Philip\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealply"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealplylive"
Successfully deleted: [Folder] "C:\Program Files (x86)\singalong"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"



~~~ FireFox

Successfully deleted: [File] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\gwbnq8up.default\user.js
Successfully deleted: [File] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\user.js
Successfully deleted: [File] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\gwbnq8up.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\gwbnq8up.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\gwbnq8up.default\searchplugins\delta.xml
Successfully deleted: [File] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\searchplugins\delta.xml
Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com"
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\extensions\116
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\extensions\122
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\extensions\125
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\extensions\128
Failed to delete: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\gwbnq8up.default\extensions\iobit@mybrowserbar.com
Failed to delete: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\gwbnq8up.default\extensions\wtxpcom@mybrowserbar.com
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\gwbnq8up.default\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted: [Folder] C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{184aa5e6-741d-464a-820e-94b3abc2f3b4}
Successfully deleted the following from C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\prefs.js

user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.babTrack", "affID=100842");
user_pref("extensions.delta.bbDpng", "21");
user_pref("extensions.delta.cntry", "DE");
user_pref("extensions.delta.dfltLng", "de");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.hdrMd5", "3D607EF1B2E22108236E9FE06B2C97CC");
user_pref("extensions.delta.id", "26d1961900000000000000262d1cb7b6");
user_pref("extensions.delta.instlDay", "15887");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.lastVrsnTs", "1.8.21.515:47:13");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.sg", "azb");
user_pref("extensions.delta.smplGrp", "azb");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.515:47:13");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=119292&tsp=4930");
user_pref("extensions.delta_i.srcExt", "ss");
Emptied folder: C:\Users\Philip\AppData\Roaming\mozilla\firefox\profiles\8ati92f2.Philip\minidumps [66 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.04.2014 at 18:56:30,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ComboFix 14-04-20.01 - Philip 22.04.2014  19:08:14.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.6143.4404 [GMT 2:00]
ausgeführt von:: c:\users\Philip\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Philip\4.0
c:\users\Philip\AppData\Roaming\srvblck2.tmp
c:\users\Philip\AppData\Roaming\Xaruqy
c:\users\Philip\AppData\Roaming\Xaruqy\tuimc.myk
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-03-22 bis 2014-04-22  ))))))))))))))))))))))))))))))
.
.
2014-04-22 17:16 . 2014-04-22 17:16        --------        d-----w-        c:\users\hedev\AppData\Local\temp
2014-04-22 17:16 . 2014-04-22 17:16        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-04-22 16:51 . 2014-04-22 16:51        --------        d-----w-        c:\windows\ERUNT
2014-04-22 09:28 . 2014-04-22 11:45        --------        d-----w-        C:\TDSSKiller_Quarantine
2014-04-19 17:52 . 2014-04-19 17:54        --------        d-----w-        C:\FRST
2014-04-19 08:58 . 2014-04-14 18:13        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-20 16:47 . 2012-03-30 10:04        692400        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-20 16:47 . 2011-05-17 13:44        70832        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 17:14 . 2014-02-20 17:14        15453904        ----a-w-        c:\windows\SysWow64\xlive.dll
2014-02-20 17:14 . 2014-02-20 17:14        13642960        ----a-w-        c:\windows\SysWow64\xlivefnt.dll
2013-07-29 09:24 . 2013-07-29 09:24        51992        ----a-w-        c:\program files (x86)\WDesktop.Updater.exe
2012-08-13 09:09 . 2012-08-13 09:09        473600        ----a-w-        c:\program files\setup.exe
2012-08-13 09:09 . 2012-08-13 09:09        3166208        ----a-w-        c:\program files\openofficeorg341.msi
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-05-29 15:25        1519312        ----a-w-        c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-29 1519312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-04-15 1171000]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-20 689744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-17 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2011-01-13 165184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe"
"AMD AVT"=Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files (x86)\AMD AVT\bin\kdbsync.exe" aml
"4StoryPrePatch"=c:\program files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 ALSysIO;ALSysIO;c:\users\Philip\AppData\Local\Temp\ALSysIO64.sys;c:\users\Philip\AppData\Local\Temp\ALSysIO64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys;c:\windows\SYSNATIVE\Drivers\hcw95bda.sys [x]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys;c:\windows\SYSNATIVE\DRIVERS\hcw95rc.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 LVcKap64;Logitech AEC Driver;c:\windows\system32\DRIVERS\LVcKap64.sys;c:\windows\SYSNATIVE\DRIVERS\LVcKap64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys;c:\windows\SYSNATIVE\DRIVERS\LVUSBS64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 16:47]
.
2014-04-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job
- c:\users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27 13:10]
.
2014-04-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job
- c:\users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27 13:10]
.
2014-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03 20:54]
.
2014-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03 20:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-10 8321568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~3\BitGuard\271832~1.68\{C16C1~1\loader.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 216.155.139.115:3128
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Philip\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\
FF - prefs.js: browser.startup.homepage -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-57161972.sys
Toolbar-Locked - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-1762897763-1593096696-3758382223-1001)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1762897763-1593096696-3758382223-1001\Software\SecuROM\License information*]
"datasecu"=hex:21,33,59,fb,e4,c5,8e,68,61,b3,d1,82,5f,ea,7c,b3,10,0b,0f,f4,ab,
  e7,1c,65,7c,cb,8f,f3,25,dd,b5,98,f9,78,e6,94,e2,3d,31,de,24,30,00,0f,c1,29,\
"rkeysecu"=hex:50,ee,c8,cf,eb,33,f5,91,02,12,2d,a9,ba,2a,64,ca
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-22  19:18:24
ComboFix-quarantined-files.txt  2014-04-22 17:18
.
Vor Suchlauf: 19 Verzeichnis(se), 100.905.324.544 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 101.148.041.216 Bytes frei
.
- - End Of File - - 7ECA912A7B4A2D88D4225320078D45BE
A36C5E4F47E84449FF07ED3517B43A31

deeprybka 22.04.2014 18:27
:daumenhoc

Prima gemacht! Ich denke morgen werde ich Dir die nächsten Schritte posten...und dann müssen wir auch noch Dein System absichern...:)

deeprybka 23.04.2014 08:26
OK, weiter gehts... ;)

Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Schritt 3

http://filepony.de/icon/frst.pnghttp://s7.directupload.net/images/140409/rj2cjvkm.jpg

Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

PhilMcDevil 23.04.2014 18:25
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 23.04.2014
Suchlauf-Zeit: 11:18:45
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.23.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Philip

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 290303
Verstrichene Zeit: 17 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
Trojan.Banker, HKU\S-1-5-21-1762897763-1593096696-3758382223-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C689C99E-3A8C-4c87-A79C-C80DC9C81632}, Löschen bei Neustart, [df2140c0e11f0df33afe88a6a85a6799],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}, In Quarantäne, [5ea25da3649cec14e3d374da7d85936d],

Registrierungswerte: 2
PUP.BProtector, HKU\S-1-5-21-1762897763-1593096696-3758382223-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, Löschen bei Neustart, [c83814ec57a9ff01bbe2ecaba85b07f9],
PUP.BProtector, HKU\S-1-5-21-1762897763-1593096696-3758382223-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Löschen bei Neustart, [cb35ae52619f768a5648f99e669d7a86]

Registrierungsdaten: 1
Rogue.InternetSecurityEssentials, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\loader.dll, Gut: (), Schlecht: (c:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\loader.dll),Ersetzt,[eb1512ee0bf56d9322a0fb5e3bc5d52b]

Ordner: 4
PUP.Optional.DownloadGuide.A, C:\Users\Philip\AppData\Local\DownloadGuide, Löschen bei Neustart, [fe028f714db351af87bdb3f0ad5650b0],
PUP.Optional.DownloadGuide.A, C:\Users\Philip\AppData\Local\DownloadGuide\Offers, In Quarantäne, [fe028f714db351af87bdb3f0ad5650b0],
PUP.Optional.DealPly.A, C:\Users\Philip\AppData\Local\DealPlyLive, Löschen bei Neustart, [ba460ff1689804fc577a461ae41e24dc],
PUP.Optional.DealPly.A, C:\Users\Philip\AppData\Local\DealPlyLive\CrashReports, In Quarantäne, [ba460ff1689804fc577a461ae41e24dc],

Dateien: 15
Rogue.InternetSecurityEssentials, C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll, In Quarantäne, [eb1512ee0bf56d9322a0fb5e3bc5d52b],
PUP.Optional.WebCake.A, C:\Program Files (x86)\WDesktop.Updater.exe, In Quarantäne, [24dc12ee5fa1837d2112fa0bdd24f20e],
PUP.Optional.OpenCandy, C:\Users\Philip\Downloads\DTLite4471-0333.exe, In Quarantäne, [b9476c94738d17e98e09321d37cd50b0],
PUP.Optional.InstallBrain.A, C:\Users\Philip\Downloads\cbsidlm-tr1_15-GameTap-ORG-10779545.exe, In Quarantäne, [946c6e9249b718e8d01529d0a85b09f7],
PUP.Optional.GoForFiles.A, C:\Users\Philip\Downloads\monster_hunter_3_ultimate_iso_psp_downloader_de_99333.exe, In Quarantäne, [8a76649c8e725da322513dd9857cbd43],
PUP.Optional.Softonic, C:\Users\Philip\Downloads\SoftonicDownloader_fuer_call-of-juarez-2-bound-in-blood.exe, In Quarantäne, [22dea55bf10f926eac59da26b0518878],
PUP.Optional.Softonic, C:\Users\Philip\Downloads\SoftonicDownloader_fuer_sonicstage.exe, In Quarantäne, [c0406d93a55b5aa66f96cc348e73f30d],
PUP.Optional.Iminent.A, C:\Users\Philip\AppData\Local\DownloadGuide\Offers\iminent.exe, In Quarantäne, [c83824dca35d5ca44fa4171129d8718f],
PUP.Optional.Spigot.A, C:\WINDOWS\Installer\5b71e.msi, In Quarantäne, [29d715eb1ee2748c3843f33303fd7987],
PUP.Optional.BProtector.A, C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\bProtector_extensions.sqlite, In Quarantäne, [46bafc0442beb749a99b3d397f83718f],
PUP.Optional.BProtector.A, C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\bProtector_prefs.js, In Quarantäne, [2cd4d12fe21e3fc157ee86f01ee404fc],
PUP.Optional.DownloadGuide.A, C:\Users\Philip\AppData\Local\DownloadGuide\amazon.ico, In Quarantäne, [fe028f714db351af87bdb3f0ad5650b0],
PUP.Optional.DownloadGuide.A, C:\Users\Philip\AppData\Local\DownloadGuide\FreeSystemUtilities.exe, In Quarantäne, [fe028f714db351af87bdb3f0ad5650b0],
PUP.Optional.DownloadGuide.A, C:\Users\Philip\AppData\Local\DownloadGuide\Offers\foxydeal.exe, In Quarantäne, [fe028f714db351af87bdb3f0ad5650b0],
PUP.Optional.DownloadGuide.A, C:\Users\Philip\AppData\Local\DownloadGuide\Offers\pricealarm.exe, In Quarantäne, [fe028f714db351af87bdb3f0ad5650b0],

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f9cbb384103956458692ea899c1510d0
# engine=17988
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-23 01:43:32
# local_time=2014-04-23 03:43:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1799 16775165 100 96 17068 144023632 9837 0
# compatibility_mode=5893 16776573 100 94 9149945 150666283 0 0
# scanned=478644
# found=14
# cleaned=0
# scan_time=15423
sh=C8757A0E961BAE1D35A9890C2CB2FE8A0F621345 ft=1 fh=a7b6cbaf38017ab8 vn="Win32/Olmarik.AFK trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\mbr0000\tdlfs0000\tsk0003.dta"
sh=1F6E742329EEEFB968360A68A2A730A8685048B3 ft=1 fh=8f2c7595a93029ff vn="Win64/Olmarik.R trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\mbr0000\tdlfs0000\tsk0004.dta"
sh=D70F7182301D4EFAB8C3C352C3C6A6DE0D9E1D0C ft=1 fh=1c755a06de26e472 vn="a variant of Win32/Olmarik.AUU trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\mbr0000\tdlfs0000\tsk0005.dta"
sh=DFFBDFFD6F2BA1D31E2753A049629DE8179558D8 ft=1 fh=738bcfb426fc330d vn="Win64/Olmarik.R trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\mbr0000\tdlfs0000\tsk0006.dta"
sh=B9A1AAA8E4F042B4592B8DCD19F98CE7417DE25A ft=1 fh=502abc3477450bf0 vn="Win32/Olmarik.ADZ trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\mbr0000\tdlfs0000\tsk0007.dta"
sh=5DDCD3ADC731EECF0554C8CD62EE70A57E6ECA20 ft=1 fh=b8e8029d98b1e3c7 vn="Win64/Olmarik.A trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\mbr0000\tdlfs0000\tsk0008.dta"
sh=C8757A0E961BAE1D35A9890C2CB2FE8A0F621345 ft=1 fh=a7b6cbaf38017ab8 vn="Win32/Olmarik.AFK trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\tdlfs0000\tsk0003.dta"
sh=1F6E742329EEEFB968360A68A2A730A8685048B3 ft=1 fh=8f2c7595a93029ff vn="Win64/Olmarik.R trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\tdlfs0000\tsk0004.dta"
sh=B9A1AAA8E4F042B4592B8DCD19F98CE7417DE25A ft=1 fh=502abc3477450bf0 vn="Win32/Olmarik.ADZ trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\tdlfs0000\tsk0005.dta"
sh=5DDCD3ADC731EECF0554C8CD62EE70A57E6ECA20 ft=1 fh=b8e8029d98b1e3c7 vn="Win64/Olmarik.A trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_11.24.37\tdlfs0000\tsk0006.dta"
sh=C8757A0E961BAE1D35A9890C2CB2FE8A0F621345 ft=1 fh=a7b6cbaf38017ab8 vn="Win32/Olmarik.AFK trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_13.16.13\tdlfs0000\tsk0003.dta"
sh=1F6E742329EEEFB968360A68A2A730A8685048B3 ft=1 fh=8f2c7595a93029ff vn="Win64/Olmarik.R trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_13.16.13\tdlfs0000\tsk0004.dta"
sh=B9A1AAA8E4F042B4592B8DCD19F98CE7417DE25A ft=1 fh=502abc3477450bf0 vn="Win32/Olmarik.ADZ trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_13.16.13\tdlfs0000\tsk0005.dta"
sh=5DDCD3ADC731EECF0554C8CD62EE70A57E6ECA20 ft=1 fh=b8e8029d98b1e3c7 vn="Win64/Olmarik.A trojan" ac=I fn="C:\TDSSKiller_Quarantine\22.04.2014_13.16.13\tdlfs0000\tsk0006.dta"

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Philip (administrator) on PHILIP-PC on 23-04-2014 19:21:45
Running from C:\Users\Philip\Desktop\Ordner\Tools\Antivirus
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8321568 2009-11-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-01-13] (Softthinks)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [Spotify Web Helper] => C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-15] (Spotify Ltd)
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {A52CAAE5-D568-4FFF-B780-D06DA794BA62} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {51B79B53-627C-4DDA-9A17-6B306B77196A} URL =
SearchScopes: HKCU - {A52CAAE5-D568-4FFF-B780-D06DA794BA62} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {E491B4A4-BC58-49B8-BE46-84D7FA1DF57A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - {F1347901-060E-4775-8679-390DA5814695} URL =
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Philip\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Philip\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WEB.DE MailCheck - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\toolbar@web.de.xpi [2013-10-31]
FF Extension: Adblock Plus - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-04-10]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-28]

==================== Services (Whitelisted) =================

S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2011-06-16] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [173344 2007-03-06] (Labtec Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-08] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S2 SystemStoreService; "C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe"  -displayname "System Store" -servicename "SystemStoreService" [X]

==================== Drivers (Whitelisted) ====================

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-05-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-08] (DT Soft Ltd)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658432 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19456 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-05-19] ()
S3 LVcKap64; C:\Windows\System32\DRIVERS\LVcKap64.sys [1029024 2007-03-06] (Labtec Inc.)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2496928 2007-03-06] (Labtec Inc.)
S3 LVUSBS64; C:\Windows\System32\DRIVERS\LVUSBS64.sys [58400 2007-03-06] (Labtec Inc.)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561V64.SYS [468000 2007-03-06] (Labtec Inc.)
R2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [12528 2013-06-30] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 ALSysIO; \??\C:\Users\Philip\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 11:23 - 2014-04-23 11:23 - 02347384 _____ (ESET) C:\Users\Philip\Downloads\esetsmartinstaller_enu.exe
2014-04-23 11:23 - 2014-04-23 11:23 - 00005022 _____ () C:\Users\Philip\Desktop\mbam.txt
2014-04-23 10:58 - 2014-04-23 11:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 10:57 - 2014-04-23 10:57 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-23 10:57 - 2014-04-23 10:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 10:57 - 2014-04-23 10:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-23 10:57 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-23 10:57 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-23 10:57 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-23 10:56 - 2014-04-23 10:56 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Philip\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 19:18 - 2014-04-22 19:18 - 00021204 _____ () C:\ComboFix.txt
2014-04-22 19:05 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-22 19:05 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-22 19:05 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-22 19:05 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-22 19:05 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-22 19:05 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-22 19:05 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-22 19:05 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-22 19:04 - 2014-04-22 19:18 - 00000000 ____D () C:\Qoobox
2014-04-22 19:04 - 2014-04-22 19:17 - 00000000 ____D () C:\Windows\erdnt
2014-04-22 19:00 - 2014-04-22 19:00 - 05196870 ____R (Swearware) C:\Users\Philip\Desktop\ComboFix.exe
2014-04-22 18:56 - 2014-04-22 18:56 - 00019048 _____ () C:\Users\Philip\Desktop\JRT.txt
2014-04-22 18:51 - 2014-04-22 18:51 - 01345751 _____ () C:\Users\Philip\Downloads\AdwCleaner.exe
2014-04-22 18:51 - 2014-04-22 18:51 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 18:50 - 2014-04-22 18:50 - 01016261 _____ (Thisisu) C:\Users\Philip\Downloads\JRT.exe
2014-04-22 14:36 - 2014-04-22 14:36 - 00002950 _____ () C:\Windows\System32\Tasks\{FA2968FC-72A8-41CA-89B1-699223B8FBC9}
2014-04-22 14:17 - 2014-04-22 14:17 - 03007700 _____ () C:\Users\Philip\Downloads\revouninstaller.zip
2014-04-22 11:28 - 2014-04-22 13:45 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-22 11:23 - 2014-04-22 11:24 - 04142142 _____ () C:\Users\Philip\Downloads\tdsskiller-1.zip
2014-04-21 21:46 - 2014-04-21 21:54 - 00004711 _____ () C:\Windows\IE11_main.log
2014-04-21 10:33 - 2014-04-23 11:20 - 00006866 _____ () C:\Windows\PFRO.log
2014-04-20 19:52 - 2014-04-20 19:52 - 04118280 _____ () C:\Users\Philip\Downloads\tdsskiller.zip
2014-04-20 19:52 - 2014-04-20 19:52 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Philip\Downloads\tdsskiller.exe
2014-04-20 16:33 - 2014-04-23 19:17 - 00000504 _____ () C:\Windows\setupact.log
2014-04-20 16:33 - 2014-04-20 16:33 - 282212403 _____ () C:\Windows\MEMORY.DMP
2014-04-20 16:33 - 2014-04-20 16:33 - 00274448 _____ () C:\Windows\Minidump\042014-24554-01.dmp
2014-04-20 16:33 - 2014-04-20 16:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 20:20 - 2014-04-19 20:20 - 00000000 ____D () C:\Users\Philip\Documents\Electronic Arts
2014-04-19 19:55 - 2014-04-19 19:56 - 00018511 _____ () C:\Windows\DirectX.log
2014-04-19 19:53 - 2014-04-19 19:54 - 00054652 _____ () C:\Users\Philip\Downloads\Addition.txt
2014-04-19 19:53 - 2014-04-19 19:54 - 00029974 _____ () C:\Users\Philip\Downloads\FRST.txt
2014-04-19 19:52 - 2014-04-23 19:21 - 00000000 ____D () C:\FRST
2014-04-19 10:58 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-19 10:58 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-19 10:58 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-19 10:58 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-19 10:57 - 2014-04-19 10:58 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-15 11:53 - 2014-04-15 11:54 - 00000000 ____D () C:\Users\Philip\Desktop\Abitur
2014-04-10 16:40 - 2014-04-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-23 19:21 - 2014-04-19 19:52 - 00000000 ____D () C:\FRST
2014-04-23 19:21 - 2012-06-15 14:03 - 01569714 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 19:19 - 2011-10-03 22:54 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-23 19:17 - 2014-04-20 16:33 - 00000504 _____ () C:\Windows\setupact.log
2014-04-23 19:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 15:25 - 2013-10-03 13:52 - 00000000 ____D () C:\Users\Philip\AppData\Roaming\Tunngle
2014-04-23 15:25 - 2013-10-03 13:52 - 00000000 ____D () C:\ProgramData\Tunngle
2014-04-23 15:23 - 2012-03-30 12:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 15:23 - 2011-05-17 16:04 - 00000000 ____D () C:\Users\Philip\AppData\Roaming\Skype
2014-04-23 15:10 - 2011-10-03 22:54 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 14:15 - 2013-01-27 15:10 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job
2014-04-23 14:15 - 2013-01-27 15:10 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job
2014-04-23 11:28 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 11:28 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 11:24 - 2009-07-14 19:58 - 09207320 _____ () C:\Windows\system32\perfh007.dat
2014-04-23 11:24 - 2009-07-14 19:58 - 02805926 _____ () C:\Windows\system32\perfc007.dat
2014-04-23 11:24 - 2009-07-14 07:13 - 00006458 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 11:23 - 2014-04-23 11:23 - 02347384 _____ (ESET) C:\Users\Philip\Downloads\esetsmartinstaller_enu.exe
2014-04-23 11:23 - 2014-04-23 11:23 - 00005022 _____ () C:\Users\Philip\Desktop\mbam.txt
2014-04-23 11:21 - 2014-04-23 10:58 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 11:20 - 2014-04-21 10:33 - 00006866 _____ () C:\Windows\PFRO.log
2014-04-23 11:20 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-04-23 10:57 - 2014-04-23 10:57 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-23 10:57 - 2014-04-23 10:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 10:57 - 2014-04-23 10:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-23 10:56 - 2014-04-23 10:56 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Philip\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-22 19:18 - 2014-04-22 19:18 - 00021204 _____ () C:\ComboFix.txt
2014-04-22 19:18 - 2014-04-22 19:04 - 00000000 ____D () C:\Qoobox
2014-04-22 19:18 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-22 19:17 - 2014-04-22 19:04 - 00000000 ____D () C:\Windows\erdnt
2014-04-22 19:16 - 2011-05-17 01:29 - 00000000 ____D () C:\Users\Philip
2014-04-22 19:16 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-22 19:00 - 2014-04-22 19:00 - 05196870 ____R (Swearware) C:\Users\Philip\Desktop\ComboFix.exe
2014-04-22 18:59 - 2012-09-18 20:25 - 00134788 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-04-22 18:56 - 2014-04-22 18:56 - 00019048 _____ () C:\Users\Philip\Desktop\JRT.txt
2014-04-22 18:51 - 2014-04-22 18:51 - 01345751 _____ () C:\Users\Philip\Downloads\AdwCleaner.exe
2014-04-22 18:51 - 2014-04-22 18:51 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 18:50 - 2014-04-22 18:50 - 01016261 _____ (Thisisu) C:\Users\Philip\Downloads\JRT.exe
2014-04-22 14:36 - 2014-04-22 14:36 - 00002950 _____ () C:\Windows\System32\Tasks\{FA2968FC-72A8-41CA-89B1-699223B8FBC9}
2014-04-22 14:17 - 2014-04-22 14:17 - 03007700 _____ () C:\Users\Philip\Downloads\revouninstaller.zip
2014-04-22 13:45 - 2014-04-22 11:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-22 11:24 - 2014-04-22 11:23 - 04142142 _____ () C:\Users\Philip\Downloads\tdsskiller-1.zip
2014-04-21 21:54 - 2014-04-21 21:46 - 00004711 _____ () C:\Windows\IE11_main.log
2014-04-21 21:42 - 2011-06-14 18:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-21 21:42 - 2011-06-08 20:40 - 00000000 ____D () C:\ProgramData\Origin
2014-04-21 21:42 - 2011-05-17 15:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-20 19:52 - 2014-04-20 19:52 - 04118280 _____ () C:\Users\Philip\Downloads\tdsskiller.zip
2014-04-20 19:52 - 2014-04-20 19:52 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Philip\Downloads\tdsskiller.exe
2014-04-20 19:49 - 2011-05-18 21:42 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-04-20 19:48 - 2011-10-03 22:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-20 18:49 - 2011-05-20 14:51 - 00000000 ____D () C:\Users\Philip\AppData\Local\Adobe
2014-04-20 18:48 - 2012-03-30 12:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 18:47 - 2012-03-30 12:04 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 18:47 - 2011-05-17 15:44 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 16:33 - 2014-04-20 16:33 - 282212403 _____ () C:\Windows\MEMORY.DMP
2014-04-20 16:33 - 2014-04-20 16:33 - 00274448 _____ () C:\Windows\Minidump\042014-24554-01.dmp
2014-04-20 16:33 - 2014-04-20 16:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-20 16:33 - 2011-05-23 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-04-19 20:20 - 2014-04-19 20:20 - 00000000 ____D () C:\Users\Philip\Documents\Electronic Arts
2014-04-19 20:20 - 2011-06-14 17:53 - 00000000 ____D () C:\Users\Philip\AppData\Local\Electronic Arts
2014-04-19 19:56 - 2014-04-19 19:55 - 00018511 _____ () C:\Windows\DirectX.log
2014-04-19 19:54 - 2014-04-19 19:53 - 00054652 _____ () C:\Users\Philip\Downloads\Addition.txt
2014-04-19 19:54 - 2014-04-19 19:53 - 00029974 _____ () C:\Users\Philip\Downloads\FRST.txt
2014-04-19 12:57 - 2012-02-20 17:13 - 00000000 ___RD () C:\Users\Philip\Desktop\Ordner
2014-04-19 10:58 - 2014-04-19 10:57 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-19 10:58 - 2013-10-03 20:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 10:58 - 2010-03-18 13:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-18 16:01 - 2012-04-17 17:41 - 00000000 ____D () C:\Users\Philip\AppData\Roaming\Spotify
2014-04-16 15:05 - 2011-05-17 16:51 - 00000000 ____D () C:\ProgramData\Apple
2014-04-16 13:02 - 2012-04-17 17:42 - 00000000 ____D () C:\Users\Philip\AppData\Local\Spotify
2014-04-15 20:05 - 2013-04-17 19:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-15 11:54 - 2014-04-15 11:53 - 00000000 ____D () C:\Users\Philip\Desktop\Abitur
2014-04-14 20:13 - 2014-04-19 10:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-19 10:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-19 10:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-19 10:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 17:22 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-10 16:40 - 2014-04-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 20:05 - 2011-10-03 22:54 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-07 20:05 - 2011-10-03 22:54 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-03 09:51 - 2014-04-23 10:57 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 10:57 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 10:57 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 16:18 - 2013-12-19 17:18 - 00000137 _____ () C:\Users\Philip\AppData\Roaming\WB.CFG
2014-03-29 20:46 - 2010-03-18 13:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2010-03-18 22:06] - [2010-03-18 22:06] - 2868736 ____A (Microsoft Corporation) 6D4F9E4B640B413C6F73414327484C80

C:\Windows\SysWOW64\explorer.exe
[2010-03-18 22:06] - [2010-03-18 22:06] - 2613248 ____A (Microsoft Corporation) FC89FACA0473641CB625EDA9277D0885

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 19:29

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Philip at 2014-04-23 19:22:38
Running from C:\Users\Philip\Desktop\Ordner\Tools\Antivirus
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader 9.5.3 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{1D420647-DF79-D93E-66E1-6B053F1F9BE0}) (Version: 2.0.4224.34064 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{D726D186-0BA7-8BC4-6273-A9AED17C7B8A}) (Version: 2.0.4532.34673 - Advanced Micro Devices, Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23268 - Ask.com) <==== ATTENTION
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.3.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.02 - Broadcom Corporation)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1209.2335.42329 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source v17 (HKLM-x32\...\Counter-Strike: Source v17) (Version:  - )
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CycoreFX HD-64 1.7 for After Effects (HKLM-x32\...\CycoreFX HD-64 1.7 for After Effects) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.34 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.74 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Der Herr der Ringe® - Die Eroberung™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
ffdshow [rev 2202] [2008-10-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free DVD Creator version 2.0 (HKLM-x32\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Free Video to DVD Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FXAA Post Process Injector (HKLM-x32\...\FXAA Post Process Injector) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
HWiNFO64 Version 4.24 (HKLM\...\HWiNFO64_is1) (Version: 4.24 - Martin Malík - REALiX)
iCloud (HKLM\...\{89BDAE1A-7B8E-4A0E-A169-02F7F366451D}) (Version: 2.1.0.39 - Apple Inc.)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 9.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.0 - )
Labtec WebCam (HKLM\...\{FA4DA5D7-5140-4024-BADD-FCB540833E5D}) (Version: 10.51.1130 - Labtec, Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5977 - Realtek Semiconductor Corp.)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.170 - Sony Online Entertainment)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Incorporated)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Toolbar (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode Version 3.1.6.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.9 - XMedia Recode)

==================== Restore Points  =========================

17-04-2014 12:09:37 Geplanter Prüfpunkt
19-04-2014 08:56:22 Installed Java 7 Update 55
19-04-2014 17:54:21 DirectX wurde installiert
22-04-2014 17:05:51 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-22 19:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0099E1E5-9B86-4FCB-A7F6-4BD5D05C64E7} - System32\Tasks\{A406987F-3F4C-49A7-A287-24551A9594A9} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {0213C5ED-2D34-4EAD-ABDB-4CB74225AA2D} - System32\Tasks\{28E75563-13A6-4254-8B72-BB4157562C9C} => C:\Users\Philip\Downloads\webcam1051deu_x64.exe
Task: {05C1F3A1-4B9D-423D-B3C3-528BF7FA8E85} - System32\Tasks\{DBAD9574-D40E-4C5C-BF14-AB7EE2FB5477} => D:\_ISDEL.EXE
Task: {0D7ED96B-366D-4F5B-8867-FEE0A9DD5570} - System32\Tasks\{EAE55B9B-D7E3-45C6-80BD-7E5CC68678D8} => C:\Program Files (x86)\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe
Task: {0E61AC01-50AB-46A4-85EE-767176085F8D} - System32\Tasks\{B322BD7A-B257-4E3C-B0E9-500B60459896} => Firefox.exe
Task: {172B81B0-418A-4ED2-9629-999968EA481A} - System32\Tasks\{339B9848-2240-4216-B66F-E77F1BF99E51} => C:\Program Files (x86)\Call of Duty\CoDSP.exe [2003-10-30] ()
Task: {2150CC91-8BED-492F-9F42-1D0B67CB8E71} - System32\Tasks\{EE26D74C-73AD-456E-AF8D-70C5CA3A9AE2} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {22479661-BAFA-4F7E-B2A6-E5AAAF098D3F} - System32\Tasks\{D0EDE78D-A43A-4F20-8562-BF134BDBE8F6} => C:\Users\Philip\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
Task: {24B79D1D-86B3-4A2B-9723-69B54DD76785} - System32\Tasks\{4B6380BE-EA5F-4567-A815-2B97EF2648AF} => D:\_ISDEL.EXE
Task: {2929858A-3F02-42BD-AD4A-6AD117D85C7E} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {295B845D-C1CC-4B24-B2E9-C025FF793BB6} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {2ABD5925-608E-4E5F-81B4-AB9403C05988} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {2B5C5DFA-14E5-4146-A870-01B5060C5DDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-20] (Adobe Systems Incorporated)
Task: {2D021799-9AE0-4FED-84EB-389C6FF4C39B} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Safari\1Click.exe
Task: {2D65B94D-65CC-44C3-B3EC-5E7471FAFD75} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-05-29] () <==== ATTENTION
Task: {2DA9CBE9-5784-4784-BFEB-DA9792FF1EAA} - System32\Tasks\{EBD97FBF-CE8C-41F3-BC03-64C1160C3D54} => D:\_ISDEL.EXE
Task: {340D9D15-6C85-424D-8413-E442C593E546} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {349C0DE6-713E-497C-9CA7-D6F9CECAD891} - System32\Tasks\Dealply => C:\Users\Philip\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {43CBA4BC-EA97-4038-842D-92DC51E36A89} - System32\Tasks\{AFCCA13B-6683-402F-9AD9-98203F9A9EF3} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {463F7FD2-4934-484B-B15E-CF9CA5C8097A} - System32\Tasks\{0BDA5E34-7DC4-4A5D-B017-8470CC5F80AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {4C7ED2FF-B91B-452A-A3B7-A7734902B3B2} - System32\Tasks\BrowserDefendert
Task: {53483F72-5404-4D63-9390-D610BB5F19F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5697979B-FEF7-4021-A43E-C3DBC3955D3A} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-23] ()
Task: {580FEA43-CE45-4CFA-8E22-F8BE8094A077} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {74E2AFA8-A481-43D7-AA80-E1CE43815649} - System32\Tasks\{88549521-5DA0-4AA4-BBC2-3429EBA6EC43} => D:\_ISDEL.EXE
Task: {788C7039-5C32-4B08-ADF8-AB70F2417D99} - System32\Tasks\Google Updater and Installer => C:\Users\Philip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {827C6551-75F2-49F7-86A0-0CEB6267277A} - System32\Tasks\{42305BEC-5A2F-400E-B430-22D1CBFDE48D} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {83263FEC-94C6-4033-9D70-6B537FB87A79} - System32\Tasks\JavaUpdateSched => C:\Windows\System32\jusched.exe [2010-03-18] (Sun Microsystems, Inc.)
Task: {8826300E-4640-4062-BDD3-D433FE08556E} - System32\Tasks\{FA2968FC-72A8-41CA-89B1-699223B8FBC9} => C:\Users\Philip\Downloads\adwcleaner.exe [2014-04-22] ()
Task: {90754EB8-CB92-490D-A552-A0FF188CD72F} - System32\Tasks\{A398B4A3-513D-4839-9DA2-6711B9DF118F} => Firefox.exe
Task: {917A5E7D-A34C-4F36-BC6E-BA5EDA8A9636} - System32\Tasks\{55B1E58B-7D30-434C-8814-99BB8A404BB7} => Firefox.exe
Task: {91876DDF-1A2E-45FA-8660-60EC7912DA98} - System32\Tasks\{213989E0-3C20-44C4-8734-3D4F319DFE88} => Firefox.exe
Task: {98BAD724-F4AA-4ECD-8E98-284BF6B108DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {99377543-CA83-425B-A2D1-3B2C398EA15C} - System32\Tasks\{8877A725-1921-4B7B-9838-9FFA8A3A4175} => D:\_ISDEL.EXE
Task: {9CC41521-CA2B-4A1F-8444-B0A322BE8BEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9D39864D-A9C5-464D-9024-CF516FD4D7A0} - System32\Tasks\{C157E6D4-2A46-401B-B244-C2893079D826} => Firefox.exe
Task: {9DBDCD30-B958-4104-9226-CFB2C010866C} - System32\Tasks\{9DDB1B82-3DF6-4829-AE8D-EF5C090169A5} => D:\SETUP.EXE
Task: {9F031F4D-8C0E-4FB1-985A-F5959EDB81D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9FA80E47-961A-4A84-A6AB-368ED1FE94F2} - System32\Tasks\{D4448B81-CC1B-480A-AFDF-F94309F17813} => D:\_ISDEL.EXE
Task: {A4BAF711-0B99-4372-A9EA-945B23F0F5D0} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {A956EF08-5DCC-47F0-A6CB-A4DC673446EA} - System32\Tasks\{732325CA-8798-431C-BBEF-2095A65F1828} => D:\SETUP.EXE
Task: {AD847B47-6996-41B9-BC5B-59B294189393} - System32\Tasks\{8183A7B3-F7D8-4D5C-837E-E358125DAB75} => C:\Users\Philip\Downloads\SoftonicDownloader_fuer_sonicstage.exe
Task: {B1658FAD-FFD3-4AA1-8077-A8DE51194D3F} - System32\Tasks\{DA0BCC55-4B5F-4A68-A1AC-CB853AF4DD04} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {B9902F32-72DE-484E-8D55-948E7DABB2AD} - System32\Tasks\{499AF17F-67AF-4D0D-978C-87E24C4644DB} => Firefox.exe
Task: {BE9F6BA8-FB43-46E5-A1BA-54541160FFCB} - System32\Tasks\{DC011BCD-0A67-4D3A-95AF-347D7118AEBE} => D:\SETUP.EXE
Task: {C481A97C-21BD-469E-813D-AAAFC8271EC4} - System32\Tasks\{FDAF1706-86BF-4F0A-AAC9-F554A1278D9F} => D:\SETUP.EXE
Task: {C5A1C017-3ABA-47DB-9428-1C782DEE4BA5} - System32\Tasks\LyricsSpeaker Update => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe <==== ATTENTION
Task: {DC72AF65-2C74-4B57-99BE-FA2A44C2156F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {E4D32404-08AE-4DCC-89D8-D85726394C07} - System32\Tasks\{CB306D73-D4A5-4C9E-B046-3D69F817BC25} => D:\SETUP.EXE
Task: {EECFDD11-93A8-484C-8F92-AFB883983DE4} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {F3F81F65-2AD4-4E58-B8C2-648E272CEE0C} - System32\Tasks\{512AF1ED-5EA6-4AE4-BECB-FDB76F6F9328} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {F40DC4E7-8883-4728-84A5-4720C14C0415} - System32\Tasks\{6B56370F-D515-4E08-86E0-2C8154E6FB42} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {F4CE2786-5462-481D-9E31-9447BCF1CAF4} - System32\Tasks\{6BB9C277-EBFF-4895-83CE-AE553C07320E} => Firefox.exe
Task: {F795D2D4-C2AC-48E6-BFFB-3AB960870473} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03] (Adobe Systems Incorporated)
Task: {FE21CDC3-5F38-442E-B63E-513A1666EC5D} - System32\Tasks\{672D2BF0-FA32-4E89-B98C-5AF98918C167} => D:\Setup.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-08 15:20 - 2013-05-08 15:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-28 17:37 - 2012-11-28 17:37 - 00954256 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-05-26 21:44 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-03-18 13:32 - 2011-01-13 20:39 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2013-03-28 22:30 - 2013-03-28 22:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-11-08 21:48 - 2013-04-19 22:33 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00128240 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-03-18 13:32 - 2011-01-13 20:36 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-03-18 13:32 - 2009-12-02 17:48 - 00079088 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00234736 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00074992 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00111856 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00121072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2012-03-07 20:15 - 2012-03-07 20:15 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
2012-03-07 20:15 - 2012-03-07 20:15 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: SftService => 2
MSCONFIG\startupfolder: C:^Users^Philip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe                                                                                                                                                                                                               
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                     
MSCONFIG\startupreg: Facebook Update => "C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver                                                                                                                                                                                   
MSCONFIG\startupreg: LogitechCommunicationsManager => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"                                                                                                                                                                                       
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files (x86)\Labtec\WebCam\WebCam10.exe" /hide                                                                                                                                                                                                               
MSCONFIG\startupreg: LVCOMSX => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe"                                                                                                                                                                                                     
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Okfas => C:\Users\Philip\AppData\Roaming\Ubusc\tuixu.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"                                                                                                                                                                                         
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Userinit => C:\Users\Philip\AppData\Roaming\appconf32.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: AODDriver4.2
Description: AODDriver4.2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2014 07:18:50 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (04/23/2014 03:46:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (04/23/2014 11:24:56 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/23/2014 11:24:56 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/23/2014 11:24:55 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/23/2014 11:24:18 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (04/23/2014 11:23:55 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (04/23/2014 11:21:24 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (04/23/2014 10:58:17 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/23/2014 10:58:17 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (04/23/2014 07:20:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/23/2014 07:20:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/23/2014 07:20:39 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422

Error: (04/23/2014 07:19:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/23/2014 07:19:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/23/2014 07:19:20 PM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (04/23/2014 07:19:20 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422

Error: (04/23/2014 07:19:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/23/2014 07:18:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/23/2014 07:18:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (04/23/2014 07:18:50 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (04/23/2014 03:46:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/23/2014 11:24:56 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/23/2014 11:24:56 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/23/2014 11:24:55 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/23/2014 11:24:18 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Philip\Downloads\esetsmartinstaller_enu.exe

Error: (04/23/2014 11:23:55 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Philip\Downloads\esetsmartinstaller_enu.exe

Error: (04/23/2014 11:21:24 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (04/23/2014 10:58:17 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/23/2014 10:58:17 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2014-04-22 19:16:11.739
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-22 19:16:11.708
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-22 11:21:29.590
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-22 11:11:52.032
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 19:24:12.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 19:09:18.858
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 18:56:54.850
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 15:46:14.431
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 11:07:33.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 10:33:18.405
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 6142.98 MB
Available physical RAM: 4262.77 MB
Total Pagefile: 12284.1 MB
Available Pagefile: 10315.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:585.42 GB) (Free:92.43 GB) NTFS
Drive j: (Far Cry 3) (CDROM) (Total:7.7 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: B8000000)
Partition 1: (Not Active) - (Size=71 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585 GB) - (Type=07 NTFS)

==================== End Of Log ============================

deeprybka 24.04.2014 07:43
Hi,
na das sieht doch nicht schlecht aus... ;)

Frage nebenbei: Brauchst den Proxyeintrag noch?
Code:
ProxyServer: 216.155.139.115:3128
So gehts weiter: ;)

Schritt 1
Windows 7 Service Pack 1 installieren. In Deinem Fall: windows6.1-KB976932-X64.exe
Hier findest Du nähere Informationen dazu.

Meiner Meinung nach, ist das Runterladen und direkte Installieren des Service Pack empfehlenswert. Hier kannst Du Dir den SP1 für Windows herunterladen.
Falls es Probleme gibt, dann installiere Dir bitte dieses Tool.
Sollte die Installation erfolgreich gewesen sein, stelle anschließend sicher, dass die Windows Update-Funktion aktiviert ist. Eine Anleitung dazu findest Du hier. Installiere damit alle verfügbaren Updates.

Sind diese Punkte erledigt folgt

Schritt 2
Sicherheitsrelevante Software aktualisieren.
Besuche bitte die Update Seite von Flashplayer sowohl mit dem Firefox, als auch mit dem Internetexplorer.
Achte bitte bei der Installation strikt darauf, dass keinerlei "Toolbars" & Co. mitgeladen werden. Dies erreichst Du durch Entfernen der Haken bei den optionalen "Angeboten". ;)

Schritt 3

http://filepony.de/icon/frst.pnghttp://s7.directupload.net/images/140409/rj2cjvkm.jpg

Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

PhilMcDevil 24.04.2014 10:38
Den Proxyeintrag brauche ich nicht mehr.
Die FRST.txt kann ich nicht posten, da sie zu lang ist. Als Anhang geht es auch nicht. Wie soll ich die jetzt posten ?
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by Philip at 2014-04-24 11:27:23
Running from C:\Users\Philip\Desktop\Ordner\Tools\Antivirus
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader 9.5.3 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{1D420647-DF79-D93E-66E1-6B053F1F9BE0}) (Version: 2.0.4224.34064 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{D726D186-0BA7-8BC4-6273-A9AED17C7B8A}) (Version: 2.0.4532.34673 - Advanced Micro Devices, Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23268 - Ask.com) <==== ATTENTION
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.3.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.02 - Broadcom Corporation)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1209.2335.42329 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source v17 (HKLM-x32\...\Counter-Strike: Source v17) (Version:  - )
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CycoreFX HD-64 1.7 for After Effects (HKLM-x32\...\CycoreFX HD-64 1.7 for After Effects) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.34 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.74 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Der Herr der Ringe® - Die Eroberung™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
ffdshow [rev 2202] [2008-10-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free DVD Creator version 2.0 (HKLM-x32\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Free Video to DVD Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FXAA Post Process Injector (HKLM-x32\...\FXAA Post Process Injector) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
HWiNFO64 Version 4.24 (HKLM\...\HWiNFO64_is1) (Version: 4.24 - Martin Malík - REALiX)
iCloud (HKLM\...\{89BDAE1A-7B8E-4A0E-A169-02F7F366451D}) (Version: 2.1.0.39 - Apple Inc.)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 9.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.0 - )
Labtec WebCam (HKLM\...\{FA4DA5D7-5140-4024-BADD-FCB540833E5D}) (Version: 10.51.1130 - Labtec, Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5977 - Realtek Semiconductor Corp.)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.170 - Sony Online Entertainment)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Incorporated)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Toolbar (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode Version 3.1.6.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.9 - XMedia Recode)

==================== Restore Points  =========================

24-04-2014 08:03:40 Windows 7 Service Pack 1

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-22 19:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0099E1E5-9B86-4FCB-A7F6-4BD5D05C64E7} - System32\Tasks\{A406987F-3F4C-49A7-A287-24551A9594A9} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {0213C5ED-2D34-4EAD-ABDB-4CB74225AA2D} - System32\Tasks\{28E75563-13A6-4254-8B72-BB4157562C9C} => C:\Users\Philip\Downloads\webcam1051deu_x64.exe
Task: {05C1F3A1-4B9D-423D-B3C3-528BF7FA8E85} - System32\Tasks\{DBAD9574-D40E-4C5C-BF14-AB7EE2FB5477} => D:\_ISDEL.EXE
Task: {0D7ED96B-366D-4F5B-8867-FEE0A9DD5570} - System32\Tasks\{EAE55B9B-D7E3-45C6-80BD-7E5CC68678D8} => C:\Program Files (x86)\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe
Task: {0E61AC01-50AB-46A4-85EE-767176085F8D} - System32\Tasks\{B322BD7A-B257-4E3C-B0E9-500B60459896} => Firefox.exe
Task: {172B81B0-418A-4ED2-9629-999968EA481A} - System32\Tasks\{339B9848-2240-4216-B66F-E77F1BF99E51} => C:\Program Files (x86)\Call of Duty\CoDSP.exe [2003-10-30] ()
Task: {2150CC91-8BED-492F-9F42-1D0B67CB8E71} - System32\Tasks\{EE26D74C-73AD-456E-AF8D-70C5CA3A9AE2} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {22479661-BAFA-4F7E-B2A6-E5AAAF098D3F} - System32\Tasks\{D0EDE78D-A43A-4F20-8562-BF134BDBE8F6} => C:\Users\Philip\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
Task: {24B79D1D-86B3-4A2B-9723-69B54DD76785} - System32\Tasks\{4B6380BE-EA5F-4567-A815-2B97EF2648AF} => D:\_ISDEL.EXE
Task: {2929858A-3F02-42BD-AD4A-6AD117D85C7E} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {295B845D-C1CC-4B24-B2E9-C025FF793BB6} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {2ABD5925-608E-4E5F-81B4-AB9403C05988} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {2B5C5DFA-14E5-4146-A870-01B5060C5DDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-24] (Adobe Systems Incorporated)
Task: {2D021799-9AE0-4FED-84EB-389C6FF4C39B} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Safari\1Click.exe
Task: {2D65B94D-65CC-44C3-B3EC-5E7471FAFD75} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-05-29] () <==== ATTENTION
Task: {2DA9CBE9-5784-4784-BFEB-DA9792FF1EAA} - System32\Tasks\{EBD97FBF-CE8C-41F3-BC03-64C1160C3D54} => D:\_ISDEL.EXE
Task: {340D9D15-6C85-424D-8413-E442C593E546} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {349C0DE6-713E-497C-9CA7-D6F9CECAD891} - System32\Tasks\Dealply => C:\Users\Philip\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {43CBA4BC-EA97-4038-842D-92DC51E36A89} - System32\Tasks\{AFCCA13B-6683-402F-9AD9-98203F9A9EF3} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {463F7FD2-4934-484B-B15E-CF9CA5C8097A} - System32\Tasks\{0BDA5E34-7DC4-4A5D-B017-8470CC5F80AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {4C7ED2FF-B91B-452A-A3B7-A7734902B3B2} - System32\Tasks\BrowserDefendert
Task: {53483F72-5404-4D63-9390-D610BB5F19F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5697979B-FEF7-4021-A43E-C3DBC3955D3A} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-23] ()
Task: {580FEA43-CE45-4CFA-8E22-F8BE8094A077} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {74E2AFA8-A481-43D7-AA80-E1CE43815649} - System32\Tasks\{88549521-5DA0-4AA4-BBC2-3429EBA6EC43} => D:\_ISDEL.EXE
Task: {788C7039-5C32-4B08-ADF8-AB70F2417D99} - System32\Tasks\Google Updater and Installer => C:\Users\Philip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {827C6551-75F2-49F7-86A0-0CEB6267277A} - System32\Tasks\{42305BEC-5A2F-400E-B430-22D1CBFDE48D} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {83263FEC-94C6-4033-9D70-6B537FB87A79} - System32\Tasks\JavaUpdateSched => C:\Windows\System32\jusched.exe [2010-03-18] (Sun Microsystems, Inc.)
Task: {8826300E-4640-4062-BDD3-D433FE08556E} - System32\Tasks\{FA2968FC-72A8-41CA-89B1-699223B8FBC9} => C:\Users\Philip\Downloads\adwcleaner.exe [2014-04-22] ()
Task: {90754EB8-CB92-490D-A552-A0FF188CD72F} - System32\Tasks\{A398B4A3-513D-4839-9DA2-6711B9DF118F} => Firefox.exe
Task: {917A5E7D-A34C-4F36-BC6E-BA5EDA8A9636} - System32\Tasks\{55B1E58B-7D30-434C-8814-99BB8A404BB7} => Firefox.exe
Task: {91876DDF-1A2E-45FA-8660-60EC7912DA98} - System32\Tasks\{213989E0-3C20-44C4-8734-3D4F319DFE88} => Firefox.exe
Task: {98BAD724-F4AA-4ECD-8E98-284BF6B108DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {99377543-CA83-425B-A2D1-3B2C398EA15C} - System32\Tasks\{8877A725-1921-4B7B-9838-9FFA8A3A4175} => D:\_ISDEL.EXE
Task: {9CC41521-CA2B-4A1F-8444-B0A322BE8BEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9D39864D-A9C5-464D-9024-CF516FD4D7A0} - System32\Tasks\{C157E6D4-2A46-401B-B244-C2893079D826} => Firefox.exe
Task: {9DBDCD30-B958-4104-9226-CFB2C010866C} - System32\Tasks\{9DDB1B82-3DF6-4829-AE8D-EF5C090169A5} => D:\SETUP.EXE
Task: {9F031F4D-8C0E-4FB1-985A-F5959EDB81D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9FA80E47-961A-4A84-A6AB-368ED1FE94F2} - System32\Tasks\{D4448B81-CC1B-480A-AFDF-F94309F17813} => D:\_ISDEL.EXE
Task: {A4BAF711-0B99-4372-A9EA-945B23F0F5D0} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {A956EF08-5DCC-47F0-A6CB-A4DC673446EA} - System32\Tasks\{732325CA-8798-431C-BBEF-2095A65F1828} => D:\SETUP.EXE
Task: {AD847B47-6996-41B9-BC5B-59B294189393} - System32\Tasks\{8183A7B3-F7D8-4D5C-837E-E358125DAB75} => C:\Users\Philip\Downloads\SoftonicDownloader_fuer_sonicstage.exe
Task: {B1658FAD-FFD3-4AA1-8077-A8DE51194D3F} - System32\Tasks\{DA0BCC55-4B5F-4A68-A1AC-CB853AF4DD04} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {B9902F32-72DE-484E-8D55-948E7DABB2AD} - System32\Tasks\{499AF17F-67AF-4D0D-978C-87E24C4644DB} => Firefox.exe
Task: {BE9F6BA8-FB43-46E5-A1BA-54541160FFCB} - System32\Tasks\{DC011BCD-0A67-4D3A-95AF-347D7118AEBE} => D:\SETUP.EXE
Task: {C481A97C-21BD-469E-813D-AAAFC8271EC4} - System32\Tasks\{FDAF1706-86BF-4F0A-AAC9-F554A1278D9F} => D:\SETUP.EXE
Task: {C5A1C017-3ABA-47DB-9428-1C782DEE4BA5} - System32\Tasks\LyricsSpeaker Update => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe <==== ATTENTION
Task: {DC72AF65-2C74-4B57-99BE-FA2A44C2156F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {E4D32404-08AE-4DCC-89D8-D85726394C07} - System32\Tasks\{CB306D73-D4A5-4C9E-B046-3D69F817BC25} => D:\SETUP.EXE
Task: {EECFDD11-93A8-484C-8F92-AFB883983DE4} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {F3F81F65-2AD4-4E58-B8C2-648E272CEE0C} - System32\Tasks\{512AF1ED-5EA6-4AE4-BECB-FDB76F6F9328} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {F40DC4E7-8883-4728-84A5-4720C14C0415} - System32\Tasks\{6B56370F-D515-4E08-86E0-2C8154E6FB42} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {F4CE2786-5462-481D-9E31-9447BCF1CAF4} - System32\Tasks\{6BB9C277-EBFF-4895-83CE-AE553C07320E} => Firefox.exe
Task: {F795D2D4-C2AC-48E6-BFFB-3AB960870473} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03] (Adobe Systems Incorporated)
Task: {FE21CDC3-5F38-442E-B63E-513A1666EC5D} - System32\Tasks\{672D2BF0-FA32-4E89-B98C-5AF98918C167} => D:\Setup.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-08 15:20 - 2013-05-08 15:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-28 17:37 - 2012-11-28 17:37 - 00954256 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-05-26 21:44 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-03-18 13:32 - 2011-01-13 20:39 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2013-03-28 22:30 - 2013-03-28 22:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-11-08 21:48 - 2013-04-19 22:33 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00128240 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-03-18 13:32 - 2011-01-13 20:36 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-03-18 13:32 - 2009-12-02 17:48 - 00079088 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00234736 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00074992 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00111856 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-03-18 13:32 - 2009-12-02 17:47 - 00121072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2012-03-07 20:15 - 2012-03-07 20:15 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
2012-03-07 20:15 - 2012-03-07 20:15 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: SftService => 2
MSCONFIG\startupfolder: C:^Users^Philip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe                                                                                                                                                                                                               
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                     
MSCONFIG\startupreg: Facebook Update => "C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver                                                                                                                                                                                   
MSCONFIG\startupreg: LogitechCommunicationsManager => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"                                                                                                                                                                                       
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files (x86)\Labtec\WebCam\WebCam10.exe" /hide                                                                                                                                                                                                               
MSCONFIG\startupreg: LVCOMSX => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe"                                                                                                                                                                                                     
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Okfas => C:\Users\Philip\AppData\Roaming\Ubusc\tuixu.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"                                                                                                                                                                                         
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Userinit => C:\Users\Philip\AppData\Roaming\appconf32.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: AODDriver4.2
Description: AODDriver4.2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2014 11:13:11 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/24/2014 11:13:11 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/24/2014 11:13:11 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/24/2014 11:11:18 AM) (Source: ESENT) (User: )
Description: WinMail (3288) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (04/24/2014 11:11:13 AM) (Source: ESENT) (User: )
Description: WinMail (3136) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (04/24/2014 11:08:48 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (04/24/2014 11:05:53 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: c2c_service.exe, Version: 6.3.0.11079, Zeitstempel: 0x506ada69
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74126cc4
ID des fehlerhaften Prozesses: 0x424
Startzeit der fehlerhaften Anwendung: 0xc2c_service.exe0
Pfad der fehlerhaften Anwendung: c2c_service.exe1
Pfad des fehlerhaften Moduls: c2c_service.exe2
Berichtskennung: c2c_service.exe3

Error: (04/24/2014 11:05:50 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SeaPort.exe, Version: 1.2.123.0, Zeitstempel: 0x496e9780
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74126cc4
ID des fehlerhaften Prozesses: 0x760
Startzeit der fehlerhaften Anwendung: 0xSeaPort.exe0
Pfad der fehlerhaften Anwendung: SeaPort.exe1
Pfad des fehlerhaften Moduls: SeaPort.exe2
Berichtskennung: SeaPort.exe3

Error: (04/24/2014 11:05:46 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PnkBstrA.exe, Version: 0.0.0.0, Zeitstempel: 0x4eefa440
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74126cc4
ID des fehlerhaften Prozesses: 0x748
Startzeit der fehlerhaften Anwendung: 0xPnkBstrA.exe0
Pfad der fehlerhaften Anwendung: PnkBstrA.exe1
Pfad des fehlerhaften Moduls: PnkBstrA.exe2
Berichtskennung: PnkBstrA.exe3

Error: (04/24/2014 11:05:41 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AppleMobileDeviceService.exe, Version: 17.327.4.24, Zeitstempel: 0x52fa24ee
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74126cc4
ID des fehlerhaften Prozesses: 0x660
Startzeit der fehlerhaften Anwendung: 0xAppleMobileDeviceService.exe0
Pfad der fehlerhaften Anwendung: AppleMobileDeviceService.exe1
Pfad des fehlerhaften Moduls: AppleMobileDeviceService.exe2
Berichtskennung: AppleMobileDeviceService.exe3


System errors:
=============
Error: (04/24/2014 11:11:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2014 11:11:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2014 11:11:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2014 11:11:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2014 11:11:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2014 11:11:35 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422

Error: (04/24/2014 11:11:35 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422

Error: (04/24/2014 11:10:44 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2014 11:10:44 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2014 11:10:44 AM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}


Microsoft Office Sessions:
=========================
Error: (04/24/2014 11:13:11 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/24/2014 11:13:11 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/24/2014 11:13:11 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/24/2014 11:11:18 AM) (Source: ESENT)(User: )
Description: WinMail3288WindowsMail0:

Error: (04/24/2014 11:11:13 AM) (Source: ESENT)(User: )
Description: WinMail3136WindowsMail0:

Error: (04/24/2014 11:08:48 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (04/24/2014 11:05:53 AM) (Source: Application Error)(User: )
Description: c2c_service.exe6.3.0.11079506ada69unknown0.0.0.000000000c000000574126cc442401cf5f8deb6a60d1C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeunknowna318aa87-cb8f-11e3-9fa0-00262d1cb7b6

Error: (04/24/2014 11:05:50 AM) (Source: Application Error)(User: )
Description: SeaPort.exe1.2.123.0496e9780unknown0.0.0.000000000c000000574126cc476001cf5f8deab5689fC:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeunknowna13ef8b1-cb8f-11e3-9fa0-00262d1cb7b6

Error: (04/24/2014 11:05:46 AM) (Source: Application Error)(User: )
Description: PnkBstrA.exe0.0.0.04eefa440unknown0.0.0.000000000c000000574126cc474801cf5f8deab25b5fC:\Windows\SysWOW64\PnkBstrA.exeunknown9e9af1e3-cb8f-11e3-9fa0-00262d1cb7b6

Error: (04/24/2014 11:05:41 AM) (Source: Application Error)(User: )
Description: AppleMobileDeviceService.exe17.327.4.2452fa24eeunknown0.0.0.000000000c000000574126cc466001cf5f8de87c1a3bC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeunknown9bc28cd0-cb8f-11e3-9fa0-00262d1cb7b6


CodeIntegrity Errors:
===================================
  Date: 2014-04-24 10:08:29.475
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\d7f952c0f05b1e4c7c174863ce44cc1a\fab75d69d0ab47de343b1e\f1cf939ed4ffe75e009c\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.17514_none_b57215bac8c6d647\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-24 10:08:29.428
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\d7f952c0f05b1e4c7c174863ce44cc1a\fab75d69d0ab47de343b1e\f1cf939ed4ffe75e009c\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.17514_none_b57215bac8c6d647\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-24 10:08:29.350
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\d7f952c0f05b1e4c7c174863ce44cc1a\fab75d69d0ab47de343b1e\f1cf939ed4ffe75e009c\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.17514_none_b57215bac8c6d647\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-24 10:08:29.147
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\d7f952c0f05b1e4c7c174863ce44cc1a\fab75d69d0ab47de343b1e\f1cf939ed4ffe75e009c\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.17514_none_b57215bac8c6d647\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-22 19:16:11.739
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-22 19:16:11.708
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-22 11:21:29.590
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-22 11:11:52.032
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 19:24:12.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-21 19:09:18.858
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 6142.98 MB
Available physical RAM: 3633.86 MB
Total Pagefile: 12284.15 MB
Available Pagefile: 9473.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:585.42 GB) (Free:90.83 GB) NTFS
Drive j: (Far Cry 3) (CDROM) (Total:7.7 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: B8000000)
Partition 1: (Not Active) - (Size=71 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585 GB) - (Type=07 NTFS)

==================== End Of Log ============================

deeprybka 24.04.2014 10:39
Hi, häng die FRST einfach als zip an....

PhilMcDevil 24.04.2014 10:41
Anhang 66467

deeprybka 24.04.2014 12:06
Ok, gut gemacht! :daumenhoc

Schritt 1

http://filepony.de/icon/frst.pnghttp://s1.directupload.net/images/140409/bpidhwv9.jpg

Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
S2 SystemStoreService; "C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe"  -displayname "System Store" -servicename "SystemStoreService" [X]
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Schritt 2
Java(TM) 6 Update 17
Java(TM) 6 Update 22

Bitte deinstallieren.

Von hier bitte den neuesten Internet Explorer installieren.

Gibts jetzt noch Probleme mit Deinem Rechner? Oder hast Du noch Fragen?

Ansonsten...

http://www.bleepstatic.com/download/...1337433328.png
Combofix.exe in uninstall.exe umbenennen und starten. Combofix wird sich evtl. updaten und dann alle Reste von sich selbst entfernen.

Anschließend...


lade Dir bitte http://filepony.de/icon/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu.

Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst Du sie bedenkenlos löschen.

>>clean<<
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus. :daumenhoc


Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst....:aufsmaul: ;) und/oder das Forum mit einer kleinen Spende unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)

Epilog: Tipps, Dos & Don'ts

Aktualität von System und Software

Das Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
  • Windows Vista/7/8: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren

Auch die installierte Software sollte immer in der aktuellsten Version vorliegen.
Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
  • Mit diesem kleinen Plugin-Check kannst du regelmässig diese Komponenten auf deren Aktualität überprüfen.
  • Achte auch darauf, dass alte, nicht mehr verwendete Versionen deinstalliert sind.
  • Optional: Das Programm Secunia Personal Software Inspector kann dich dabei unterstützen, stets die aktuellen Versionen sämtlicher installierter Software zu nutzen.

Sicherheits-Software

Eine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine infizierte Datei nicht erkennt).
Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
  • Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich Dir http://filepony.de/icon/kaspersky_antivir.pngKaspersky Antivirus oder http://filepony.de/icon/emsisoft_anti_malware.pngEmsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter).

    Bevorzugst du ein kostenloses Produkt, dann ist http://filepony.de/icon/avast_antivirus.pngAvast! Free Antivirus eine gute Alternative.
    Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von http://filepony.de/icon/malwarebytes_anti_malware.pngMalwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten.
  • Optional: Das Programm http://filepony.de/icon/sandboxie.pngSandboxie führt Anwendungen in einer isolierten Umgebung ("Sandkasten") aus, so dass keine Änderungen am System vorgenommen werden können. Wenn du deinen Browser darin startest, vermindert sich die Chance, dass beim Surfen eingefangene Malware sich dauerhaft im System festsetzen kann.
  • Optional: Browser-in-the-box kombiniert die virtuelle, isolierte Umgebung und die Sicherheit eines Linux Betriebssystems.

Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt.
Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
  • http://filepony.de/icon/noscript.png NoScript verhindert standardmässig das Ausführen von aktiven Inhalten (Java, JavaScript, Flash, ..) für sämtliche Websites. Du kannst selber nach dem Prinzip einer Whitelist festlegen, welchen Seiten du vertrauen und Scripts erlauben willst, auch temporär.
  • http://filepony.de/icon/adblock_firefox.pngAdblock Plus blockt die meisten Werbebanner weg. Solche Banner können nebst ihrer störenden Erscheinung auch als Infektionsherde fungieren.

(Un-)Sicheres Verhalten im Internet

Nebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.

Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.

  • Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher (und ein beliebter) Weg, um Malware zu verbreiten.
  • Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kannst du dir nie sicher sein, ob auch wirklich drin ist, was drauf steht.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe mit Vorsicht und lass dich nicht von irgendwie interessant erscheinenden Elementen zu einem vorschnellen Klick verleiten. Lass dich nicht von Popups täuschen, die aussehen wie System- oder Virenmeldungen.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst du von einem deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant oder skandalös tönt, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und du solltest nicht denselben Fehler machen.
  • Lass die Dateiendungen anzeigen, so dass du dich nicht täuschen lässt, wenn eine ausführbare Datei über ein doppelte Dateiendung kaschiert wird, z.B. Nacktfoto.jpg.exe.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen fürs Programm irrelevanten Ergänzungen.

Allgemeine Hinweise

Abschliessend noch ein paar grundsätzliche Bemerkungen:
  • Dein Benutzerkonto für den alltäglichen Gebrauch sollte nicht über Administratorenrechte verfügen. Nutze ein Konto mit eingeschränkten Rechten bzw. aktiviere die Benutzerkontensteuerung (UAC) auf der höchsten Stufe (Windows Vista/7/8 ).
  • Erstelle regelmässig Backups deiner Daten und Dokumente auf externen Datenträgern, bei wichtigen Dateien mindestens zweifach. Nicht nur ein Malwarebefall kann schmerzhaften Datenverlust nach sich ziehen sondern auch ein gewöhnlicher Festplattendefekt.
  • Die Autorun/Autoplay-Funktion stellt ein Risiko dar, denn sie ermöglicht es, dass beispielsweise beim Einstecken eines entsprechend infizierten USB-Sticks der Befall auf den Rechner überspringt. Überlege dir, ob du diese Funktion nicht besser deaktivieren möchtest.
  • Wähle deine Passwörter gemäss den gängigen Regeln, um besser gegen Brute-Force- und Wörterbuchattacken gewappnet zu sein. Benutze jedes deiner Passwörter nur einmal und ändere sie regelmässig.
  • Der Nutzen von Registry-Cleanern zur Performancesteigerung ist umstritten. Auf jeden Fall lässt sich damit grosser Schaden anrichten, wenn man nicht weiss, was man tut. Wir empfehlen deshalb, die Finger von der Registry zu lassen. Um von Zeit zu Zeit die temporären Dateien zu löschen, genügt TFC.

PhilMcDevil 24.04.2014 12:37
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-04-2014
Ran by Philip at 2014-04-24 13:19:45 Run:1
Running from C:\Users\Philip\Desktop\Ordner\Tools\Antivirus
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
S2 SystemStoreService; "C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe"  -displayname "System Store" -servicename "SystemStoreService" [X]
       
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key deleted successfully.
HKCR\CLSID\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key deleted successfully.
SystemStoreService => Service deleted successfully.

==== End of Fixlog ====

deeprybka 24.04.2014 12:42
Ok...noch Probleme oder Fragen?

PhilMcDevil 24.04.2014 12:47
Nein, alles geklärt :) Hier auch nochmal ein großes DANKE an dich ! :)

deeprybka 24.04.2014 12:50
OK! :)

Danke machs gut!


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:42 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19