Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Redirekt Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.10.2012, 09:30   #1
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



Hallo,
diese Redirect Viren sind ja echt hartnäckig!
Ich bekomme meinen überhaupt nicht weg, obwohl ich Malwarebytes Anti Malware und Hitman Pro installiert habe und laufen lasse.

Auch Spybot Search & Destroy, TDSSKiller schlagen nicht an.
Es gibt weitere Versuche von mir den Dreck zu finden und zu löschen.

Aufgrund vorheriger Forum-Tasks habe ich jetzt OTL und aswMBR als Administrator laufen lassen und poste sie hier in der Hoffnung, hier eine Lösung zu finden.

Vielen Dank für Eure Bemühungen.

Alt 12.10.2012, 16:35   #2
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



Oh Sorry,
Mein Betriebssystem ist natürlich Windows 7 (64Bit)
__________________


Alt 15.10.2012, 13:27   #3
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



Hier noch ein paar Informationen zum System:

Betriebssystemname Microsoft Windows 7 Ultimate
Version 6.1.7601 Service Pack 1 Build 7601
Zusätzliche Betriebssystembeschreibung Nicht verfügbar
Betriebssystemhersteller Microsoft Corporation
Systemname BOVN2012-OBEN
Systemhersteller Gigabyte Technology Co., Ltd.
Systemmodell P35-DS3
Systemtyp x64-basierter PC
Prozessor Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 2667 MHz, 2 Kern(e), 2 logische(r) Prozessor(en)
BIOS-Version/-Datum Award Software International, Inc. F14, 18.06.2009
SMBIOS-Version 2.4
Windows-Verzeichnis C:\Windows
Systemverzeichnis C:\Windows\system32
Startgerät \Device\HarddiskVolume5
Gebietsschema Deutschland
Hardwareabstraktionsebene Version = "6.1.7601.17514"
Benutzername Bovn2012-oben\Berni
Zeitzone Mitteleuropäische Sommerzeit
Installierter physikalischer Speicher (RAM) 8,00 GB
Gesamter realer Speicher 8,00 GB
Verfügbarer realer Speicher 5,85 GB
Gesamter virtueller Speicher 16,0 GB
Verfügbarer virtueller Speicher 13,1 GB
Größe der Auslagerungsdatei 8,00 GB
Auslagerungsdatei C:\pagefile.sys
__________________

Alt 15.10.2012, 15:11   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Redirekt Virus - Standard

Redirekt Virus



Ohne die Logs von Malwarebytes und Co wird das hier nichts.
Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.10.2012, 07:06   #5
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



Guten Morgen und vielen Dank dass sich einer meines Problemes angenommen hat.

Eigentlich hatte ich bis auf das MBAM Log alles bei gepackt (dachte ich?).
Ich hoffe, dass Ihr mit den folgenden Logs etwas anfangen könnt:


1. Malwarebyte:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (PRO) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.14.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Berni :: BOVN2012-OBEN [Administrator]

Schutz: Aktiviert

15.10.2012 22:57:49
mbam-log-2012-10-15 (22-57-49).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 729802
Laufzeit: 1 Stunde(n), 17 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

2. OTL -Logs:
OTL.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.10.2012 10:07:25 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Berni\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,03% Memory free
16,00 Gb Paging File | 13,75 Gb Available in Paging File | 85,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 58,03 Gb Free Space | 51,96% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 881,91 Gb Free Space | 94,68% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 276,60 Gb Free Space | 29,69% Space Free | Partition Type: NTFS
Drive F: | 244,14 Gb Total Space | 74,07 Gb Free Space | 30,34% Space Free | Partition Type: NTFS
Drive G: | 128,46 Gb Total Space | 27,56 Gb Free Space | 21,45% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOVN2012-OBEN | User Name: Berni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 17:20:25 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.10.10 17:04:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Berni\Desktop\OTL.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- D:\Programme (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.11 10:24:24 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012.06.13 15:23:30 | 003,540,992 | ---- | M] (sw4you, Siegfried Weckmann) -- C:\Program Files (x86)\Hardcopy\hardcopy.exe
PRC - [2012.04.20 07:59:04 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.04.20 07:59:02 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
PRC - [2012.01.19 11:06:50 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
PRC - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.04.08 08:50:36 | 001,406,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010.11.20 14:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\snmp.exe
PRC - [2009.10.08 14:12:06 | 000,049,152 | ---- | M] (Samsung) -- C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
PRC - [2009.10.05 13:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.03.25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.10 17:20:24 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- D:\Programme (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.08.30 10:39:42 | 000,374,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012.06.13 15:09:18 | 002,941,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDllS.dll
MOD - [2012.03.09 09:46:20 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDLL2_36_Win32.dll
MOD - [2012.01.19 11:06:50 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
MOD - [2012.01.07 10:54:16 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hardcopy_04.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010.12.21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2009.10.05 13:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe
MOD - [2009.03.04 16:03:58 | 002,191,437 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
MOD - [2009.03.03 14:24:44 | 000,327,753 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll
MOD - [2009.02.20 10:48:10 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
MOD - [2009.02.12 21:47:40 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
MOD - [2009.02.12 14:41:22 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
MOD - [2008.12.19 18:05:54 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
MOD - [2008.10.24 16:06:46 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
MOD - [2008.09.01 14:26:32 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
MOD - [2008.05.07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
MOD - [2008.03.25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
MOD - [2003.02.14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010.11.20 15:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.11 08:45:05 | 000,108,392 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Programme\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV - [2012.10.10 17:20:25 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.04.20 07:59:04 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)
SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)
SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme (x86)\Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.11.20 14:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.29 16:11:41 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.07.20 17:36:09 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2012.07.20 17:05:03 | 000,708,200 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV:64bit: - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (Magic Tune)
DRV - [2012.10.12 09:31:31 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.10.12 09:31:26 | 000,024,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.05.10 15:05:38 | 000,030,592 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Programme\HWiNFO64\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2011.06.02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2010.01.29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.04.01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F3 F5 05 15 37 45 CD 01  [binary data]
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110823&tt=270912_ctrl2_3912_8&babsrc=SP_ss&mntrId=206ce36c000000000000001a4d50d3c5
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE487
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F3 F5 05 15 37 45 CD 01  [binary data]
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE487
IE - HKU\S-1-5-21-879424078-1962978217-330297428-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.7.1.62
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.11 10:24:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.17 13:20:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: D:\Programme (x86)\Mozilla Firefox\components [2012.10.07 14:16:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: D:\Programme (x86)\Mozilla Firefox\plugins [2012.08.17 11:03:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\s04otwx7.default\extensions\extension@preispilot.com
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\s04otwx7.default\extensions\firejump@firejump.net
 
[2012.06.08 12:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Extensions
[2012.06.08 12:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.07.10 08:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\extensions
[2012.07.10 08:21:27 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\extensions\plugin@yontoo.com
[2012.06.15 13:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions
[2012.06.15 13:06:19 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.06.15 13:06:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.15 13:06:17 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\c5txultq.default - Original\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012.06.13 16:58:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\Backups\s04otwx7.default - Original\extensions
[2012.10.04 13:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\s04otwx7.default\extensions
[2012.10.04 13:29:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\s04otwx7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.27 09:43:39 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Berni\AppData\Roaming\mozilla\Firefox\Profiles\s04otwx7.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012.07.03 09:07:17 | 000,004,819 | ---- | M] () (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\s04otwx7.default\extensions\LX8CTlVhKKEeMCweV@kvThSnVBDi.com.xpi
[2012.10.04 13:29:17 | 000,057,702 | ---- | M] () (No name found) -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\s04otwx7.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi
[2011.11.17 19:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\Backups\c5txultq.default - Original\searchplugins\askcom.xml
[2012.04.24 13:49:24 | 000,002,389 | ---- | M] () -- C:\Users\Berni\AppData\Roaming\mozilla\firefox\profiles\Backups\c5txultq.default - Original\searchplugins\SearchTheWeb.xml
File not found (No name found) -- C:\USERS\BERNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\C5TXULTQ.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
 
O1 HOSTS File: ([2012.09.18 11:36:53 | 000,444,301 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15258 more lines...
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme (x86)\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme (x86)\Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\Toolbar\ShellBrowser: (no name) - {61628E2A-4FF9-4454-992D-D92A8CD27399} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-879424078-1962978217-330297428-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-879424078-1962978217-330297428-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MagicTuneEngine] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe ()
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AnySend Updater] C:\Program Files (x86)\AnySend\AnySendUpdater.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] D:\Programme (x86)\Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [MagicRotation] C:\Program Files (x86)\MagicRotation\MagicPvt.exe (Samsung Electronics, Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [Driver Mender] C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1001..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\Run: [videoppack] "C:\Users\Berni\AppData\Roaming\videoppack.exe" -autorun File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-879424078-1962978217-330297428-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme (x86)\Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme (x86)\Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme (x86)\Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programme (x86)\Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programme (x86)\Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1A7B0AA-A399-464F-BD84-285456E18B69}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme (x86)\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.12 09:11:59 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\02 Rechnerinfektionen
[2012.10.10 17:07:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Berni\Desktop\aswMBR.exe
[2012.10.10 17:07:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Berni\Desktop\OTL.exe
[2012.10.10 16:06:19 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 16:06:19 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 16:06:18 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 16:06:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 16:06:15 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 16:06:15 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 16:06:15 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 16:06:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 16:06:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 16:06:14 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 16:06:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 16:06:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 16:06:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 16:06:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 16:06:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 16:06:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 16:06:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 16:06:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 16:06:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 16:06:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 16:06:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 16:06:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 16:06:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 16:06:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 16:06:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 16:06:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 16:06:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 16:06:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 16:06:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 16:06:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 16:06:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 16:06:07 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 16:05:59 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 16:05:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.07 14:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.10.02 19:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoner
[2012.10.02 19:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phoner
[2012.10.01 09:53:08 | 000,024,104 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.09.29 16:13:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IO
[2012.09.29 15:42:11 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.09.29 14:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012.09.29 14:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012.09.29 14:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012.09.29 14:04:54 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Local\SlimWare Utilities Inc
[2012.09.29 13:59:26 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\Downloaded Installers
[2012.09.28 15:45:35 | 000,000,000 | ---D | C] -- C:\Users\Berni\Start Menu
[2012.09.28 15:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLVPlayer
[2012.09.28 03:00:57 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.28 03:00:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.28 03:00:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.28 03:00:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.28 03:00:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.28 03:00:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.28 03:00:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.28 03:00:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.28 03:00:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.28 03:00:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.28 03:00:54 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.28 03:00:54 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.28 03:00:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.28 03:00:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.28 03:00:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.27 09:26:05 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\Manuals
[2012.09.27 08:39:02 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.19 13:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagrand
[2012.09.19 13:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagrand
[2012.09.19 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\Opera
[2012.09.19 13:48:31 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\Windows\SysWow64\dhRichClient3.dll
[2012.09.19 13:48:28 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\OCS
[2012.09.19 13:48:27 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\DesktopIconForAmazon
[2012.09.19 13:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Electronics Ltd
[2012.09.19 13:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\MagicTune Premium
[2012.09.18 16:09:47 | 000,000,000 | ---D | C] -- C:\temp
[2012.09.18 16:09:02 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.09.18 16:09:02 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.09.18 16:09:02 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.09.18 16:09:02 | 018,229,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.09.18 16:09:02 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.09.18 16:09:02 | 015,291,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.09.18 16:09:02 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.09.18 16:09:02 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.09.18 16:09:02 | 007,397,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.09.18 16:09:02 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.09.18 16:09:02 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.09.18 16:09:02 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.09.18 16:09:02 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.09.18 16:09:02 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.09.18 16:09:02 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.09.18 16:08:16 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.09.18 09:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.09.18 09:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.09.18 09:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.09.14 10:55:44 | 000,000,000 | ---D | C] -- D:\Benutzer\Public\Documents\0 Otti
[2012.09.14 10:44:00 | 000,000,000 | ---D | C] -- C:\Users\Berni\AppData\Roaming\RealNetworks
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.12 10:10:43 | 000,034,593 | ---- | M] () -- C:\Windows\SysWow64\jcsball.dat
[2012.10.12 10:10:43 | 000,014,097 | ---- | M] () -- C:\Windows\SysWow64\jcsb.new
[2012.10.12 10:10:43 | 000,009,182 | ---- | M] () -- C:\Windows\SysWow64\jerror.dat
[2012.10.12 09:38:27 | 000,014,912 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:38:27 | 000,014,912 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:37:02 | 001,507,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.12 09:37:02 | 000,657,438 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.12 09:37:02 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.12 09:37:02 | 000,130,810 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.12 09:37:02 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.12 09:31:31 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012.10.12 09:31:31 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2012.10.12 09:31:26 | 000,024,104 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.10.12 09:31:12 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.12 09:30:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.12 09:30:56 | 1211,136,225 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.10.12 09:30:54 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.12 09:26:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.12 09:24:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2012.10.12 09:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.10 17:20:25 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.10 17:20:25 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.10 17:06:16 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Berni\Desktop\aswMBR.exe
[2012.10.10 17:04:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Berni\Desktop\OTL.exe
[2012.10.02 19:06:52 | 000,000,990 | ---- | M] () -- C:\Users\Berni\Desktop\Phoner.lnk
[2012.10.02 03:00:53 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.10.01 09:51:03 | 000,000,338 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2012.09.29 16:11:41 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012.09.29 14:16:05 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012.09.28 15:45:09 | 000,001,032 | ---- | M] () -- C:\Users\Berni\Desktop\FLV Player.lnk
[2012.09.21 08:14:55 | 000,441,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.09.19 13:48:28 | 000,001,458 | ---- | M] () -- C:\Users\Berni\Desktop\Amazon.lnk
[2012.09.19 13:48:07 | 000,001,647 | ---- | M] () -- C:\Users\Public\Desktop\MagicTunePremium.lnk
[2012.09.19 13:48:03 | 000,001,467 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk
[2012.09.18 11:36:53 | 000,444,301 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.09.18 10:26:43 | 000,000,523 | ---- | M] () -- C:\Windows\wininit.ini
[2012.09.18 09:32:57 | 000,001,269 | ---- | M] () -- C:\Users\Berni\Desktop\Spybot - Search & Destroy.lnk
[2012.09.17 13:29:51 | 000,001,934 | ---- | M] () -- C:\Users\Berni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
[2012.09.13 11:48:54 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.12 09:31:31 | 000,034,592 | ---- | C] () -- C:\Windows\SysWow64\jcsball.dat
[2012.10.12 09:31:31 | 000,014,097 | ---- | C] () -- C:\Windows\SysWow64\jcsb.new
[2012.10.12 09:31:31 | 000,009,182 | ---- | C] () -- C:\Windows\SysWow64\jerror.dat
[2012.10.07 14:17:02 | 000,000,829 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.10.02 19:06:52 | 000,000,990 | ---- | C] () -- C:\Users\Berni\Desktop\Phoner.lnk
[2012.10.01 09:51:03 | 000,000,338 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2012.09.29 14:16:05 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012.09.29 14:04:57 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012.09.28 15:45:09 | 000,001,032 | ---- | C] () -- C:\Users\Berni\Desktop\FLV Player.lnk
[2012.09.19 13:48:31 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.09.19 13:48:28 | 000,001,458 | ---- | C] () -- C:\Users\Berni\Desktop\Amazon.lnk
[2012.09.19 13:48:07 | 000,001,647 | ---- | C] () -- C:\Users\Public\Desktop\MagicTunePremium.lnk
[2012.09.19 13:48:03 | 000,001,467 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk
[2012.09.18 10:26:42 | 000,000,523 | ---- | C] () -- C:\Windows\wininit.ini
[2012.09.18 09:32:57 | 000,001,269 | ---- | C] () -- C:\Users\Berni\Desktop\Spybot - Search & Destroy.lnk
[2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.07.11 14:44:34 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.07.11 10:54:58 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.07.11 09:35:28 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.07.02 12:46:41 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.06.13 17:35:36 | 000,059,232 | ---- | C] () -- C:\Windows\SysWow64\CNC8100W.DAT
[2012.06.06 21:47:56 | 001,532,588 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.06 21:25:12 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.06.06 21:16:42 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\usetup.exe
[2012.06.06 21:15:40 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\CTray.exe
[2012.06.06 21:15:40 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\FlashDLL.dll
[2012.06.06 21:15:40 | 000,166,720 | ---- | C] () -- C:\Windows\SysWow64\DrvInfo.dll
[2012.06.06 21:15:40 | 000,154,432 | ---- | C] () -- C:\Windows\SysWow64\HwInfo.dll
[2012.06.06 21:15:40 | 000,146,240 | ---- | C] () -- C:\Windows\SysWow64\DTInfo.dll
[2012.06.06 21:15:40 | 000,133,952 | ---- | C] () -- C:\Windows\SysWow64\HWM.dll
[2012.06.06 21:15:40 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\SInfo.dll
[2012.06.06 21:15:40 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\Rcontrolagent.dll
[2012.06.06 21:15:40 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\CmosDLL.dll
[2012.06.06 21:15:40 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\MarkFunDrv.dll
[2012.06.06 21:15:40 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\Flash.dll
[2012.06.06 21:15:40 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\GMail.dll
[2012.06.06 21:15:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\RecvMsgDLL.dll
[2012.06.06 21:15:40 | 000,101,184 | ---- | C] () -- C:\Windows\SysWow64\COM_ycc.dll
[2012.06.06 21:15:40 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\ycc.dll
[2012.06.06 21:15:40 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\w83781d.dll
[2012.06.06 21:15:40 | 000,060,224 | ---- | C] () -- C:\Windows\SysWow64\HUADRV.DLL
[2012.06.06 21:15:40 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\FLASHFUN.DLL
[2012.06.06 21:15:40 | 000,047,936 | ---- | C] () -- C:\Windows\SysWow64\IOInfo.dll
[2012.06.06 21:15:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\GSCM2.dll
[2012.06.06 21:15:40 | 000,043,840 | ---- | C] () -- C:\Windows\SysWow64\SysConfig.dll
[2012.06.06 21:15:40 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\DeviceID.dll
[2012.06.06 21:15:40 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\GSCM.dll
[2012.06.06 21:15:40 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\HWAgent.dll
[2012.06.06 21:15:40 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\GCSVR.exe
[2012.06.06 21:15:40 | 000,004,303 | ---- | C] () -- C:\Windows\SysWow64\Mem.dat
[2012.06.06 21:15:40 | 000,000,660 | ---- | C] () -- C:\Windows\SysWow64\Cmos.dat
[2012.06.06 21:04:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---

[/code]

Extras.txt
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.10.2012 10:07:25 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Berni\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,03% Memory free
16,00 Gb Paging File | 13,75 Gb Available in Paging File | 85,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 58,03 Gb Free Space | 51,96% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 881,91 Gb Free Space | 94,68% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 276,60 Gb Free Space | 29,69% Space Free | Partition Type: NTFS
Drive F: | 244,14 Gb Total Space | 74,07 Gb Free Space | 30,34% Space Free | Partition Type: NTFS
Drive G: | 128,46 Gb Total Space | 27,56 Gb Free Space | 21,45% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOVN2012-OBEN | User Name: Berni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme (x86)\Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C43C5F0-6CB4-4A2B-A496-5E5A5AF4DD03}" = rport=445 | protocol=6 | dir=out | app=system | 
"{1A534434-30C5-4E14-B00B-A43D3DAAB2F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1F75D8E5-D4F4-4879-8B37-455CF727E46C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{29A411F9-CE5F-4892-BC59-9B1EC114BD95}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{300C384A-6C65-4464-B9BC-CB7316B90BF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3FCA7B9E-F67A-4C5F-B0F7-008EFE76B44B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4071D3CF-8B5A-4961-952C-398EA99932EA}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4527D26B-C800-4965-A19C-B0E668F611DC}" = lport=137 | protocol=17 | dir=in | app=system | 
"{463C7A37-FC0B-41B4-A397-87AF46B66F33}" = lport=138 | protocol=17 | dir=in | app=system | 
"{486B6F19-E0EA-40A0-BE7E-DB261D04F558}" = lport=445 | protocol=6 | dir=in | app=system | 
"{4B3BD6A5-EFF1-4F95-B836-B7B2A5F981B8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5095308D-E470-4C53-ACE0-A50472478376}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{57AD81F5-AEA6-4F92-ADBF-2C24C73CBAF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{5C97013A-928B-416C-BAEA-7880D7D491CA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5D473F0C-8E3F-4ED9-B5A2-F4AF9B4CAC07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{650B449B-C788-4890-8175-C58F3FB5B261}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{72967A5D-BEDB-479C-A8C9-AC3C5B9E091E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{7786CA26-CBA8-4338-9109-4061BE23BB54}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{826CAAB6-1459-428A-A3CC-A75C615C36F8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{8E8CB642-A98F-4600-8F5F-5F1478F22BB5}" = lport=6004 | protocol=17 | dir=in | app=d:\programme (x86)\office\office14\outlook.exe | 
"{923481CA-3081-4C89-A8FC-A91765287C34}" = rport=138 | protocol=17 | dir=out | app=system | 
"{935EA528-B1E7-4E2C-B849-8A95E777FE3A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9F2BD98D-90C9-4C12-AFA8-3359AD74B4A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A20F4608-BC08-4990-A344-118E89C9C2BF}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AD75469F-CABD-4669-82D8-ECFC6503778E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{AE9A4B56-8D99-4699-B524-3017D8E38C29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B343434A-11F7-443A-A827-734A590253DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B40F4258-1D62-48F5-AF3E-F74D89D2893C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B920C23E-42A3-4D52-AF55-3395FDE5EEDE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{D855A979-7907-44C5-96DE-28AE94824E11}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D92202B6-6142-4EBC-8247-FF9A42C020B0}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F82C941D-7A48-43CB-84B3-D17BC51C258B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11028737-6EBE-41C4-86C3-7064A57A92AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{15A8C9C4-4771-43AC-BC1D-B4B1292D74EE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1EAE78DA-F66C-44D4-9ABE-0858CC7E68B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{311910FA-E219-4DAA-B593-DE93A6E199C5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{3B087F19-0DA9-4872-A25C-889887E4A3B3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{41B18D73-5B7A-4877-A0FC-AB97F57A4DD8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4BAAA787-E443-486D-8ADD-5A2CF1217408}" = protocol=6 | dir=in | app=d:\programme (x86)\office\office14\onenote.exe | 
"{56432009-E092-4639-9440-CEA568B8FD04}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{58BA1864-1D8B-4019-959A-D7208B7B63C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5A6B492B-44C5-4241-AA40-6515EBE4CFE6}" = protocol=6 | dir=out | app=system | 
"{67FBAEBC-8AFA-43BF-A4C0-F5D174832D12}" = protocol=17 | dir=in | app=d:\programme (x86)\office\office14\groove.exe | 
"{70562AB4-83FF-4B08-80FC-42DECCD7F664}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{70B5F80C-3B31-4929-A98B-7C30AE922037}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7DA3730B-A8BB-45CE-B811-23364168CF7C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8A295C03-58FD-4CE6-9EB8-B84A8823EA10}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9DE20CDD-1A6F-414D-9F29-AD6C095A98FF}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe | 
"{9E54D5F1-6114-4CE9-8DFB-B2854819D557}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{ABB9BAE6-0645-4F0F-AA89-C45E4613DEE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{ADC32D6C-B5CB-4E61-BF1D-DAFACA3FE168}" = protocol=6 | dir=in | app=d:\programme (x86)\office\office14\groove.exe | 
"{BCBF8A70-46FB-4833-81CA-728867FE95D7}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe | 
"{BCE79934-7E99-4FC0-AAB3-FB0A31F2FA3D}" = protocol=17 | dir=in | app=d:\programme (x86)\office\office14\onenote.exe | 
"{D671A83B-EEA3-4AE6-B945-C3F892289360}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DB8F2711-FB40-4CFF-9B66-DA85F65CDC8B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E595DAEE-178B-4ECE-9778-D9CBB15F0D68}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E973E9DE-8B85-49EF-B3A7-579F62CBE9AF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{F55A32B5-5BE0-40DF-AA81-909A5B89030A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FE32C336-08C0-4FCD-AB6F-082934D1DB3F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{07DE188B-CCD9-464A-8C37-DE9712C61E55}D:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe | 
"TCP Query User{34551788-17A6-47C1-8CF5-42EDF169DDB3}D:\programme (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=d:\programme (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{5321CFE2-1326-4F78-B307-3E4491D47D72}C:\program files\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files\magictune premium\magictune.exe | 
"TCP Query User{6E0E31A6-6DB4-4B9A-B649-16E0363EE73C}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe | 
"TCP Query User{814C93B5-84E8-481B-ADCD-48BCA39F1FFE}C:\program files (x86)\phoner\phoner.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phoner\phoner.exe | 
"TCP Query User{AA4A8079-1FA4-4592-BDCE-9AE8197B1495}C:\windows\syswow64\recvmessage.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\recvmessage.exe | 
"TCP Query User{C04C03E3-C594-4757-A391-0330248A6276}C:\windows\syswow64\recvmessage.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\recvmessage.exe | 
"TCP Query User{C7146429-73C8-48B2-9819-5789B12CB58A}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"TCP Query User{F4A58817-9265-456A-9478-503C74BB29DB}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe | 
"UDP Query User{2F5B7E28-4D62-47CD-8666-2ABB687A70EC}C:\windows\syswow64\recvmessage.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\recvmessage.exe | 
"UDP Query User{3861CD2A-3890-4A01-9D7B-89F3CF15B982}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe | 
"UDP Query User{C1557251-B91E-46BF-A289-815286708310}C:\windows\syswow64\recvmessage.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\recvmessage.exe | 
"UDP Query User{D0FD8B1D-1246-4BCB-9505-1DDEA4ABC436}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{DC45D67B-CA56-4521-A2F7-C187A9326456}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe | 
"UDP Query User{E6E037F0-9D84-49BC-BFB4-5414301CC45E}C:\program files (x86)\phoner\phoner.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phoner\phoner.exe | 
"UDP Query User{E9C823FE-259B-4FFB-98A3-F994E6179BC8}C:\program files\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files\magictune premium\magictune.exe | 
"UDP Query User{EA509B37-59BC-4C23-BA6E-16CDF72CCB33}D:\programme (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=d:\programme (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{FF30972D-6EFC-41EB-9CFB-E121B474E946}D:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\benutzer\berni\downloads\jdownloader\jre\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1241CE77-0B65-40A0-B893-02EA49E35332}" = HP Officejet Pro 8600 - Grundlegende Software für das Gerät
"{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}" = Dolby Control Center
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4DF1691E-8012-4E7C-89CF-3F7B9146DA6E}" = Studie zur Verbesserung von HP Officejet Pro 8600 Produkten
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb" = Adobe Audition 3.0 Vista Compatibility
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DesktopIconAmazon" = Desktop Icon für Amazon
"FinePrint" = FinePrint
"HitmanPro36" = HitmanPro 3.6
"HWiNFO64_is1" = HWiNFO64 Version 4.00
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.0.2 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"sp6" = Logitech SetPoint 6.32
"VLC media player" = VLC media player 2.0.2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{0513E822-B785-4E9C-B8C0-4861F5A04D9F}" = capella reader 6.0
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08FB25AA-28D4-475E-883D-2376ED114C90}" = capella 7
"{0D8E6567-7082-48DB-A305-293873AC8B39}_is1" = Preispilot für Firefox
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{107DEB07-0D8C-4E2D-8DEA-1EFCD968F1F1}" = capella 2008
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15e13d3b-4b57-4f68-9ba4-5d86c0931833}" = Pixia
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25819AEA-328B-4F18-A53C-EAAAFFF0DBEF}" = EasyFit
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{30FD541D-3C9D-41C4-B240-A994EE4E0231}" = Adobe Audition CS6
"{31DBA23B-55DA-48F5-B5B4-A031B722F648}" = MagicRotation
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{36415915-0B92-4F82-A240-42D3C14304F0}" = Driver Mender
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B8.0717.01
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0304.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FE2F5A6-8DC6-41B9-84AE-9FB32BCF7C02}" = Natural Color Pro
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}" = Pixia
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.05
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}" = HP Officejet Pro 8600 Hilfe
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller
"{E76FCE6B-9999-4250-8C75-B2DA4AD41268}" = Face_Wizard B08.0908.01
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F308B531-AB20-4A79-8F5E-83071FE5BE60}" = Q-Share Ver.1.1
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"DivX Setup" = DivX-Setup
"DVD Audio Extractor_is1" = DVD Audio Extractor 6.3.0
"G.O.M" = G.O.M
"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)
"HP Photo Creations" = HP Photo Creations
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0304.1
"InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B08.1027.1
"IsoBuster_is1" = IsoBuster 3.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.9.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Phoner_is1" = Phoner 2.75
"RealPlayer 15.0" = RealPlayer
"TomTom HOME" = TomTom HOME 2.8.4.2596
"UltraISO_is1" = UltraISO Premium V9.52
"VLC media player" = VLC media player 2.0.2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-879424078-1962978217-330297428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FLV Player" = FLV Player
"Video Converter" = Video Converter
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-879424078-1962978217-330297428-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Video Converter" = Video Converter
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 01.10.2012 18:20:21 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 02.10.2012 13:35:42 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 03.10.2012 08:21:27 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 04.10.2012 03:12:26 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 06.10.2012 08:00:36 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 07.10.2012 08:45:09 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 08.10.2012 16:04:06 | Computer Name = Bovn2012-oben | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 08.10.2012 16:27:54 | Computer Name = Bovn2012-oben | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DivX Plus Player.exe, Version: 10.3.3.16,
 Zeitstempel: 0x50180d3e  Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.5.0.0,
 Zeitstempel: 0x49a6280b  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000e1b16  ID des fehlerhaften
 Prozesses: 0xe08  Startzeit der fehlerhaften Anwendung: 0x01cda5932a0830bd  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus 
Player.exe  Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\DivX
 Shared\Qt4.5\QtCore4.dll  Berichtskennung: a336912b-1186-11e2-bec6-001a4d50d3c5
 
Error - 08.10.2012 16:45:56 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 10.10.2012 10:56:28 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 11.10.2012 05:37:12 | Computer Name = Bovn2012-oben | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 11.10.2012 02:44:50 | Computer Name = Bovn2012-oben | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
 ist ein Fehler aufgetreten.
 
Error - 11.10.2012 02:44:49 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   MagicTune
 
Error - 11.10.2012 05:45:03 | Computer Name = Bovn2012-oben | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
 Firmware verfügbar ist.
 
Error - 12.10.2012 02:50:59 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7034
Description = Dienst "Google Update Service (gupdate)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 12.10.2012 02:51:29 | Computer Name = Bovn2012-oben | Source = DCOM | ID = 10010
Description = 
 
Error - 12.10.2012 03:30:58 | Computer Name = Bovn2012-oben | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?12.?10.?2012 um 09:29:52 unerwartet heruntergefahren.
 
Error - 12.10.2012 03:30:59 | Computer Name = Bovn2012-oben | Source = BugCheck | ID = 1001
Description = 
 
Error - 12.10.2012 03:31:01 | Computer Name = Bovn2012-oben | Source = SNMP | ID = 16713180
Description = Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
 ist ein Fehler aufgetreten.
 
Error - 12.10.2012 03:31:08 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   MagicTune
 
Error - 12.10.2012 03:35:25 | Computer Name = Bovn2012-oben | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde nicht
 richtig gestartet.
 
 
< End of report >
         
--- --- ---


Mit freundlichem Gruß aus der Wesermarsch
Bernhard Bahr


Alt 16.10.2012, 07:11   #6
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



aswMBR:
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-12 08:52:45
-----------------------------
08:52:45.309    OS Version: Windows x64 6.1.7601 Service Pack 1
08:52:45.309    Number of processors: 2 586 0xF0B
08:52:45.309    ComputerName: BOVN2012-OBEN  UserName: Berni
08:52:45.590    Initialize success
08:53:40.490    AVAST engine defs: 12101101
08:57:14.079    Disk 0  \Device\Harddisk0\DR0 -> \Device\Scsi\JRAID1Port0Path0Target0Lun0
08:57:14.095    Disk 0 Vendor: WDC_____ 150. Size: 953869MB BusType: 8
08:57:14.095    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
08:57:14.095    Disk 1 Vendor: SAMSUNG_HD403LJ CT100-10 Size: 381553MB BusType: 3
08:57:14.095    Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
08:57:14.095    Disk 2 Vendor: Corsair_Force_3_SSD 1.3.3 Size: 114473MB BusType: 3
08:57:14.110    Disk 3  \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP1T0L0-1
08:57:14.110    Disk 3 Vendor:   Size: 114473MB BusType: 0
08:57:14.110    Disk 2 MBR read successfully
08:57:14.110    Disk 2 MBR scan
08:57:14.126    Disk 2 Windows 7 default MBR code
08:57:14.126    Disk 2 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
08:57:14.157    Disk 2 Partition 2 00     07    HPFS/NTFS NTFS       114371 MB offset 206848
08:57:14.204    Disk 2 scanning C:\Windows\system32\drivers
08:57:20.163    Service scanning
08:57:38.897    Modules scanning
08:57:38.897    Disk 2 trace - called modules:
08:57:38.907    
08:57:39.277    AVAST engine scan C:\Windows
08:57:40.927    AVAST engine scan C:\Windows\system32
09:00:03.686    AVAST engine scan C:\Windows\system32\drivers
09:00:11.127    AVAST engine scan C:\Users\Berni
09:05:11.311    AVAST engine scan C:\ProgramData
09:05:51.418    Scan finished successfully
09:12:57.626    Disk 2 MBR has been saved successfully to "D:\Benutzer\Public\Documents\02 Rechnerinfektionen\2012-10-12\MBR.dat"
09:12:57.898    The log file has been saved successfully to "D:\Benutzer\Public\Documents\02 Rechnerinfektionen\2012-10-12\aswMBR.log"
         

TDDSKiller (Teil 1):
Code:
ATTFilter
14:58:28.0341 3656  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
14:58:28.0590 3656  ============================================================
14:58:28.0590 3656  Current date / time: 2012/10/07 14:58:28.0590
14:58:28.0590 3656  SystemInfo:
14:58:28.0590 3656  
14:58:28.0590 3656  OS Version: 6.1.7601 ServicePack: 1.0
14:58:28.0590 3656  Product type: Workstation
14:58:28.0590 3656  ComputerName: BOVN2012-OBEN
14:58:28.0590 3656  UserName: Berni
14:58:28.0590 3656  Windows directory: C:\Windows
14:58:28.0590 3656  System windows directory: C:\Windows
14:58:28.0590 3656  Running under WOW64
14:58:28.0590 3656  Processor architecture: Intel x64
14:58:28.0590 3656  Number of processors: 2
14:58:28.0590 3656  Page size: 0x1000
14:58:28.0590 3656  Boot type: Normal boot
14:58:28.0590 3656  ============================================================
14:58:29.0277 3656  BG loaded
14:58:29.0464 3656  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
14:58:29.0464 3656  Drive \Device\Harddisk1\DR1 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:58:29.0479 3656  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:58:29.0479 3656  Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:58:29.0495 3656  ============================================================
14:58:29.0495 3656  \Device\Harddisk0\DR0:
14:58:29.0495 3656  MBR partitions:
14:58:29.0495 3656  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
14:58:29.0495 3656  \Device\Harddisk1\DR1:
14:58:29.0495 3656  MBR partitions:
14:58:29.0495 3656  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E849D80
14:58:29.0495 3656  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E849DFE, BlocksNum 0x100EA002
14:58:29.0495 3656  \Device\Harddisk3\DR3:
14:58:29.0495 3656  MBR partitions:
14:58:29.0495 3656  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
14:58:29.0495 3656  \Device\Harddisk2\DR2:
14:58:29.0495 3656  MBR partitions:
14:58:29.0495 3656  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:58:29.0495 3656  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
14:58:29.0495 3656  ============================================================
14:58:29.0495 3656  C: <-> \Device\Harddisk2\DR2\Partition2
14:58:29.0511 3656  D: <-> \Device\Harddisk0\DR0\Partition1
14:58:29.0511 3656  E: <-> \Device\Harddisk3\DR3\Partition1
14:58:29.0526 3656  F: <-> \Device\Harddisk1\DR1\Partition1
14:58:29.0526 3656  G: <-> \Device\Harddisk1\DR1\Partition2
14:58:29.0526 3656  ============================================================
14:58:29.0526 3656  Initialize success
14:58:29.0526 3656  ============================================================
14:58:38.0773 1480  ============================================================
14:58:38.0773 1480  Scan started
14:58:38.0773 1480  Mode: Manual; SigCheck; TDLFS; 
14:58:38.0773 1480  ============================================================
14:58:39.0662 1480  ================ Scan system memory ========================
14:58:39.0662 1480  System memory - ok
14:58:39.0662 1480  ================ Scan services =============================
14:58:39.0709 1480  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:58:39.0912 1480  1394ohci - ok
14:58:39.0990 1480  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:58:40.0005 1480  ACPI - ok
14:58:40.0005 1480  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:58:40.0115 1480  AcpiPmi - ok
14:58:40.0146 1480  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:58:40.0161 1480  AdobeARMservice - ok
14:58:40.0239 1480  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:58:40.0271 1480  AdobeFlashPlayerUpdateSvc - ok
14:58:40.0317 1480  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:58:40.0349 1480  adp94xx - ok
14:58:40.0364 1480  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:58:40.0411 1480  adpahci - ok
14:58:40.0427 1480  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:58:40.0520 1480  adpu320 - ok
14:58:40.0567 1480  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:58:41.0097 1480  AeLookupSvc - ok
14:58:41.0160 1480  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:58:41.0331 1480  AFD - ok
14:58:41.0347 1480  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:58:41.0394 1480  agp440 - ok
14:58:41.0394 1480  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:58:41.0581 1480  ALG - ok
14:58:41.0628 1480  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:58:41.0643 1480  aliide - ok
14:58:41.0643 1480  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:58:41.0659 1480  amdide - ok
14:58:41.0675 1480  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:58:42.0049 1480  AmdK8 - ok
14:58:42.0049 1480  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:58:42.0408 1480  AmdPPM - ok
14:58:42.0408 1480  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:58:42.0486 1480  amdsata - ok
14:58:42.0642 1480  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:58:42.0673 1480  amdsbs - ok
14:58:42.0673 1480  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:58:42.0689 1480  amdxata - ok
14:58:42.0689 1480  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:58:43.0297 1480  AppID - ok
14:58:43.0313 1480  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:58:43.0656 1480  AppIDSvc - ok
14:58:43.0656 1480  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:58:44.0249 1480  Appinfo - ok
14:58:44.0249 1480  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:58:44.0420 1480  AppMgmt - ok
14:58:44.0436 1480  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:58:44.0451 1480  arc - ok
14:58:44.0451 1480  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:58:44.0467 1480  arcsas - ok
14:58:44.0467 1480  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:58:44.0685 1480  AsyncMac - ok
14:58:44.0701 1480  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:58:44.0701 1480  atapi - ok
14:58:44.0717 1480  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:58:45.0013 1480  AudioEndpointBuilder - ok
14:58:45.0013 1480  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:58:45.0075 1480  AudioSrv - ok
14:58:45.0091 1480  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:58:45.0231 1480  AxInstSV - ok
14:58:45.0247 1480  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:58:45.0325 1480  b06bdrv - ok
14:58:45.0341 1480  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:58:45.0434 1480  b57nd60a - ok
14:58:45.0450 1480  [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
14:58:45.0465 1480  BBSvc - ok
14:58:45.0465 1480  [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
14:58:45.0481 1480  BBUpdate - ok
14:58:45.0481 1480  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:58:45.0621 1480  BDESVC - ok
14:58:45.0621 1480  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:58:45.0699 1480  Beep - ok
14:58:45.0715 1480  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:58:45.0824 1480  BFE - ok
14:58:45.0840 1480  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:58:45.0902 1480  BITS - ok
14:58:45.0902 1480  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:58:45.0949 1480  blbdrive - ok
14:58:45.0949 1480  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:58:45.0980 1480  bowser - ok
14:58:45.0980 1480  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:58:46.0121 1480  BrFiltLo - ok
14:58:46.0121 1480  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:58:46.0183 1480  BrFiltUp - ok
14:58:46.0183 1480  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:58:46.0292 1480  Browser - ok
14:58:46.0292 1480  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:58:46.0417 1480  Brserid - ok
14:58:46.0417 1480  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:58:46.0448 1480  BrSerWdm - ok
14:58:46.0464 1480  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:58:46.0479 1480  BrUsbMdm - ok
14:58:46.0495 1480  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:58:46.0495 1480  BrUsbSer - ok
14:58:46.0511 1480  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:58:46.0526 1480  BTHMODEM - ok
14:58:46.0526 1480  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:58:46.0557 1480  bthserv - ok
14:58:46.0573 1480  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:58:46.0604 1480  cdfs - ok
14:58:46.0604 1480  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:58:46.0620 1480  cdrom - ok
14:58:46.0635 1480  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:58:46.0682 1480  CertPropSvc - ok
14:58:46.0682 1480  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:58:46.0713 1480  circlass - ok
14:58:46.0713 1480  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:58:46.0729 1480  CLFS - ok
14:58:46.0745 1480  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:58:46.0776 1480  clr_optimization_v2.0.50727_32 - ok
14:58:46.0776 1480  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:58:46.0791 1480  clr_optimization_v2.0.50727_64 - ok
14:58:46.0791 1480  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:58:46.0807 1480  clr_optimization_v4.0.30319_32 - ok
14:58:46.0823 1480  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:58:46.0838 1480  clr_optimization_v4.0.30319_64 - ok
14:58:46.0854 1480  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:58:46.0901 1480  CmBatt - ok
14:58:46.0901 1480  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:58:46.0916 1480  cmdide - ok
14:58:46.0932 1480  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:58:46.0963 1480  CNG - ok
14:58:46.0963 1480  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:58:46.0979 1480  Compbatt - ok
14:58:46.0994 1480  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:58:47.0025 1480  CompositeBus - ok
14:58:47.0041 1480  COMSysApp - ok
14:58:47.0041 1480  [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
14:58:47.0057 1480  cpudrv64 - ok
14:58:47.0057 1480  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:58:47.0072 1480  crcdisk - ok
14:58:47.0088 1480  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:58:47.0103 1480  CryptSvc - ok
14:58:47.0103 1480  CrystalSysInfo - ok
14:58:47.0119 1480  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
14:58:47.0166 1480  CSC - ok
14:58:47.0181 1480  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
14:58:47.0197 1480  CscService - ok
14:58:47.0228 1480  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:58:47.0259 1480  DcomLaunch - ok
14:58:47.0275 1480  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:58:47.0306 1480  defragsvc - ok
14:58:47.0322 1480  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:58:47.0353 1480  DfsC - ok
14:58:47.0369 1480  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:58:47.0400 1480  Dhcp - ok
14:58:47.0400 1480  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:58:47.0447 1480  discache - ok
14:58:47.0447 1480  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:58:47.0462 1480  Disk - ok
14:58:47.0478 1480  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:58:47.0493 1480  Dnscache - ok
14:58:47.0493 1480  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:58:47.0556 1480  dot3svc - ok
14:58:47.0556 1480  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:58:47.0727 1480  DPS - ok
14:58:47.0759 1480  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:58:47.0790 1480  drmkaud - ok
14:58:47.0805 1480  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:58:47.0837 1480  DXGKrnl - ok
14:58:47.0837 1480  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:58:47.0883 1480  EapHost - ok
14:58:47.0930 1480  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:58:48.0008 1480  ebdrv - ok
14:58:48.0008 1480  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:58:48.0086 1480  EFS - ok
14:58:48.0102 1480  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:58:48.0149 1480  ehRecvr - ok
14:58:48.0149 1480  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:58:48.0164 1480  ehSched - ok
14:58:48.0180 1480  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:58:48.0195 1480  elxstor - ok
14:58:48.0211 1480  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:58:48.0242 1480  ErrDev - ok
14:58:48.0258 1480  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:58:48.0289 1480  EventSystem - ok
14:58:48.0289 1480  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:58:48.0336 1480  exfat - ok
14:58:48.0336 1480  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:58:48.0445 1480  fastfat - ok
14:58:48.0445 1480  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:58:48.0523 1480  Fax - ok
14:58:48.0539 1480  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:58:48.0554 1480  fdc - ok
14:58:48.0554 1480  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:58:48.0601 1480  fdPHost - ok
14:58:48.0601 1480  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:58:48.0648 1480  FDResPub - ok
14:58:48.0663 1480  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:58:48.0679 1480  FileInfo - ok
14:58:48.0679 1480  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:58:48.0757 1480  Filetrace - ok
14:58:48.0773 1480  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:58:48.0788 1480  flpydisk - ok
14:58:48.0788 1480  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:58:48.0804 1480  FltMgr - ok
14:58:48.0819 1480  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
14:58:48.0851 1480  FontCache - ok
14:58:48.0851 1480  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:58:48.0866 1480  FontCache3.0.0.0 - ok
14:58:48.0866 1480  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:58:48.0882 1480  FsDepends - ok
14:58:48.0913 1480  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:58:48.0929 1480  Fs_Rec - ok
14:58:48.0929 1480  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:58:48.0944 1480  fvevol - ok
14:58:48.0960 1480  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:58:48.0960 1480  gagp30kx - ok
14:58:48.0975 1480  [ 6275303610285B57361F03A375062FBA ] gdrv            C:\Windows\gdrv.sys
14:58:48.0975 1480  gdrv - ok
14:58:48.0991 1480  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:58:49.0022 1480  gpsvc - ok
14:58:49.0038 1480  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:49.0053 1480  gupdate - ok
14:58:49.0053 1480  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:49.0069 1480  gupdatem - ok
14:58:49.0069 1480  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:58:49.0085 1480  gusvc - ok
14:58:49.0085 1480  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys
14:58:49.0100 1480  GVTDrv64 - ok
14:58:49.0100 1480  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:58:49.0116 1480  hcw85cir - ok
14:58:49.0131 1480  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:58:49.0147 1480  HdAudAddService - ok
14:58:49.0163 1480  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:58:49.0178 1480  HDAudBus - ok
14:58:49.0178 1480  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:58:49.0194 1480  HidBatt - ok
14:58:49.0209 1480  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:58:49.0241 1480  HidBth - ok
14:58:49.0241 1480  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:58:49.0272 1480  HidIr - ok
14:58:49.0272 1480  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:58:49.0319 1480  hidserv - ok
14:58:49.0319 1480  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:58:49.0334 1480  HidUsb - ok
14:58:49.0350 1480  [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36     C:\Windows\system32\drivers\hitmanpro36.sys
14:58:49.0365 1480  hitmanpro36 - ok
14:58:49.0365 1480  [ 0926C3B5CBF64C88F432FF449B211807 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
14:58:49.0381 1480  HitmanProScheduler - ok
14:58:49.0397 1480  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:58:49.0443 1480  hkmsvc - ok
14:58:49.0443 1480  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:58:49.0459 1480  HomeGroupListener - ok
14:58:49.0475 1480  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:58:49.0490 1480  HomeGroupProvider - ok
14:58:49.0490 1480  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:58:49.0506 1480  HpSAMD - ok
14:58:49.0506 1480  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:58:49.0553 1480  HTTP - ok
14:58:49.0553 1480  [ F78FF50C486D530504B7D2BB36B1ED22 ] HWiNFO32        C:\Program Files\HWiNFO64\HWiNFO64A.SYS
14:58:49.0568 1480  HWiNFO32 - ok
14:58:49.0568 1480  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:58:49.0584 1480  hwpolicy - ok
14:58:49.0584 1480  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:58:49.0599 1480  i8042prt - ok
14:58:49.0615 1480  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:58:49.0631 1480  iaStorV - ok
14:58:49.0646 1480  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:58:49.0677 1480  idsvc - ok
14:58:49.0677 1480  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:58:49.0693 1480  iirsp - ok
14:58:49.0693 1480  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:58:49.0740 1480  IKEEXT - ok
14:58:49.0802 1480  [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:58:49.0849 1480  IntcAzAudAddService - ok
14:58:49.0865 1480  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:58:49.0880 1480  intelide - ok
14:58:49.0880 1480  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:58:49.0896 1480  intelppm - ok
14:58:49.0911 1480  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:58:49.0974 1480  IPBusEnum - ok
14:58:49.0974 1480  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:58:50.0021 1480  IpFilterDriver - ok
14:58:50.0021 1480  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:58:50.0067 1480  iphlpsvc - ok
14:58:50.0067 1480  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:58:50.0099 1480  IPMIDRV - ok
14:58:50.0099 1480  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:58:50.0145 1480  IPNAT - ok
14:58:50.0145 1480  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:58:50.0192 1480  IRENUM - ok
14:58:50.0208 1480  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:58:50.0223 1480  isapnp - ok
14:58:50.0223 1480  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:58:50.0239 1480  iScsiPrt - ok
14:58:50.0255 1480  [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive        D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys
14:58:50.0255 1480  ISODrive - ok
14:58:50.0270 1480  [ C0D9BA660A41EE8A269EF804E6CD0D7B ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
14:58:50.0270 1480  JRAID - ok
14:58:50.0286 1480  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:58:50.0286 1480  kbdclass - ok
14:58:50.0301 1480  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:58:50.0301 1480  kbdhid - ok
14:58:50.0317 1480  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:58:50.0333 1480  KeyIso - ok
14:58:50.0333 1480  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:58:50.0348 1480  KSecDD - ok
14:58:50.0348 1480  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:58:50.0364 1480  KSecPkg - ok
14:58:50.0364 1480  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:58:50.0395 1480  ksthunk - ok
14:58:50.0411 1480  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:58:50.0442 1480  KtmRm - ok
14:58:50.0457 1480  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:58:50.0489 1480  LanmanServer - ok
14:58:50.0489 1480  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:58:50.0520 1480  LanmanWorkstation - ok
14:58:50.0535 1480  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:58:50.0551 1480  LBTServ - ok
14:58:50.0551 1480  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:58:50.0567 1480  LHidFilt - ok
14:58:50.0567 1480  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:58:50.0598 1480  lltdio - ok
14:58:50.0613 1480  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:58:50.0645 1480  lltdsvc - ok
14:58:50.0645 1480  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:58:50.0676 1480  lmhosts - ok
14:58:50.0691 1480  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:58:50.0691 1480  LMouFilt - ok
14:58:50.0707 1480  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:58:50.0723 1480  LSI_FC - ok
14:58:50.0723 1480  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:58:50.0738 1480  LSI_SAS - ok
14:58:50.0754 1480  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:58:50.0754 1480  LSI_SAS2 - ok
14:58:50.0769 1480  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:58:50.0785 1480  LSI_SCSI - ok
14:58:50.0785 1480  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:58:50.0816 1480  luafv - ok
14:58:50.0816 1480  [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] Magic Tune      C:\Windows\system32\Drivers\MtiCtwl.sys
14:58:50.0832 1480  Magic Tune - ok
14:58:50.0832 1480  [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] MagicTune       C:\Windows\system32\drivers\MTiCtwl.sys
14:58:50.0832 1480  MagicTune - ok
14:58:50.0847 1480  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:58:50.0847 1480  MBAMProtector - ok
14:58:50.0863 1480  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:58:50.0879 1480  MBAMScheduler - ok
14:58:50.0879 1480  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:58:50.0910 1480  MBAMService - ok
14:58:50.0910 1480  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:58:50.0925 1480  Mcx2Svc - ok
14:58:50.0925 1480  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:58:50.0941 1480  megasas - ok
14:58:50.0957 1480  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:58:50.0957 1480  MegaSR - ok
14:58:50.0972 1480  Microsoft SharePoint Workspace Audit Service - ok
14:58:50.0972 1480  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:58:51.0003 1480  MMCSS - ok
14:58:51.0019 1480  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:58:51.0050 1480  Modem - ok
14:58:51.0050 1480  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:58:51.0066 1480  monitor - ok
14:58:51.0081 1480  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:58:51.0081 1480  mouclass - ok
14:58:51.0097 1480  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:58:51.0097 1480  mouhid - ok
14:58:51.0113 1480  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:58:51.0113 1480  mountmgr - ok
14:58:51.0128 1480  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:58:51.0128 1480  MozillaMaintenance - ok
14:58:51.0144 1480  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:58:51.0159 1480  MpFilter - ok
14:58:51.0159 1480  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:58:51.0175 1480  mpio - ok
14:58:51.0175 1480  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:58:51.0206 1480  mpsdrv - ok
14:58:51.0222 1480  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:58:51.0253 1480  MpsSvc - ok
14:58:51.0269 1480  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:58:51.0284 1480  MRxDAV - ok
14:58:51.0284 1480  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:58:51.0300 1480  mrxsmb - ok
14:58:51.0315 1480  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:58:51.0315 1480  mrxsmb10 - ok
14:58:51.0331 1480  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:58:51.0331 1480  mrxsmb20 - ok
14:58:51.0347 1480  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:58:51.0347 1480  msahci - ok
14:58:51.0362 1480  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:58:51.0378 1480  msdsm - ok
14:58:51.0378 1480  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:58:51.0393 1480  MSDTC - ok
14:58:51.0393 1480  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:58:51.0425 1480  Msfs - ok
14:58:51.0440 1480  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:58:51.0471 1480  mshidkmdf - ok
14:58:51.0471 1480  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:58:51.0518 1480  msisadrv - ok
14:58:51.0534 1480  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:58:51.0565 1480  MSiSCSI - ok
14:58:51.0565 1480  msiserver - ok
14:58:51.0581 1480  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:58:51.0612 1480  MSKSSRV - ok
14:58:51.0612 1480  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:58:51.0627 1480  MsMpSvc - ok
14:58:51.0627 1480  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:58:51.0659 1480  MSPCLOCK - ok
14:58:51.0674 1480  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:58:51.0705 1480  MSPQM - ok
14:58:51.0705 1480  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:58:51.0721 1480  MsRPC - ok
14:58:51.0737 1480  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:58:51.0737 1480  mssmbios - ok
14:58:51.0752 1480  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:58:51.0783 1480  MSTEE - ok
14:58:51.0783 1480  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:58:51.0799 1480  MTConfig - ok
14:58:51.0799 1480  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:58:51.0815 1480  Mup - ok
14:58:51.0815 1480  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:58:51.0846 1480  napagent - ok
14:58:51.0861 1480  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:58:51.0877 1480  NativeWifiP - ok
14:58:51.0893 1480  [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
14:58:51.0908 1480  NAUpdate - ok
14:58:51.0924 1480  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:58:51.0939 1480  NDIS - ok
14:58:51.0955 1480  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:58:51.0986 1480  NdisCap - ok
14:58:51.0986 1480  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:58:52.0017 1480  NdisTapi - ok
14:58:52.0017 1480  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:58:52.0049 1480  Ndisuio - ok
14:58:52.0064 1480  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:58:52.0095 1480  NdisWan - ok
14:58:52.0095 1480  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:58:52.0127 1480  NDProxy - ok
14:58:52.0127 1480  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:58:52.0158 1480  NetBIOS - ok
14:58:52.0158 1480  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:58:52.0189 1480  NetBT - ok
14:58:52.0205 1480  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:58:52.0205 1480  Netlogon - ok
14:58:52.0220 1480  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:58:52.0251 1480  Netman - ok
14:58:52.0251 1480  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:58:52.0298 1480  netprofm - ok
14:58:52.0298 1480  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:58:52.0314 1480  NetTcpPortSharing - ok
14:58:52.0314 1480  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:58:52.0329 1480  nfrd960 - ok
14:58:52.0329 1480  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:58:52.0345 1480  NisDrv - ok
14:58:52.0361 1480  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
14:58:52.0376 1480  NisSrv - ok
14:58:52.0392 1480  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:58:52.0423 1480  NlaSvc - ok
14:58:52.0423 1480  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:58:52.0454 1480  Npfs - ok
14:58:52.0454 1480  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:58:52.0485 1480  nsi - ok
14:58:52.0501 1480  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:58:52.0532 1480  nsiproxy - ok
14:58:52.0548 1480  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:58:52.0595 1480  Ntfs - ok
14:58:52.0595 1480  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:58:52.0641 1480  Null - ok
14:58:53.0094 1480  [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:58:53.0297 1480  nvlddmkm - ok
14:58:53.0297 1480  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:58:53.0312 1480  nvraid - ok
14:58:53.0312 1480  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:58:53.0343 1480  nvstor - ok
14:58:53.0375 1480  [ 43F91595049DE14C4B61D1E76436164F ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:58:53.0390 1480  nvsvc - ok
14:58:53.0421 1480  [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:58:53.0453 1480  nvUpdatusService - ok
14:58:53.0468 1480  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:58:53.0484 1480  nv_agp - ok
14:58:53.0484 1480  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:58:53.0499 1480  ohci1394 - ok
14:58:53.0515 1480  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:58:53.0515 1480  ose - ok
14:58:53.0593 1480  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:58:53.0687 1480  osppsvc - ok
14:58:53.0702 1480  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:58:53.0702 1480  p2pimsvc - ok
14:58:53.0718 1480  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:58:53.0733 1480  p2psvc - ok
14:58:53.0733 1480  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:58:53.0765 1480  Parport - ok
14:58:53.0765 1480  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:58:53.0780 1480  partmgr - ok
14:58:53.0780 1480  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:58:53.0796 1480  PcaSvc - ok
14:58:53.0796 1480  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:58:53.0811 1480  pci - ok
14:58:53.0827 1480  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:58:53.0827 1480  pciide - ok
14:58:53.0843 1480  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:58:53.0843 1480  pcmcia - ok
14:58:53.0858 1480  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:58:53.0858 1480  pcw - ok
14:58:53.0874 1480  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:58:53.0905 1480  PEAUTH - ok
14:58:53.0921 1480  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:58:53.0952 1480  PeerDistSvc - ok
14:58:53.0983 1480  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:58:53.0999 1480  PerfHost - ok
14:58:53.0999 1480  pfc - ok
14:58:54.0030 1480  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:58:54.0061 1480  pla - ok
14:58:54.0077 1480  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:58:54.0092 1480  PlugPlay - ok
14:58:54.0092 1480  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:58:54.0108 1480  PNRPAutoReg - ok
14:58:54.0108 1480  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:58:54.0123 1480  PNRPsvc - ok
14:58:54.0139 1480  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:58:54.0170 1480  PolicyAgent - ok
14:58:54.0186 1480  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:58:54.0217 1480  Power - ok
14:58:54.0217 1480  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:58:54.0264 1480  PptpMiniport - ok
14:58:54.0264 1480  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:58:54.0279 1480  Processor - ok
14:58:54.0279 1480  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:58:54.0295 1480  ProfSvc - ok
14:58:54.0311 1480  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:58:54.0311 1480  ProtectedStorage - ok
14:58:54.0326 1480  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:58:54.0342 1480  Psched - ok
14:58:54.0357 1480  [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:58:54.0357 1480  PxHlpa64 - ok
14:58:54.0389 1480  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:58:54.0420 1480  ql2300 - ok
14:58:54.0420 1480  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:58:54.0435 1480  ql40xx - ok
14:58:54.0435 1480  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:58:54.0451 1480  QWAVE - ok
14:58:54.0467 1480  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:58:54.0482 1480  QWAVEdrv - ok
14:58:54.0482 1480  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:58:54.0513 1480  RasAcd - ok
14:58:54.0513 1480  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:58:54.0545 1480  RasAgileVpn - ok
14:58:54.0545 1480  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:58:54.0576 1480  RasAuto - ok
14:58:54.0591 1480  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:58:54.0607 1480  Rasl2tp - ok
14:58:54.0623 1480  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:58:54.0654 1480  RasMan - ok
14:58:54.0669 1480  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:58:54.0701 1480  RasPppoe - ok
14:58:54.0701 1480  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:58:54.0732 1480  RasSstp - ok
14:58:54.0732 1480  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:58:54.0763 1480  rdbss - ok
14:58:54.0779 1480  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:58:54.0794 1480  rdpbus - ok
14:58:54.0794 1480  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:58:54.0825 1480  RDPCDD - ok
14:58:54.0825 1480  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:58:54.0841 1480  RDPDR - ok
14:58:54.0841 1480  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:58:54.0872 1480  RDPENCDD - ok
14:58:54.0888 1480  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:58:54.0919 1480  RDPREFMP - ok
14:58:54.0919 1480  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:58:54.0966 1480  RdpVideoMiniport - ok
14:58:54.0966 1480  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:58:54.0981 1480  RDPWD - ok
14:58:54.0997 1480  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:58:55.0013 1480  rdyboost - ok
14:58:55.0013 1480  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:58:55.0044 1480  RemoteAccess - ok
14:58:55.0059 1480  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:58:55.0091 1480  RemoteRegistry - ok
14:58:55.0091 1480  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:58:55.0122 1480  RpcEptMapper - ok
14:58:55.0122 1480  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:58:55.0137 1480  RpcLocator - ok
14:58:55.0153 1480  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:58:55.0184 1480  RpcSs - ok
14:58:55.0184 1480  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:58:55.0215 1480  rspndr - ok
14:58:55.0231 1480  [ BD9BA262CF26EFE9A9867EBE32D12164 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:58:55.0247 1480  RTL8167 - ok
14:58:55.0247 1480  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:58:55.0262 1480  s3cap - ok
14:58:55.0278 1480  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:58:55.0278 1480  SamSs - ok
14:58:55.0293 1480  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:58:55.0293 1480  sbp2port - ok
14:58:55.0309 1480  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:58:55.0340 1480  SBSDWSCService - ok
14:58:55.0340 1480  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:58:55.0387 1480  SCardSvr - ok
14:58:55.0387 1480  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:58:55.0418 1480  scfilter - ok
14:58:55.0434 1480  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:58:55.0465 1480  Schedule - ok
14:58:55.0481 1480  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:58:55.0512 1480  SCPolicySvc - ok
14:58:55.0512 1480  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:58:55.0527 1480  SDRSVC - ok
14:58:55.0527 1480  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:58:55.0559 1480  secdrv - ok
14:58:55.0559 1480  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:58:55.0590 1480  seclogon - ok
14:58:55.0605 1480  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:58:55.0637 1480  SENS - ok
14:58:55.0637 1480  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:58:55.0652 1480  SensrSvc - ok
14:58:55.0652 1480  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:58:55.0668 1480  Serenum - ok
14:58:55.0668 1480  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:58:55.0683 1480  Serial - ok
14:58:55.0683 1480  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:58:55.0699 1480  sermouse - ok
14:58:55.0715 1480  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:58:55.0730 1480  SessionEnv - ok
14:58:55.0746 1480  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:58:55.0746 1480  sffdisk - ok
14:58:55.0761 1480  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:58:55.0761 1480  sffp_mmc - ok
14:58:55.0777 1480  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:58:55.0793 1480  sffp_sd - ok
14:58:55.0793 1480  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:58:55.0808 1480  sfloppy - ok
14:58:55.0808 1480  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:58:55.0839 1480  SharedAccess - ok
14:58:55.0855 1480  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:58:55.0886 1480  ShellHWDetection - ok
14:58:55.0886 1480  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:58:55.0902 1480  SiSRaid2 - ok
14:58:55.0902 1480  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:58:55.0917 1480  SiSRaid4 - ok
14:58:55.0917 1480  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:58:55.0949 1480  Smb - ok
14:58:55.0949 1480  [ CA62AE004E98374BF7F082CD765EEA02 ] SNMP            C:\Windows\System32\snmp.exe
14:58:55.0980 1480  SNMP - ok
14:58:55.0980 1480  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:58:55.0995 1480  SNMPTRAP - ok
14:58:55.0995 1480  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:58:56.0011 1480  spldr - ok
14:58:56.0011 1480  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:58:56.0042 1480  Spooler - ok
14:58:56.0089 1480  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:58:56.0151 1480  sppsvc - ok
14:58:56.0151 1480  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:58:56.0183 1480  sppuinotify - ok
14:58:56.0198 1480  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:58:56.0214 1480  srv - ok
14:58:56.0214 1480  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:58:56.0229 1480  srv2 - ok
14:58:56.0245 1480  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:58:56.0245 1480  srvnet - ok
14:58:56.0261 1480  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:58:56.0292 1480  SSDPSRV - ok
14:58:56.0292 1480  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:58:56.0323 1480  SstpSvc - ok
14:58:56.0323 1480  [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:58:56.0339 1480  Stereo Service - ok
14:58:56.0354 1480  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:58:56.0354 1480  stexstor - ok
14:58:56.0370 1480  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:58:56.0370 1480  StillCam - ok
14:58:56.0385 1480  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:58:56.0401 1480  stisvc - ok
14:58:56.0417 1480  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:58:56.0417 1480  storflt - ok
14:58:56.0432 1480  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:58:56.0432 1480  storvsc - ok
14:58:56.0448 1480  [ 85BF0B7CE3D9B6D1611E05872E1C3E56 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
14:58:56.0448 1480  SWDUMon - ok
14:58:56.0448 1480  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:58:56.0463 1480  swenum - ok
14:58:56.0479 1480  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:58:56.0510 1480  swprv - ok
14:58:56.0510 1480  Synth3dVsc - ok
14:58:56.0526 1480  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:58:56.0557 1480  SysMain - ok
14:58:56.0573 1480  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:58:56.0588 1480  TabletInputService - ok
14:58:56.0588 1480  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:58:56.0619 1480  TapiSrv - ok
14:58:56.0619 1480  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:58:56.0651 1480  TBS - ok
14:58:56.0682 1480  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:58:56.0713 1480  Tcpip - ok
14:58:56.0729 1480  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:58:56.0760 1480  TCPIP6 - ok
14:58:56.0775 1480  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:58:56.0807 1480  tcpipreg - ok
14:58:56.0807 1480  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:58:56.0822 1480  TDPIPE - ok
14:58:56.0822 1480  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:58:56.0838 1480  TDTCP - ok
14:58:56.0853 1480  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:58:56.0885 1480  tdx - ok
14:58:56.0885 1480  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:58:56.0900 1480  TermDD - ok
14:58:56.0916 1480  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:58:56.0947 1480  TermService - ok
14:58:56.0947 1480  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:58:56.0963 1480  Themes - ok
14:58:56.0978 1480  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:58:57.0009 1480  THREADORDER - ok
14:58:57.0009 1480  [ 83682F469A3D65E8B6F06C28212318BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
14:58:57.0025 1480  TomTomHOMEService - ok
14:58:57.0025 1480  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:58:57.0072 1480  TrkWks - ok
14:58:57.0072 1480  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:58:57.0103 1480  TrustedInstaller - ok
14:58:57.0119 1480  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:58:57.0150 1480  tssecsrv - ok
14:58:57.0150 1480  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:58:57.0165 1480  TsUsbFlt - ok
14:58:57.0165 1480  tsusbhub - ok
14:58:57.0165 1480  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:58:57.0197 1480  tunnel - ok
14:58:57.0212 1480  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:58:57.0212 1480  uagp35 - ok
14:58:57.0228 1480  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:58:57.0259 1480  udfs - ok
14:58:57.0259 1480  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:58:57.0275 1480  UI0Detect - ok
14:58:57.0290 1480  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:58:57.0290 1480  uliagpkx - ok
14:58:57.0306 1480  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
14:58:57.0306 1480  umbus - ok
14:58:57.0321 1480  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:58:57.0321 1480  UmPass - ok
14:58:57.0337 1480  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
14:58:57.0337 1480  UmRdpService - ok
14:58:57.0353 1480  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:58:57.0384 1480  upnphost - ok
14:58:57.0384 1480  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:58:57.0399 1480  usbccgp - ok
14:58:57.0399 1480  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:58:57.0446 1480  usbcir - ok
14:58:57.0446 1480  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:58:57.0462 1480  usbehci - ok
14:58:57.0462 1480  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:58:57.0477 1480  usbhub - ok
14:58:57.0493 1480  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:58:57.0493 1480  usbohci - ok
14:58:57.0509 1480  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:58:57.0509 1480  usbprint - ok
14:58:57.0524 1480  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:58:57.0524 1480  USBSTOR - ok
14:58:57.0540 1480  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:58:57.0540 1480  usbuhci - ok
14:58:57.0555 1480  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:58:57.0587 1480  UxSms - ok
14:58:57.0587 1480  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:58:57.0602 1480  VaultSvc - ok
14:58:57.0602 1480  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:58:57.0618 1480  vdrvroot - ok
14:58:57.0618 1480  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:58:57.0649 1480  vds - ok
14:58:57.0665 1480  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:58:57.0680 1480  vga - ok
14:58:57.0680 1480  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:58:57.0711 1480  VgaSave - ok
14:58:57.0711 1480  VGPU - ok
14:58:57.0711 1480  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:58:57.0727 1480  vhdmp - ok
14:58:57.0727 1480  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:58:57.0743 1480  viaide - ok
14:58:57.0758 1480  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:58:57.0774 1480  vmbus - ok
14:58:57.0774 1480  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:58:57.0789 1480  VMBusHID - ok
14:58:57.0789 1480  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:58:57.0805 1480  volmgr - ok
14:58:57.0805 1480  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:58:57.0821 1480  volmgrx - ok
14:58:57.0836 1480  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:58:57.0852 1480  volsnap - ok
14:58:57.0852 1480  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:58:57.0867 1480  vsmraid - ok
14:58:57.0883 1480  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:58:57.0930 1480  VSS - ok
14:58:57.0930 1480  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:58:57.0945 1480  vwifibus - ok
14:58:57.0961 1480  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:58:57.0992 1480  W32Time - ok
14:58:58.0008 1480  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:58:58.0023 1480  WacomPen - ok
14:58:58.0023 1480  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:58:58.0055 1480  WANARP - ok
14:58:58.0055 1480  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:58:58.0086 1480  Wanarpv6 - ok
14:58:58.0148 1480  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:58:58.0164 1480  wbengine - ok
14:58:58.0179 1480  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:58:58.0195 1480  WbioSrvc - ok
14:58:58.0195 1480  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:58:58.0226 1480  wcncsvc - ok
14:58:58.0226 1480  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:58:58.0242 1480  WcsPlugInService - ok
14:58:58.0242 1480  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:58:58.0257 1480  Wd - ok
14:58:58.0273 1480  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:58:58.0289 1480  Wdf01000 - ok
14:58:58.0351 1480  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:58:58.0382 1480  WdiServiceHost - ok
14:58:58.0382 1480  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:58:58.0398 1480  WdiSystemHost - ok
14:58:58.0413 1480  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:58:58.0429 1480  WebClient - ok
14:58:58.0429 1480  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:58:58.0460 1480  Wecsvc - ok
14:58:58.0476 1480  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:58:58.0507 1480  wercplsupport - ok
14:58:58.0507 1480  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:58:58.0538 1480  WerSvc - ok
14:58:58.0538 1480  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:58:58.0569 1480  WfpLwf - ok
14:58:58.0569 1480  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:58:58.0585 1480  WIMMount - ok
14:58:58.0585 1480  WinDefend - ok
14:58:58.0585 1480  WinHttpAutoProxySvc - ok
14:58:58.0601 1480  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:58:58.0632 1480  Winmgmt - ok
14:58:58.0663 1480  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:58:58.0710 1480  WinRM - ok
14:58:58.0725 1480  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:58:58.0741 1480  Wlansvc - ok
14:58:58.0757 1480  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:58:58.0757 1480  WmiAcpi - ok
14:58:58.0772 1480  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:58:58.0788 1480  wmiApSrv - ok
14:58:58.0803 1480  WMPNetworkSvc - ok
14:58:58.0803 1480  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:58:58.0835 1480  WPCSvc - ok
14:58:58.0835 1480  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:58:58.0850 1480  WPDBusEnum - ok
14:58:58.0850 1480  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:58:58.0881 1480  ws2ifsl - ok
14:58:58.0897 1480  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:58:58.0913 1480  wscsvc - ok
14:58:58.0913 1480  WSearch - ok
14:58:58.0944 1480  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:58:58.0991 1480  wuauserv - ok
14:58:58.0991 1480  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:58:59.0037 1480  WudfPf - ok
14:58:59.0037 1480  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:58:59.0084 1480  WUDFRd - ok
14:58:59.0084 1480  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:58:59.0115 1480  wudfsvc - ok
14:58:59.0131 1480  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:58:59.0147 1480  WwanSvc - ok
14:58:59.0162 1480  ================ Scan global ===============================
14:58:59.0162 1480  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:58:59.0162 1480  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:58:59.0178 1480  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:58:59.0178 1480  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:58:59.0193 1480  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:58:59.0193 1480  [Global] - ok
14:58:59.0193 1480  ================ Scan MBR ==================================
14:58:59.0193 1480  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:58:59.0271 1480  \Device\Harddisk0\DR0 - ok
14:58:59.0287 1480  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:58:59.0349 1480  \Device\Harddisk1\DR1 - ok
14:58:59.0349 1480  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
14:58:59.0427 1480  \Device\Harddisk3\DR3 - ok
14:58:59.0443 1480  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:58:59.0537 1480  \Device\Harddisk2\DR2 - ok
14:58:59.0537 1480  ================ Scan VBR ==================================
14:58:59.0537 1480  [ 29FB53A7CC8401A708E5902AA427718F ] \Device\Harddisk0\DR0\Partition1
14:58:59.0537 1480  \Device\Harddisk0\DR0\Partition1 - ok
14:58:59.0537 1480  [ 8DA172A4F7B57A999CF81C9E0A158A51 ] \Device\Harddisk1\DR1\Partition1
14:58:59.0537 1480  \Device\Harddisk1\DR1\Partition1 - ok
14:58:59.0552 1480  [ 936E936BC85BDB2D99B321D5919912C7 ] \Device\Harddisk1\DR1\Partition2
14:58:59.0552 1480  \Device\Harddisk1\DR1\Partition2 - ok
14:58:59.0552 1480  [ CA534017603C7704E5C2FBB4AF9CEFED ] \Device\Harddisk3\DR3\Partition1
14:58:59.0552 1480  \Device\Harddisk3\DR3\Partition1 - ok
14:58:59.0552 1480  [ EA1C3F098A806E1C9C8B446F2FF2D668 ] \Device\Harddisk2\DR2\Partition1
14:58:59.0552 1480  \Device\Harddisk2\DR2\Partition1 - ok
14:58:59.0552 1480  [ 25720FB50BD64E3924E761D611A49B4D ] \Device\Harddisk2\DR2\Partition2
14:58:59.0552 1480  \Device\Harddisk2\DR2\Partition2 - ok
14:58:59.0552 1480  ================ Scan active images ========================
14:58:59.0568 1480  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
14:58:59.0568 1480  C:\Windows\System32\drivers\crashdmp.sys - ok
14:58:59.0568 1480  [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
14:58:59.0568 1480  C:\Windows\System32\drivers\atapi.sys - ok
14:58:59.0568 1480  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
14:58:59.0568 1480  C:\Windows\System32\drivers\Dumpata.sys - ok
14:58:59.0568 1480  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
14:58:59.0568 1480  C:\Windows\System32\drivers\dumpfve.sys - ok
14:58:59.0583 1480  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
14:58:59.0583 1480  C:\Windows\System32\drivers\beep.sys - ok
14:58:59.0583 1480  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
14:58:59.0583 1480  C:\Windows\System32\drivers\cdrom.sys - ok
14:58:59.0583 1480  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
14:58:59.0583 1480  C:\Windows\System32\drivers\null.sys - ok
14:58:59.0583 1480  [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] C:\Windows\System32\drivers\MTiCtwl.sys
14:58:59.0583 1480  C:\Windows\System32\drivers\MTiCtwl.sys - ok
14:58:59.0599 1480  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
14:58:59.0599 1480  C:\Windows\System32\drivers\vga.sys - ok
14:58:59.0599 1480  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
14:58:59.0599 1480  C:\Windows\System32\drivers\videoprt.sys - ok
14:58:59.0599 1480  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
14:58:59.0599 1480  C:\Windows\System32\drivers\watchdog.sys - ok
14:58:59.0615 1480  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
14:58:59.0615 1480  C:\Windows\System32\drivers\msfs.sys - ok
14:58:59.0615 1480  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
14:58:59.0615 1480  C:\Windows\System32\drivers\RDPCDD.sys - ok
14:58:59.0615 1480  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
14:58:59.0615 1480  C:\Windows\System32\drivers\RDPENCDD.sys - ok
14:58:59.0615 1480  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
14:58:59.0615 1480  C:\Windows\System32\drivers\RDPREFMP.sys - ok
14:58:59.0630 1480  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
14:58:59.0630 1480  C:\Windows\System32\drivers\npfs.sys - ok
14:58:59.0630 1480  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
14:58:59.0630 1480  C:\Windows\System32\drivers\tdi.sys - ok
14:58:59.0630 1480  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
14:58:59.0630 1480  C:\Windows\System32\drivers\tdx.sys - ok
14:58:59.0630 1480  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
14:58:59.0630 1480  C:\Windows\System32\drivers\afd.sys - ok
14:58:59.0646 1480  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
14:58:59.0646 1480  C:\Windows\System32\drivers\netbt.sys - ok
14:58:59.0646 1480  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
14:58:59.0646 1480  C:\Windows\System32\drivers\netbios.sys - ok
14:58:59.0646 1480  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
14:58:59.0646 1480  C:\Windows\System32\drivers\pacer.sys - ok
14:58:59.0661 1480  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
14:58:59.0661 1480  C:\Windows\System32\drivers\wfplwf.sys - ok
14:58:59.0661 1480  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
14:58:59.0661 1480  C:\Windows\System32\drivers\serial.sys - ok
14:58:59.0661 1480  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
14:58:59.0661 1480  C:\Windows\System32\drivers\termdd.sys - ok
14:58:59.0661 1480  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
14:58:59.0661 1480  C:\Windows\System32\drivers\wanarp.sys - ok
14:58:59.0677 1480  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
14:58:59.0677 1480  C:\Windows\System32\drivers\mssmbios.sys - ok
14:58:59.0677 1480  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
14:58:59.0677 1480  C:\Windows\System32\drivers\nsiproxy.sys - ok
14:58:59.0677 1480  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
14:58:59.0677 1480  C:\Windows\System32\drivers\rdbss.sys - ok
14:58:59.0693 1480  [ 9C6F3F69163133FB8E56AC4A6E163452 ] D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys
14:58:59.0693 1480  D:\Programme (x86)\UltraISO\drivers\ISODrv64.sys - ok
14:58:59.0693 1480  [ F78FF50C486D530504B7D2BB36B1ED22 ] C:\Program Files\HWiNFO64\HWiNFO64A.SYS
14:58:59.0693 1480  C:\Program Files\HWiNFO64\HWiNFO64A.SYS - ok
14:58:59.0693 1480  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
14:58:59.0693 1480  C:\Windows\System32\drivers\discache.sys - ok
14:58:59.0693 1480  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
14:58:59.0693 1480  C:\Windows\System32\drivers\csc.sys - ok
14:58:59.0708 1480  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
14:58:59.0708 1480  C:\Windows\System32\drivers\blbdrive.sys - ok
14:58:59.0708 1480  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
14:58:59.0708 1480  C:\Windows\System32\drivers\dfsc.sys - ok
14:58:59.0708 1480  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
14:58:59.0708 1480  C:\Windows\System32\drivers\intelppm.sys - ok
14:58:59.0724 1480  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
14:58:59.0724 1480  C:\Windows\System32\drivers\tunnel.sys - ok
14:58:59.0724 1480  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
14:58:59.0724 1480  C:\Windows\System32\ntdll.dll - ok
14:58:59.0724 1480  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
14:58:59.0724 1480  C:\Windows\System32\smss.exe - ok
14:58:59.0724 1480  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
14:58:59.0724 1480  C:\Windows\System32\autochk.exe - ok
14:58:59.0739 1480  [ BF7A24A71E1932200D864BC1CE15E596 ] C:\Windows\System32\drivers\nvlddmkm.sys
14:58:59.0739 1480  C:\Windows\System32\drivers\nvlddmkm.sys - ok
14:58:59.0739 1480  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
14:58:59.0739 1480  C:\Windows\System32\drivers\dxgkrnl.sys - ok
14:58:59.0739 1480  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
14:58:59.0739 1480  C:\Windows\System32\drivers\dxgmms1.sys - ok
14:58:59.0739 1480  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
14:58:59.0739 1480  C:\Windows\System32\drivers\hdaudbus.sys - ok
14:58:59.0755 1480  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
14:58:59.0755 1480  C:\Windows\System32\drivers\usbehci.sys - ok
14:58:59.0755 1480  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
14:58:59.0755 1480  C:\Windows\System32\drivers\usbport.sys - ok
14:58:59.0755 1480  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
14:58:59.0755 1480  C:\Windows\System32\drivers\usbuhci.sys - ok
14:58:59.0755 1480  [ D765D19CD8EF61F650C384F62FAC00AB ] C:\Windows\System32\drivers\fdc.sys
14:58:59.0755 1480  C:\Windows\System32\drivers\fdc.sys - ok
14:58:59.0771 1480  [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
14:58:59.0771 1480  C:\Windows\System32\drivers\parport.sys - ok
14:58:59.0771 1480  [ BD9BA262CF26EFE9A9867EBE32D12164 ] C:\Windows\System32\drivers\Rt64win7.sys
14:58:59.0771 1480  C:\Windows\System32\drivers\Rt64win7.sys - ok
14:58:59.0771 1480  [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
14:58:59.0771 1480  C:\Windows\System32\drivers\serenum.sys - ok
14:58:59.0786 1480  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
14:58:59.0786 1480  C:\Windows\System32\drivers\agilevpn.sys - ok
14:58:59.0786 1480  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
14:58:59.0786 1480  C:\Windows\System32\drivers\CompositeBus.sys - ok
14:58:59.0786 1480  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
14:58:59.0786 1480  C:\Windows\System32\drivers\ndistapi.sys - ok
14:58:59.0786 1480  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
14:58:59.0786 1480  C:\Windows\System32\drivers\rasl2tp.sys - ok
14:58:59.0802 1480  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
14:58:59.0802 1480  C:\Windows\System32\drivers\ndiswan.sys - ok
14:58:59.0802 1480  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
14:58:59.0802 1480  C:\Windows\System32\drivers\raspppoe.sys - ok
14:58:59.0802 1480  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
14:58:59.0802 1480  C:\Windows\System32\drivers\kbdclass.sys - ok
14:58:59.0802 1480  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
14:58:59.0802 1480  C:\Windows\System32\drivers\raspptp.sys - ok
14:58:59.0817 1480  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
14:58:59.0817 1480  C:\Windows\System32\drivers\rassstp.sys - ok
14:58:59.0817 1480  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
14:58:59.0817 1480  C:\Windows\System32\drivers\rdpbus.sys - ok
14:58:59.0817 1480  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
14:58:59.0817 1480  C:\Windows\System32\drivers\ks.sys - ok
14:58:59.0817 1480  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
14:58:59.0817 1480  C:\Windows\System32\drivers\ksthunk.sys - ok
14:58:59.0833 1480  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
14:58:59.0833 1480  C:\Windows\System32\drivers\mouclass.sys - ok
14:58:59.0833 1480  [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
14:58:59.0833 1480  C:\Windows\System32\drivers\serscan.sys - ok
14:58:59.0833 1480  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
14:58:59.0833 1480  C:\Windows\System32\drivers\swenum.sys - ok
14:58:59.0849 1480  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
14:58:59.0849 1480  C:\Windows\System32\drivers\umbus.sys - ok
14:58:59.0849 1480  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
14:58:59.0849 1480  C:\Windows\System32\drivers\usbhub.sys - ok
14:58:59.0849 1480  [ C172A0F53008EAEB8EA33FE10E177AF5 ] C:\Windows\System32\drivers\flpydisk.sys
14:58:59.0849 1480  C:\Windows\System32\drivers\flpydisk.sys - ok
14:58:59.0849 1480  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
14:58:59.0849 1480  C:\Windows\System32\shell32.dll - ok
14:58:59.0864 1480  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
14:58:59.0864 1480  C:\Windows\System32\difxapi.dll - ok
14:58:59.0864 1480  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
14:58:59.0864 1480  C:\Windows\System32\imagehlp.dll - ok
14:58:59.0864 1480  [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
14:58:59.0864 1480  C:\Windows\System32\iertutil.dll - ok
14:58:59.0880 1480  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
14:58:59.0880 1480  C:\Windows\System32\imm32.dll - ok
14:58:59.0880 1480  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
14:58:59.0880 1480  C:\Windows\System32\nsi.dll - ok
14:58:59.0880 1480  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
14:58:59.0880 1480  C:\Windows\System32\ws2_32.dll - ok
14:58:59.0895 1480  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
14:58:59.0895 1480  C:\Windows\System32\usp10.dll - ok
14:58:59.0895 1480  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
14:58:59.0895 1480  C:\Windows\System32\lpk.dll - ok
14:58:59.0895 1480  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
14:58:59.0895 1480  C:\Windows\System32\rpcrt4.dll - ok
14:58:59.0942 1480  [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
14:58:59.0942 1480  C:\Windows\System32\kernel32.dll - ok
14:58:59.0958 1480  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
14:58:59.0958 1480  C:\Windows\System32\user32.dll - ok
14:58:59.0958 1480  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
14:58:59.0958 1480  C:\Windows\System32\setupapi.dll - ok
14:58:59.0958 1480  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
14:58:59.0958 1480  C:\Windows\System32\gdi32.dll - ok
14:58:59.0973 1480  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
14:58:59.0973 1480  C:\Windows\System32\normaliz.dll - ok
14:58:59.0973 1480  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
14:58:59.0973 1480  C:\Windows\System32\shlwapi.dll - ok
14:58:59.0973 1480  [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
14:58:59.0973 1480  C:\Windows\System32\wininet.dll - ok
14:58:59.0989 1480  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
14:58:59.0989 1480  C:\Windows\System32\advapi32.dll - ok
14:58:59.0989 1480  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
14:58:59.0989 1480  C:\Windows\System32\psapi.dll - ok
14:58:59.0989 1480  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
14:58:59.0989 1480  C:\Windows\System32\comdlg32.dll - ok
14:59:00.0005 1480  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
14:59:00.0005 1480  C:\Windows\System32\ole32.dll - ok
14:59:00.0020 1480  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
14:59:00.0020 1480  C:\Windows\System32\msvcrt.dll - ok
14:59:00.0036 1480  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
14:59:00.0036 1480  C:\Windows\System32\sechost.dll - ok
14:59:00.0036 1480  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
14:59:00.0036 1480  C:\Windows\System32\oleaut32.dll - ok
14:59:00.0036 1480  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
14:59:00.0036 1480  C:\Windows\System32\clbcatq.dll - ok
14:59:00.0051 1480  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
14:59:00.0051 1480  C:\Windows\System32\Wldap32.dll - ok
14:59:00.0051 1480  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
14:59:00.0051 1480  C:\Windows\System32\msctf.dll - ok
14:59:00.0051 1480  [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
14:59:00.0051 1480  C:\Windows\System32\urlmon.dll - ok
14:59:00.0067 1480  [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
14:59:00.0067 1480  C:\Windows\System32\crypt32.dll - ok
14:59:00.0067 1480  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
14:59:00.0067 1480  C:\Windows\System32\cfgmgr32.dll - ok
14:59:00.0067 1480  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
14:59:00.0067 1480  C:\Windows\System32\comctl32.dll - ok
14:59:00.0067 1480  [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
14:59:00.0067 1480  C:\Windows\System32\wintrust.dll - ok
14:59:00.0083 1480  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
14:59:00.0083 1480  C:\Windows\System32\devobj.dll - ok
14:59:00.0083 1480  [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
14:59:00.0083 1480  C:\Windows\System32\KernelBase.dll - ok
14:59:00.0083 1480  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
14:59:00.0083 1480  C:\Windows\System32\msasn1.dll - ok
14:59:00.0083 1480  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
14:59:00.0083 1480  C:\Windows\SysWOW64\normaliz.dll - ok
14:59:00.0098 1480  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
14:59:00.0098 1480  C:\Windows\System32\drivers\ndproxy.sys - ok
14:59:00.0098 1480  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
14:59:00.0098 1480  C:\Windows\System32\drivers\drmk.sys - ok
14:59:00.0098 1480  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
14:59:00.0098 1480  C:\Windows\System32\drivers\portcls.sys - ok
14:59:00.0098 1480  [ C2F868881D48A568B525255F084EF063 ] C:\Windows\System32\drivers\RTKVHD64.sys
14:59:00.0098 1480  C:\Windows\System32\drivers\RTKVHD64.sys - ok
14:59:00.0098 1480  [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
14:59:00.0098 1480  C:\Windows\System32\drivers\cdfs.sys - ok
14:59:00.0114 1480  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
14:59:00.0114 1480  C:\Windows\System32\drivers\dxapi.sys - ok
14:59:00.0114 1480  [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
14:59:00.0114 1480  C:\Windows\System32\win32k.sys - ok
14:59:00.0114 1480  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
14:59:00.0114 1480  C:\Windows\System32\basesrv.dll - ok
14:59:00.0114 1480  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows
         

Alt 16.10.2012, 07:13   #7
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



TDDSKiller Teil 2:
Code:
ATTFilter
\System32\csrsrv.dll
14:59:00.0114 1480  C:\Windows\System32\csrsrv.dll - ok
14:59:00.0129 1480  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
14:59:00.0129 1480  C:\Windows\System32\csrss.exe - ok
14:59:00.0129 1480  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
14:59:00.0129 1480  C:\Windows\System32\winsrv.dll - ok
14:59:00.0129 1480  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
14:59:00.0129 1480  C:\Windows\System32\drivers\usbccgp.sys - ok
14:59:00.0129 1480  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
14:59:00.0129 1480  C:\Windows\System32\drivers\usbd.sys - ok
14:59:00.0145 1480  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
14:59:00.0145 1480  C:\Windows\System32\drivers\hidclass.sys - ok
14:59:00.0145 1480  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
14:59:00.0145 1480  C:\Windows\System32\drivers\hidparse.sys - ok
14:59:00.0145 1480  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
14:59:00.0145 1480  C:\Windows\System32\drivers\hidusb.sys - ok
14:59:00.0161 1480  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
14:59:00.0161 1480  C:\Windows\System32\drivers\kbdhid.sys - ok
14:59:00.0161 1480  [ 241F2648ADF090E2A10095BD6D6F5DCB ] C:\Windows\System32\drivers\LHidFilt.Sys
14:59:00.0161 1480  C:\Windows\System32\drivers\LHidFilt.Sys - ok
14:59:00.0161 1480  [ 342ED5A4B3326014438F36D22D803737 ] C:\Windows\System32\drivers\LMouFilt.Sys
14:59:00.0161 1480  C:\Windows\System32\drivers\LMouFilt.Sys - ok
14:59:00.0161 1480  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
14:59:00.0161 1480  C:\Windows\System32\drivers\mouhid.sys - ok
14:59:00.0176 1480  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
14:59:00.0176 1480  C:\Windows\System32\drivers\USBSTOR.SYS - ok
14:59:00.0176 1480  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
14:59:00.0176 1480  C:\Windows\System32\drivers\monitor.sys - ok
14:59:00.0176 1480  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
14:59:00.0176 1480  C:\Windows\System32\tsddd.dll - ok
14:59:00.0176 1480  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
14:59:00.0176 1480  C:\Windows\System32\profapi.dll - ok
14:59:00.0176 1480  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
14:59:00.0176 1480  C:\Windows\System32\RpcRtRemote.dll - ok
14:59:00.0192 1480  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
14:59:00.0192 1480  C:\Windows\System32\sxssrv.dll - ok
14:59:00.0192 1480  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
14:59:00.0192 1480  C:\Windows\System32\wininit.exe - ok
14:59:00.0192 1480  [ E38D1691B68FCB6224D69B4D4E25EBF3 ] C:\Windows\System32\KBDGR.DLL
14:59:00.0192 1480  C:\Windows\System32\KBDGR.DLL - ok
14:59:00.0192 1480  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
14:59:00.0192 1480  C:\Windows\System32\cdd.dll - ok
14:59:00.0207 1480  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
14:59:00.0207 1480  C:\Windows\System32\KBDUS.DLL - ok
14:59:00.0207 1480  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
14:59:00.0207 1480  C:\Windows\System32\WlS0WndH.dll - ok
14:59:00.0207 1480  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
14:59:00.0207 1480  C:\Windows\System32\sxs.dll - ok
14:59:00.0207 1480  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
14:59:00.0207 1480  C:\Windows\System32\cryptbase.dll - ok
14:59:00.0207 1480  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
14:59:00.0207 1480  C:\Windows\System32\apphelp.dll - ok
14:59:00.0223 1480  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
14:59:00.0223 1480  C:\Windows\System32\lsass.exe - ok
14:59:00.0223 1480  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
14:59:00.0223 1480  C:\Windows\System32\lsm.exe - ok
14:59:00.0223 1480  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
14:59:00.0223 1480  C:\Windows\System32\services.exe - ok
14:59:00.0223 1480  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
14:59:00.0223 1480  C:\Windows\System32\lsasrv.dll - ok
14:59:00.0239 1480  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
14:59:00.0239 1480  C:\Windows\System32\scext.dll - ok
14:59:00.0239 1480  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
14:59:00.0239 1480  C:\Windows\System32\sspicli.dll - ok
14:59:00.0239 1480  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
14:59:00.0239 1480  C:\Windows\System32\sspisrv.dll - ok
14:59:00.0239 1480  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
14:59:00.0239 1480  C:\Windows\System32\sysntfy.dll - ok
14:59:00.0254 1480  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
14:59:00.0254 1480  C:\Windows\System32\wmsgapi.dll - ok
14:59:00.0254 1480  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
14:59:00.0254 1480  C:\Windows\System32\samsrv.dll - ok
14:59:00.0254 1480  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
14:59:00.0254 1480  C:\Windows\System32\scesrv.dll - ok
14:59:00.0254 1480  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
14:59:00.0254 1480  C:\Windows\System32\secur32.dll - ok
14:59:00.0254 1480  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
14:59:00.0254 1480  C:\Windows\System32\srvcli.dll - ok
14:59:00.0270 1480  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
14:59:00.0270 1480  C:\Windows\System32\aelupsvc.dll - ok
14:59:00.0270 1480  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
14:59:00.0270 1480  C:\Windows\System32\cryptdll.dll - ok
14:59:00.0270 1480  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
14:59:00.0270 1480  C:\Windows\System32\winlogon.exe - ok
14:59:00.0270 1480  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
14:59:00.0270 1480  C:\Windows\System32\wevtapi.dll - ok
14:59:00.0285 1480  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
14:59:00.0285 1480  C:\Windows\System32\winsta.dll - ok
14:59:00.0285 1480  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
14:59:00.0285 1480  C:\Windows\System32\authz.dll - ok
14:59:00.0285 1480  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
14:59:00.0285 1480  C:\Windows\System32\cngaudit.dll - ok
14:59:00.0285 1480  [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
14:59:00.0285 1480  C:\Windows\System32\ncrypt.dll - ok
14:59:00.0285 1480  [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
14:59:00.0285 1480  C:\Windows\System32\alg.exe - ok
14:59:00.0301 1480  [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
14:59:00.0301 1480  C:\Windows\System32\appidsvc.dll - ok
14:59:00.0301 1480  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
14:59:00.0301 1480  C:\Windows\System32\appinfo.dll - ok
14:59:00.0301 1480  [ 4ABA3E75A76195A3E38ED2766C962899 ] C:\Windows\System32\appmgmts.dll
14:59:00.0301 1480  C:\Windows\System32\appmgmts.dll - ok
14:59:00.0301 1480  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
14:59:00.0301 1480  C:\Windows\System32\bcrypt.dll - ok
14:59:00.0317 1480  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
14:59:00.0317 1480  C:\Windows\System32\audiosrv.dll - ok
14:59:00.0317 1480  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
14:59:00.0317 1480  C:\Windows\System32\msprivs.dll - ok
14:59:00.0317 1480  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
14:59:00.0317 1480  C:\Windows\System32\negoexts.dll - ok
14:59:00.0317 1480  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
14:59:00.0317 1480  C:\Windows\System32\netjoin.dll - ok
14:59:00.0317 1480  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
14:59:00.0317 1480  C:\Windows\System32\rascfg.dll - ok
14:59:00.0332 1480  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
14:59:00.0332 1480  C:\Windows\System32\AxInstSv.dll - ok
14:59:00.0332 1480  [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
14:59:00.0332 1480  C:\Windows\System32\kerberos.dll - ok
14:59:00.0332 1480  [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
14:59:00.0332 1480  C:\Windows\System32\bdesvc.dll - ok
14:59:00.0332 1480  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
14:59:00.0332 1480  C:\Windows\System32\BFE.DLL - ok
14:59:00.0348 1480  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
14:59:00.0348 1480  C:\Windows\System32\cryptsp.dll - ok
14:59:00.0348 1480  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
14:59:00.0348 1480  C:\Windows\System32\mswsock.dll - ok
14:59:00.0348 1480  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
14:59:00.0348 1480  C:\Windows\System32\qmgr.dll - ok
14:59:00.0348 1480  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
14:59:00.0348 1480  C:\Windows\System32\version.dll - ok
14:59:00.0348 1480  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
14:59:00.0348 1480  C:\Windows\System32\msv1_0.dll - ok
14:59:00.0363 1480  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
14:59:00.0363 1480  C:\Windows\System32\wship6.dll - ok
14:59:00.0363 1480  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
14:59:00.0363 1480  C:\Windows\System32\netlogon.dll - ok
14:59:00.0363 1480  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
14:59:00.0363 1480  C:\Windows\System32\browser.dll - ok
14:59:00.0363 1480  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
14:59:00.0363 1480  C:\Windows\System32\bthserv.dll - ok
14:59:00.0379 1480  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
14:59:00.0379 1480  C:\Windows\System32\dnsapi.dll - ok
14:59:00.0379 1480  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
14:59:00.0379 1480  C:\Windows\System32\certprop.dll - ok
14:59:00.0379 1480  [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
14:59:00.0379 1480  C:\Windows\System32\clfs.sys - ok
14:59:00.0379 1480  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
14:59:00.0379 1480  C:\Windows\System32\logoncli.dll - ok
14:59:00.0379 1480  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
14:59:00.0379 1480  C:\Windows\System32\schannel.dll - ok
14:59:00.0395 1480  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
14:59:00.0395 1480  C:\Windows\System32\comres.dll - ok
14:59:00.0395 1480  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
14:59:00.0395 1480  C:\Windows\System32\wdigest.dll - ok
14:59:00.0395 1480  [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
14:59:00.0395 1480  C:\Windows\System32\cryptsvc.dll - ok
14:59:00.0395 1480  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
14:59:00.0395 1480  C:\Windows\System32\pku2u.dll - ok
14:59:00.0410 1480  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
14:59:00.0410 1480  C:\Windows\System32\rsaenh.dll - ok
14:59:00.0410 1480  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
14:59:00.0410 1480  C:\Windows\System32\TSpkg.dll - ok
14:59:00.0410 1480  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
14:59:00.0410 1480  C:\Windows\System32\bcryptprimitives.dll - ok
14:59:00.0410 1480  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
14:59:00.0410 1480  C:\Windows\System32\cscsvc.dll - ok
14:59:00.0426 1480  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
14:59:00.0426 1480  C:\Windows\System32\credssp.dll - ok
14:59:00.0426 1480  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
14:59:00.0426 1480  C:\Windows\System32\defragsvc.dll - ok
14:59:00.0426 1480  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
14:59:00.0426 1480  C:\Windows\System32\dhcpcore.dll - ok
14:59:00.0426 1480  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
14:59:00.0426 1480  C:\Windows\System32\efslsaext.dll - ok
14:59:00.0426 1480  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
14:59:00.0426 1480  C:\Windows\System32\oleres.dll - ok
14:59:00.0441 1480  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
14:59:00.0441 1480  C:\Windows\System32\scecli.dll - ok
14:59:00.0441 1480  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
14:59:00.0441 1480  C:\Windows\System32\dot3svc.dll - ok
14:59:00.0441 1480  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
14:59:00.0441 1480  C:\Windows\System32\dps.dll - ok
14:59:00.0441 1480  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
14:59:00.0441 1480  C:\Windows\System32\eapsvc.dll - ok
14:59:00.0457 1480  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
14:59:00.0457 1480  C:\Windows\System32\efssvc.dll - ok
14:59:00.0457 1480  [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
14:59:00.0457 1480  C:\Windows\ehome\ehrecvr.exe - ok
14:59:00.0457 1480  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
14:59:00.0457 1480  C:\Windows\ehome\ehsched.exe - ok
14:59:00.0457 1480  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
14:59:00.0457 1480  C:\Windows\System32\wevtsvc.dll - ok
14:59:00.0457 1480  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
14:59:00.0457 1480  C:\Windows\System32\fdPHost.dll - ok
14:59:00.0473 1480  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
14:59:00.0473 1480  C:\Windows\System32\FXSRESM.dll - ok
14:59:00.0473 1480  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
14:59:00.0473 1480  C:\Windows\System32\drivers\fileinfo.sys - ok
14:59:00.0473 1480  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
14:59:00.0473 1480  C:\Windows\System32\drivers\filetrace.sys - ok
14:59:00.0473 1480  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
14:59:00.0473 1480  C:\Windows\System32\drivers\fltMgr.sys - ok
14:59:00.0488 1480  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
14:59:00.0488 1480  C:\Windows\System32\FDResPub.dll - ok
14:59:00.0488 1480  [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
14:59:00.0488 1480  C:\Windows\System32\FntCache.dll - ok
14:59:00.0488 1480  [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
14:59:00.0488 1480  C:\Windows\System32\drivers\fsdepends.sys - ok
14:59:00.0488 1480  [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
14:59:00.0488 1480  C:\Windows\System32\drivers\fvevol.sys - ok
14:59:00.0504 1480  [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
14:59:00.0504 1480  C:\Windows\System32\PresentationHost.exe - ok
14:59:00.0504 1480  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
14:59:00.0504 1480  C:\Windows\System32\gpapi.dll - ok
14:59:00.0504 1480  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
14:59:00.0504 1480  C:\Windows\System32\hidserv.dll - ok
14:59:00.0504 1480  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
14:59:00.0504 1480  C:\Windows\System32\KMSVC.DLL - ok
14:59:00.0519 1480  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
14:59:00.0519 1480  C:\Windows\System32\ListSvc.dll - ok
14:59:00.0519 1480  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
14:59:00.0519 1480  C:\Windows\System32\drivers\http.sys - ok
14:59:00.0519 1480  [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
14:59:00.0519 1480  C:\Windows\System32\drivers\hwpolicy.sys - ok
14:59:00.0519 1480  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
14:59:00.0519 1480  C:\Windows\System32\provsvc.dll - ok
14:59:00.0535 1480  [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
14:59:00.0535 1480  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
14:59:00.0535 1480  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
14:59:00.0535 1480  C:\Windows\System32\IKEEXT.DLL - ok
14:59:00.0535 1480  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
14:59:00.0535 1480  C:\Windows\System32\IPBusEnum.dll - ok
14:59:00.0535 1480  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
14:59:00.0535 1480  C:\Windows\System32\drivers\irenum.sys - ok
14:59:00.0535 1480  [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
14:59:00.0535 1480  C:\Windows\System32\iphlpsvc.dll - ok
14:59:00.0551 1480  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
14:59:00.0551 1480  C:\Windows\System32\keyiso.dll - ok
14:59:00.0551 1480  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
14:59:00.0551 1480  C:\Windows\System32\srvsvc.dll - ok
14:59:00.0551 1480  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
14:59:00.0551 1480  C:\Windows\ehome\ehres.dll - ok
14:59:00.0551 1480  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
14:59:00.0551 1480  C:\Windows\System32\drivers\luafv.sys - ok
14:59:00.0566 1480  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
14:59:00.0566 1480  C:\Windows\System32\lltdres.dll - ok
14:59:00.0566 1480  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
14:59:00.0566 1480  C:\Windows\System32\lmhsvc.dll - ok
14:59:00.0566 1480  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
14:59:00.0566 1480  C:\Windows\System32\wkssvc.dll - ok
14:59:00.0566 1480  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
14:59:00.0566 1480  C:\Windows\System32\drivers\mountmgr.sys - ok
14:59:00.0566 1480  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
14:59:00.0566 1480  C:\Windows\System32\FirewallAPI.dll - ok
14:59:00.0582 1480  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
14:59:00.0582 1480  C:\Windows\System32\mmcss.dll - ok
14:59:00.0582 1480  [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
14:59:00.0582 1480  C:\Windows\System32\drivers\mshidkmdf.sys - ok
14:59:00.0582 1480  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
14:59:00.0582 1480  C:\Windows\System32\WebClnt.dll - ok
14:59:00.0582 1480  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
14:59:00.0582 1480  C:\Windows\System32\drivers\mup.sys - ok
14:59:00.0597 1480  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
14:59:00.0597 1480  C:\Windows\System32\iscsidsc.dll - ok
14:59:00.0597 1480  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
14:59:00.0597 1480  C:\Windows\System32\msimsg.dll - ok
14:59:00.0597 1480  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
14:59:00.0597 1480  C:\Windows\System32\QAGENTRT.DLL - ok
14:59:00.0597 1480  [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
14:59:00.0597 1480  C:\Windows\System32\drivers\ndis.sys - ok
14:59:00.0597 1480  [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
14:59:00.0597 1480  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
14:59:00.0613 1480  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
14:59:00.0613 1480  C:\Windows\System32\netman.dll - ok
14:59:00.0613 1480  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
14:59:00.0613 1480  C:\Windows\System32\netprofm.dll - ok
14:59:00.0613 1480  [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
14:59:00.0613 1480  C:\Windows\System32\nlasvc.dll - ok
14:59:00.0613 1480  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
14:59:00.0613 1480  C:\Windows\System32\nsisvc.dll - ok
14:59:00.0629 1480  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
14:59:00.0629 1480  C:\Windows\System32\p2psvc.dll - ok
14:59:00.0629 1480  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
14:59:00.0629 1480  C:\Windows\System32\pnrpsvc.dll - ok
14:59:00.0629 1480  [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
14:59:00.0629 1480  C:\Windows\System32\drivers\partmgr.sys - ok
14:59:00.0629 1480  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
14:59:00.0629 1480  C:\Windows\System32\pcasvc.dll - ok
14:59:00.0644 1480  [ B9B0A4299DD2D76A4243F75FD54DC680 ] C:\Windows\System32\PeerDistSvc.dll
14:59:00.0644 1480  C:\Windows\System32\PeerDistSvc.dll - ok
14:59:00.0644 1480  [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
14:59:00.0644 1480  C:\Windows\System32\pla.dll - ok
14:59:00.0644 1480  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
14:59:00.0644 1480  C:\Windows\System32\pnrpauto.dll - ok
14:59:00.0644 1480  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
14:59:00.0644 1480  C:\Windows\System32\polstore.dll - ok
14:59:00.0644 1480  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
14:59:00.0644 1480  C:\Windows\System32\umpnpmgr.dll - ok
14:59:00.0660 1480  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
14:59:00.0660 1480  C:\Windows\System32\profsvc.dll - ok
14:59:00.0660 1480  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
14:59:00.0660 1480  C:\Windows\System32\psbase.dll - ok
14:59:00.0660 1480  [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
14:59:00.0660 1480  C:\Windows\System32\qwave.dll - ok
14:59:00.0660 1480  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
14:59:00.0660 1480  C:\Windows\System32\umpo.dll - ok
14:59:00.0675 1480  [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
14:59:00.0675 1480  C:\Windows\System32\drivers\qwavedrv.sys - ok
14:59:00.0675 1480  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
14:59:00.0675 1480  C:\Windows\System32\mprdim.dll - ok
14:59:00.0675 1480  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
14:59:00.0675 1480  C:\Windows\System32\rasauto.dll - ok
14:59:00.0675 1480  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
14:59:00.0675 1480  C:\Windows\System32\rasmans.dll - ok
14:59:00.0675 1480  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
14:59:00.0675 1480  C:\Windows\System32\sstpsvc.dll - ok
14:59:00.0691 1480  [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
14:59:00.0691 1480  C:\Windows\System32\drivers\scfilter.sys - ok
14:59:00.0691 1480  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
14:59:00.0691 1480  C:\Windows\System32\Locator.exe - ok
14:59:00.0691 1480  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
14:59:00.0691 1480  C:\Windows\System32\regsvc.dll - ok
14:59:00.0707 1480  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
14:59:00.0707 1480  C:\Windows\System32\RpcEpMap.dll - ok
14:59:00.0707 1480  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
14:59:00.0707 1480  C:\Windows\System32\SCardSvr.dll - ok
14:59:00.0707 1480  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
14:59:00.0707 1480  C:\Windows\System32\schedsvc.dll - ok
14:59:00.0707 1480  [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
14:59:00.0722 1480  C:\Windows\System32\sdrsvc.dll - ok
14:59:00.0722 1480  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
14:59:00.0722 1480  C:\Windows\System32\ipnathlp.dll - ok
14:59:00.0722 1480  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
14:59:00.0722 1480  C:\Windows\System32\seclogon.dll - ok
14:59:00.0722 1480  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
14:59:00.0722 1480  C:\Windows\System32\Sens.dll - ok
14:59:00.0738 1480  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
14:59:00.0738 1480  C:\Windows\System32\sensrsvc.dll - ok
14:59:00.0738 1480  [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
14:59:00.0738 1480  C:\Windows\System32\SessEnv.dll - ok
14:59:00.0738 1480  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
14:59:00.0738 1480  C:\Windows\System32\shsvcs.dll - ok
14:59:00.0738 1480  [ CA62AE004E98374BF7F082CD765EEA02 ] C:\Windows\System32\snmp.exe
14:59:00.0738 1480  C:\Windows\System32\snmp.exe - ok
14:59:00.0738 1480  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
14:59:00.0738 1480  C:\Windows\System32\snmptrap.exe - ok
14:59:00.0753 1480  [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
14:59:00.0753 1480  C:\Windows\System32\tcpipcfg.dll - ok
14:59:00.0753 1480  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
14:59:00.0753 1480  C:\Windows\System32\spoolsv.exe - ok
14:59:00.0753 1480  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
14:59:00.0753 1480  C:\Windows\System32\sppsvc.exe - ok
14:59:00.0753 1480  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
14:59:00.0753 1480  C:\Windows\System32\sppuinotify.dll - ok
14:59:00.0769 1480  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
14:59:00.0769 1480  C:\Windows\System32\ssdpsrv.dll - ok
14:59:00.0769 1480  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
14:59:00.0769 1480  C:\Windows\System32\wiaservc.dll - ok
14:59:00.0769 1480  [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
14:59:00.0769 1480  C:\Windows\System32\swprv.dll - ok
14:59:00.0769 1480  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
14:59:00.0769 1480  C:\Windows\System32\sysmain.dll - ok
14:59:00.0769 1480  [ D289D2E949609B696161039C3D86FFE9 ] C:\Windows\System32\vmstorfltres.dll
14:59:00.0769 1480  C:\Windows\System32\vmstorfltres.dll - ok
14:59:00.0785 1480  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
14:59:00.0785 1480  C:\Windows\System32\TabSvc.dll - ok
14:59:00.0785 1480  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
14:59:00.0785 1480  C:\Windows\System32\tapisrv.dll - ok
14:59:00.0785 1480  [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
14:59:00.0785 1480  C:\Windows\System32\tbssvc.dll - ok
14:59:00.0800 1480  [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
14:59:00.0800 1480  C:\Windows\System32\termsrv.dll - ok
14:59:00.0800 1480  [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
14:59:00.0800 1480  C:\Windows\servicing\TrustedInstaller.exe - ok
14:59:00.0800 1480  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
14:59:00.0800 1480  C:\Windows\System32\themeservice.dll - ok
14:59:00.0800 1480  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
14:59:00.0800 1480  C:\Windows\System32\trkwks.dll - ok
14:59:00.0816 1480  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
14:59:00.0816 1480  C:\Windows\System32\drivers\tssecsrv.sys - ok
14:59:00.0816 1480  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
14:59:00.0816 1480  C:\Windows\System32\dwm.exe - ok
14:59:00.0816 1480  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
14:59:00.0816 1480  C:\Windows\System32\UI0Detect.exe - ok
14:59:00.0831 1480  [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll
14:59:00.0831 1480  C:\Windows\System32\umrdp.dll - ok
14:59:00.0831 1480  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
14:59:00.0831 1480  C:\Windows\System32\upnphost.dll - ok
14:59:00.0831 1480  [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
14:59:00.0831 1480  C:\Windows\System32\vaultsvc.dll - ok
14:59:00.0847 1480  [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
14:59:00.0847 1480  C:\Windows\System32\vds.exe - ok
14:59:00.0847 1480  [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
14:59:00.0847 1480  C:\Windows\System32\drivers\volmgrx.sys - ok
14:59:00.0847 1480  [ E48FCE3820487A9CDDD83BBABC6B962C ] C:\Windows\System32\vmbusres.dll
14:59:00.0847 1480  C:\Windows\System32\vmbusres.dll - ok
14:59:00.0847 1480  [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
14:59:00.0847 1480  C:\Windows\System32\VSSVC.exe - ok
14:59:00.0863 1480  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
14:59:00.0863 1480  C:\Windows\System32\drivers\vwifibus.sys - ok
14:59:00.0863 1480  [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
14:59:00.0863 1480  C:\Windows\System32\w32time.dll - ok
14:59:00.0863 1480  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
14:59:00.0863 1480  C:\Windows\System32\wbengine.exe - ok
14:59:00.0863 1480  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
14:59:00.0863 1480  C:\Windows\System32\wbiosrvc.dll - ok
14:59:00.0878 1480  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
14:59:00.0878 1480  C:\Windows\System32\wcncsvc.dll - ok
14:59:00.0878 1480  [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
14:59:00.0878 1480  C:\Windows\System32\WcsPlugInService.dll - ok
14:59:00.0878 1480  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
14:59:00.0878 1480  C:\Windows\System32\wdi.dll - ok
14:59:00.0894 1480  [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
14:59:00.0894 1480  C:\Windows\System32\wecsvc.dll - ok
14:59:00.0894 1480  [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
14:59:00.0894 1480  C:\Program Files\Windows Defender\MsMpRes.dll - ok
14:59:00.0894 1480  [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
14:59:00.0894 1480  C:\Windows\System32\wercplsupport.dll - ok
14:59:00.0894 1480  [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
14:59:00.0894 1480  C:\Windows\System32\wersvc.dll - ok
14:59:00.0909 1480  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
14:59:00.0909 1480  C:\Windows\System32\winhttp.dll - ok
14:59:00.0909 1480  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
14:59:00.0909 1480  C:\Windows\System32\wbem\WMIsvc.dll - ok
14:59:00.0909 1480  [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
14:59:00.0909 1480  C:\Windows\System32\WsmSvc.dll - ok
14:59:00.0925 1480  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
14:59:00.0925 1480  C:\Windows\System32\wbem\WmiApSrv.exe - ok
14:59:00.0925 1480  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
14:59:00.0925 1480  C:\Windows\System32\wlansvc.dll - ok
14:59:00.0925 1480  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
14:59:00.0925 1480  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
14:59:00.0925 1480  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
14:59:00.0925 1480  C:\Windows\System32\drivers\ws2ifsl.sys - ok
14:59:00.0941 1480  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
14:59:00.0941 1480  C:\Windows\System32\SearchIndexer.exe - ok
14:59:00.0941 1480  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
14:59:00.0941 1480  C:\Windows\System32\wpcsvc.dll - ok
14:59:00.0941 1480  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
14:59:00.0941 1480  C:\Windows\System32\wpdbusenum.dll - ok
14:59:00.0941 1480  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
14:59:00.0941 1480  C:\Windows\System32\wscsvc.dll - ok
14:59:00.0956 1480  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
14:59:00.0956 1480  C:\Windows\System32\wuaueng.dll - ok
14:59:00.0956 1480  [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
14:59:00.0956 1480  C:\Windows\System32\WUDFSvc.dll - ok
14:59:00.0956 1480  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
14:59:00.0956 1480  C:\Windows\System32\wwansvc.dll - ok
14:59:00.0956 1480  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
14:59:00.0956 1480  C:\Windows\System32\ubpm.dll - ok
14:59:00.0972 1480  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
14:59:00.0972 1480  C:\Windows\System32\devrtl.dll - ok
14:59:00.0972 1480  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
14:59:00.0972 1480  C:\Windows\System32\SPInf.dll - ok
14:59:00.0987 1480  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
14:59:00.0987 1480  C:\Windows\System32\svchost.exe - ok
14:59:00.0987 1480  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
14:59:00.0987 1480  C:\Windows\System32\userenv.dll - ok
14:59:00.0987 1480  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
14:59:00.0987 1480  C:\Windows\System32\pcwum.dll - ok
14:59:00.0987 1480  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
14:59:00.0987 1480  C:\Windows\System32\powrprof.dll - ok
14:59:00.0987 1480  [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
14:59:00.0987 1480  C:\Windows\System32\drivers\WUDFPf.sys - ok
14:59:01.0003 1480  [ 43F91595049DE14C4B61D1E76436164F ] C:\Windows\System32\nvvsvc.exe
14:59:01.0003 1480  C:\Windows\System32\nvvsvc.exe - ok
14:59:01.0003 1480  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
14:59:01.0003 1480  C:\Windows\System32\wtsapi32.dll - ok
14:59:01.0003 1480  [ A766CCAD980235FF34E7F8089D3175A3 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:59:01.0003 1480  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
14:59:01.0003 1480  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
14:59:01.0003 1480  C:\Windows\SysWOW64\ntdll.dll - ok
14:59:01.0019 1480  [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
14:59:01.0019 1480  C:\Windows\System32\wow64.dll - ok
14:59:01.0019 1480  [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
14:59:01.0019 1480  C:\Windows\System32\wow64cpu.dll - ok
14:59:01.0019 1480  [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
14:59:01.0019 1480  C:\Windows\System32\wow64win.dll - ok
14:59:01.0019 1480  [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
14:59:01.0019 1480  C:\Windows\SysWOW64\kernel32.dll - ok
14:59:01.0034 1480  [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
14:59:01.0034 1480  C:\Windows\SysWOW64\KernelBase.dll - ok
14:59:01.0034 1480  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
14:59:01.0034 1480  C:\Windows\SysWOW64\msvcrt.dll - ok
14:59:01.0050 1480  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
14:59:01.0050 1480  C:\Windows\SysWOW64\setupapi.dll - ok
14:59:01.0050 1480  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
14:59:01.0050 1480  C:\Windows\SysWOW64\version.dll - ok
14:59:01.0050 1480  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
14:59:01.0050 1480  C:\Windows\SysWOW64\cfgmgr32.dll - ok
14:59:01.0065 1480  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
14:59:01.0065 1480  C:\Windows\SysWOW64\rpcrt4.dll - ok
14:59:01.0065 1480  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
14:59:01.0065 1480  C:\Windows\SysWOW64\sspicli.dll - ok
14:59:01.0065 1480  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
14:59:01.0065 1480  C:\Windows\SysWOW64\advapi32.dll - ok
14:59:01.0065 1480  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
14:59:01.0065 1480  C:\Windows\SysWOW64\cryptbase.dll - ok
14:59:01.0081 1480  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
14:59:01.0081 1480  C:\Windows\SysWOW64\gdi32.dll - ok
14:59:01.0081 1480  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
14:59:01.0081 1480  C:\Windows\SysWOW64\sechost.dll - ok
14:59:01.0081 1480  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
14:59:01.0081 1480  C:\Windows\SysWOW64\user32.dll - ok
14:59:01.0081 1480  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
14:59:01.0081 1480  C:\Windows\SysWOW64\lpk.dll - ok
14:59:01.0097 1480  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
14:59:01.0097 1480  C:\Windows\SysWOW64\oleaut32.dll - ok
14:59:01.0097 1480  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
14:59:01.0097 1480  C:\Windows\SysWOW64\usp10.dll - ok
14:59:01.0097 1480  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
14:59:01.0097 1480  C:\Windows\SysWOW64\ole32.dll - ok
14:59:01.0112 1480  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
14:59:01.0112 1480  C:\Windows\SysWOW64\devobj.dll - ok
14:59:01.0112 1480  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
14:59:01.0112 1480  C:\Windows\SysWOW64\imm32.dll - ok
14:59:01.0112 1480  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
14:59:01.0112 1480  C:\Windows\SysWOW64\msctf.dll - ok
14:59:01.0112 1480  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
14:59:01.0112 1480  C:\Windows\SysWOW64\winspool.drv - ok
14:59:01.0112 1480  [ 91B82AFC372093C48D225CB358250325 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
14:59:01.0112 1480  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
14:59:01.0128 1480  [ 7FB76BB304C9CE38BDC398707E1EEE74 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
14:59:01.0128 1480  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
14:59:01.0128 1480  [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
14:59:01.0128 1480  C:\Windows\SysWOW64\crypt32.dll - ok
14:59:01.0128 1480  [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
14:59:01.0128 1480  C:\Windows\SysWOW64\wintrust.dll - ok
14:59:01.0143 1480  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
14:59:01.0143 1480  C:\Windows\System32\rpcss.dll - ok
14:59:01.0143 1480  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
14:59:01.0143 1480  C:\Windows\SysWOW64\msasn1.dll - ok
14:59:01.0143 1480  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
14:59:01.0143 1480  C:\Windows\SysWOW64\ntmarta.dll - ok
14:59:01.0143 1480  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
14:59:01.0143 1480  C:\Windows\SysWOW64\Wldap32.dll - ok
14:59:01.0143 1480  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
14:59:01.0143 1480  C:\Windows\SysWOW64\devrtl.dll - ok
14:59:01.0159 1480  [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
14:59:01.0159 1480  C:\Windows\SysWOW64\SPInf.dll - ok
14:59:01.0159 1480  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
14:59:01.0159 1480  C:\Windows\System32\wshqos.dll - ok
14:59:01.0159 1480  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
14:59:01.0159 1480  C:\Windows\System32\WSHTCPIP.DLL - ok
14:59:01.0159 1480  [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
14:59:01.0159 1480  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
14:59:01.0175 1480  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:59:01.0175 1480  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
14:59:01.0175 1480  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
14:59:01.0175 1480  C:\Windows\System32\LogonUI.exe - ok
14:59:01.0175 1480  [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
14:59:01.0175 1480  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
14:59:01.0175 1480  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
14:59:01.0175 1480  C:\Windows\System32\authui.dll - ok
14:59:01.0190 1480  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
14:59:01.0190 1480  C:\Windows\System32\cryptui.dll - ok
14:59:01.0190 1480  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
14:59:01.0190 1480  C:\Windows\System32\ntmarta.dll - ok
14:59:01.0206 1480  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
14:59:01.0206 1480  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
14:59:01.0206 1480  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
14:59:01.0206 1480  C:\Windows\System32\shacct.dll - ok
14:59:01.0221 1480  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
14:59:01.0221 1480  C:\Windows\System32\samlib.dll - ok
14:59:01.0221 1480  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
14:59:01.0221 1480  C:\Windows\System32\propsys.dll - ok
14:59:01.0221 1480  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
14:59:01.0221 1480  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
14:59:01.0221 1480  [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
14:59:01.0221 1480  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
14:59:01.0237 1480  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
14:59:01.0237 1480  C:\Windows\System32\uxtheme.dll - ok
14:59:01.0237 1480  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
14:59:01.0237 1480  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
14:59:01.0237 1480  [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
14:59:01.0237 1480  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
14:59:01.0237 1480  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
14:59:01.0237 1480  C:\Windows\System32\dui70.dll - ok
14:59:01.0253 1480  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
14:59:01.0253 1480  C:\Windows\System32\MMDevAPI.dll - ok
14:59:01.0253 1480  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
14:59:01.0253 1480  C:\Windows\System32\adtschema.dll - ok
14:59:01.0253 1480  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
14:59:01.0253 1480  C:\Windows\System32\avrt.dll - ok
14:59:01.0253 1480  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
14:59:01.0253 1480  C:\Windows\System32\duser.dll - ok
14:59:01.0268 1480  [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
14:59:01.0268 1480  C:\Windows\System32\fltLib.dll - ok
14:59:01.0268 1480  [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
14:59:01.0268 1480  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
14:59:01.0268 1480  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
14:59:01.0268 1480  C:\Windows\System32\drivers\MpFilter.sys - ok
14:59:01.0268 1480  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
14:59:01.0268 1480  C:\Windows\System32\dwmapi.dll - ok
14:59:01.0284 1480  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
14:59:01.0284 1480  C:\Windows\System32\hid.dll - ok
14:59:01.0299 1480  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
14:59:01.0299 1480  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
14:59:01.0299 1480  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
14:59:01.0299 1480  C:\Windows\System32\SndVolSSO.dll - ok
14:59:01.0299 1480  [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
14:59:01.0299 1480  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
14:59:01.0299 1480  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
14:59:01.0299 1480  C:\Windows\System32\MPSSVC.dll - ok
14:59:01.0315 1480  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
14:59:01.0315 1480  C:\Windows\System32\xmllite.dll - ok
14:59:01.0315 1480  [ 78555E35CD15785B9EE62B8C8167A861 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82B459F4-1E84-43FE-B71F-F18900AE7495}\mpengine.dll
14:59:01.0315 1480  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82B459F4-1E84-43FE-B71F-F18900AE7495}\mpengine.dll - ok
14:59:01.0315 1480  [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
14:59:01.0315 1480  C:\Windows\System32\WindowsCodecs.dll - ok
14:59:01.0331 1480  [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
14:59:01.0331 1480  C:\Windows\System32\WUDFPlatform.dll - ok
14:59:01.0331 1480  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
14:59:01.0331 1480  C:\Windows\System32\PSHED.DLL - ok
14:59:01.0331 1480  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
14:59:01.0331 1480  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
14:59:01.0346 1480  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
14:59:01.0346 1480  C:\Windows\System32\winbrand.dll - ok
14:59:01.0346 1480  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
14:59:01.0346 1480  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
14:59:01.0346 1480  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
14:59:01.0346 1480  C:\Windows\System32\VaultCredProvider.dll - ok
14:59:01.0346 1480  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
14:59:01.0346 1480  C:\Windows\System32\BioCredProv.dll - ok
14:59:01.0362 1480  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
14:59:01.0362 1480  C:\Windows\System32\credui.dll - ok
14:59:01.0362 1480  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
14:59:01.0362 1480  C:\Windows\System32\vaultcli.dll - ok
14:59:01.0362 1480  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
14:59:01.0362 1480  C:\Windows\System32\winbio.dll - ok
14:59:01.0362 1480  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
14:59:01.0362 1480  C:\Windows\System32\certCredProvider.dll - ok
14:59:01.0377 1480  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
14:59:01.0377 1480  C:\Windows\System32\netapi32.dll - ok
14:59:01.0377 1480  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
14:59:01.0377 1480  C:\Windows\System32\netutils.dll - ok
14:59:01.0377 1480  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
14:59:01.0377 1480  C:\Windows\System32\rasplap.dll - ok
14:59:01.0377 1480  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
14:59:01.0377 1480  C:\Windows\System32\samcli.dll - ok
14:59:01.0393 1480  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
14:59:01.0393 1480  C:\Windows\System32\wkscli.dll - ok
14:59:01.0393 1480  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
14:59:01.0393 1480  C:\Windows\System32\rasapi32.dll - ok
14:59:01.0393 1480  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
14:59:01.0393 1480  C:\Windows\System32\rasman.dll - ok
14:59:01.0393 1480  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
14:59:01.0393 1480  C:\Windows\System32\rtutils.dll - ok
14:59:01.0409 1480  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
14:59:01.0409 1480  C:\Windows\System32\audiodg.exe - ok
14:59:01.0409 1480  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
14:59:01.0409 1480  C:\Windows\System32\oleacc.dll - ok
14:59:01.0409 1480  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
14:59:01.0409 1480  C:\Windows\System32\UIAutomationCore.dll - ok
14:59:01.0409 1480  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
14:59:01.0409 1480  C:\Windows\System32\msimg32.dll - ok
14:59:01.0424 1480  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
14:59:01.0424 1480  C:\Windows\System32\gpsvc.dll - ok
14:59:01.0424 1480  [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
14:59:01.0424 1480  C:\Windows\System32\nlaapi.dll - ok
14:59:01.0424 1480  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
14:59:01.0424 1480  C:\Windows\System32\PeerDist.dll - ok
14:59:01.0424 1480  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
14:59:01.0424 1480  C:\Windows\System32\atl.dll - ok
14:59:01.0440 1480  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
14:59:01.0440 1480  C:\Windows\System32\dsrole.dll - ok
14:59:01.0440 1480  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
14:59:01.0440 1480  C:\Windows\System32\es.dll - ok
14:59:01.0440 1480  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
14:59:01.0440 1480  C:\Windows\System32\slc.dll - ok
14:59:01.0440 1480  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
14:59:01.0440 1480  C:\Windows\System32\taskschd.dll - ok
14:59:01.0455 1480  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
14:59:01.0455 1480  C:\Windows\System32\mstask.dll - ok
14:59:01.0455 1480  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
14:59:01.0455 1480  C:\Windows\System32\uxsms.dll - ok
14:59:01.0455 1480  [ 0926C3B5CBF64C88F432FF449B211807 ] C:\Program Files\HitmanPro\hmpsched.exe
14:59:01.0455 1480  C:\Program Files\HitmanPro\hmpsched.exe - ok
14:59:01.0455 1480  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
14:59:01.0455 1480  C:\Windows\System32\drivers\lltdio.sys - ok
14:59:01.0471 1480  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
14:59:01.0471 1480  C:\Windows\System32\drivers\rspndr.sys - ok
14:59:01.0471 1480  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
14:59:01.0471 1480  C:\Windows\System32\IPHLPAPI.DLL - ok
14:59:01.0471 1480  [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
14:59:01.0471 1480  C:\Windows\System32\dhcpcore6.dll - ok
14:59:01.0471 1480  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
14:59:01.0471 1480  C:\Windows\System32\nrpsrv.dll - ok
14:59:01.0487 1480  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
14:59:01.0487 1480  C:\Windows\System32\winnsi.dll - ok
14:59:01.0487 1480  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
14:59:01.0487 1480  C:\Windows\System32\dnsrslvr.dll - ok
14:59:01.0487 1480  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
14:59:01.0487 1480  C:\Windows\System32\FWPUCLNT.DLL - ok
14:59:01.0487 1480  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
14:59:01.0487 1480  C:\Windows\System32\UXInit.dll - ok
14:59:01.0502 1480  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
14:59:01.0502 1480  C:\Windows\System32\dnsext.dll - ok
14:59:01.0502 1480  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
14:59:01.0502 1480  C:\Windows\System32\dhcpcsvc.dll - ok
14:59:01.0502 1480  [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
14:59:01.0502 1480  C:\Windows\System32\dhcpcsvc6.dll - ok
14:59:01.0502 1480  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
14:59:01.0502 1480  C:\Windows\System32\ktmw32.dll - ok
14:59:01.0518 1480  [ 52D2ECAE9642DB2EB57C56817426391A ] C:\Windows\System32\nvsvc64.dll
14:59:01.0518 1480  C:\Windows\System32\nvsvc64.dll - ok
14:59:01.0518 1480  [ 6103E3D8B9D82A27E417CC0AA8DD18EB ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
14:59:01.0518 1480  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
14:59:01.0518 1480  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
14:59:01.0518 1480  C:\Windows\System32\mscms.dll - ok
14:59:01.0518 1480  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
14:59:01.0518 1480  C:\Windows\System32\winmm.dll - ok
14:59:01.0533 1480  [ 10678E1B55E707861C6A3D69F3FECF9E ] C:\Windows\System32\nvapi64.dll
14:59:01.0533 1480  C:\Windows\System32\nvapi64.dll - ok
14:59:01.0533 1480  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
14:59:01.0533 1480  C:\Windows\System32\imageres.dll - ok
14:59:01.0533 1480  [ E05CC5994838C6822E6917819EBBED75 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
14:59:01.0533 1480  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
14:59:01.0533 1480  [ D7A5E830DAD2280E83D9B8AE9C920CA7 ] C:\Windows\System32\nvsvcr.dll
14:59:01.0533 1480  C:\Windows\System32\nvsvcr.dll - ok
14:59:01.0549 1480  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
14:59:01.0549 1480  C:\Windows\System32\taskcomp.dll - ok
14:59:01.0549 1480  [ CFD315539589E6A7DD5D30EA0C7BAEF9 ] C:\Windows\System32\nvcpl.dll
14:59:01.0549 1480  C:\Windows\System32\nvcpl.dll - ok
14:59:01.0549 1480  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
14:59:01.0549 1480  C:\Windows\System32\fveapi.dll - ok
14:59:01.0549 1480  [ E7E2FB3C0B21E21C23A700B93FD6CF8A ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
14:59:01.0549 1480  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
14:59:01.0565 1480  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
14:59:01.0565 1480  C:\Windows\System32\fvecerts.dll - ok
14:59:01.0565 1480  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
14:59:01.0565 1480  C:\Windows\System32\tbs.dll - ok
14:59:01.0580 1480  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
14:59:01.0580 1480  C:\Windows\System32\wiarpc.dll - ok
14:59:01.0580 1480  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
14:59:01.0580 1480  C:\Windows\System32\drivers\bowser.sys - ok
14:59:01.0580 1480  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
14:59:01.0580 1480  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
14:59:01.0596 1480  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
14:59:01.0596 1480  C:\Windows\System32\drivers\mpsdrv.sys - ok
14:59:01.0596 1480  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
14:59:01.0596 1480  C:\Windows\System32\drivers\mrxsmb.sys - ok
14:59:01.0596 1480  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
14:59:01.0596 1480  C:\Windows\System32\winspool.drv - ok
14:59:01.0596 1480  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
14:59:01.0596 1480  C:\Windows\System32\wfapigp.dll - ok
14:59:01.0611 1480  [ 64D687189F95A0CF221ACECF04D05B30 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
14:59:01.0611 1480  C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
14:59:01.0611 1480  [ 00FD84814C11788A619D4417841EEB48 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
14:59:01.0611 1480  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
14:59:01.0611 1480  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
14:59:01.0611 1480  C:\Windows\System32\drivers\mrxsmb10.sys - ok
14:59:01.0627 1480  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
14:59:01.0627 1480  C:\Windows\System32\drivers\mrxsmb20.sys - ok
14:59:01.0627 1480  [ DA1222CB9C156A33421B4A88BDEC5D8D ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
14:59:01.0627 1480  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
14:59:01.0627 1480  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:59:01.0627 1480  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
14:59:01.0627 1480  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
14:59:01.0627 1480  C:\Windows\System32\PeerDistSh.dll - ok
14:59:01.0643 1480  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
14:59:01.0643 1480  C:\Windows\SysWOW64\shell32.dll - ok
14:59:01.0643 1480  [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
14:59:01.0643 1480  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
14:59:01.0643 1480  [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
14:59:01.0643 1480  C:\Windows\System32\conhost.exe - ok
14:59:01.0658 1480  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
14:59:01.0658 1480  C:\Windows\SysWOW64\shlwapi.dll - ok
14:59:01.0658 1480  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
14:59:01.0658 1480  C:\Windows\System32\cabinet.dll - ok
14:59:01.0658 1480  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
14:59:01.0658 1480  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
14:59:01.0658 1480  [ A2494901E7226B356B8C1005C45F1C5F ] C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
14:59:01.0658 1480  C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE - ok
14:59:01.0674 1480  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
14:59:01.0674 1480  C:\Windows\SysWOW64\msi.dll - ok
14:59:01.0674 1480  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
14:59:01.0674 1480  C:\Windows\System32\wscapi.dll - ok
14:59:01.0674 1480  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
14:59:01.0674 1480  C:\Windows\System32\p2pcollab.dll - ok
14:59:01.0674 1480  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
14:59:01.0674 1480  C:\Windows\System32\fveui.dll - ok
14:59:01.0689 1480  [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
14:59:01.0689 1480  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
14:59:01.0689 1480  [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
14:59:01.0689 1480  C:\Windows\System32\slwga.dll - ok
14:59:01.0689 1480  [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
14:59:01.0689 1480  C:\Windows\System32\sppc.dll - ok
14:59:01.0705 1480  [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
14:59:01.0705 1480  C:\Windows\System32\cryptnet.dll - ok
14:59:01.0705 1480  [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
14:59:01.0705 1480  C:\Windows\SysWOW64\iertutil.dll - ok
14:59:01.0705 1480  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
14:59:01.0705 1480  C:\Windows\System32\WSDApi.dll - ok
14:59:01.0705 1480  [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
14:59:01.0705 1480  C:\Windows\SysWOW64\urlmon.dll - ok
14:59:01.0721 1480  [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
14:59:01.0721 1480  C:\Windows\SysWOW64\wininet.dll - ok
14:59:01.0721 1480  [ 0DCF16B1449811EFA47AB52CAC84093C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:59:01.0721 1480  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
14:59:01.0721 1480  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
14:59:01.0721 1480  C:\Windows\System32\vssapi.dll - ok
14:59:01.0721 1480  [ 923BB61D913C37EAB1570F236CCDCE41 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
14:59:01.0721 1480  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
14:59:01.0736 1480  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
14:59:01.0736 1480  C:\Windows\System32\webservices.dll - ok
14:59:01.0736 1480  [ AEBDB652D9273AD61E10C5D8F51C86FB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
14:59:01.0736 1480  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
14:59:01.0736 1480  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
14:59:01.0736 1480  C:\Windows\System32\fundisc.dll - ok
14:59:01.0752 1480  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
14:59:01.0752 1480  C:\Windows\System32\vsstrace.dll - ok
14:59:01.0752 1480  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
14:59:01.0752 1480  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
14:59:01.0752 1480  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
14:59:01.0752 1480  C:\Windows\SysWOW64\nsi.dll - ok
14:59:01.0752 1480  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
14:59:01.0752 1480  C:\Windows\SysWOW64\profapi.dll - ok
14:59:01.0767 1480  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
14:59:01.0767 1480  C:\Windows\SysWOW64\userenv.dll - ok
14:59:01.0767 1480  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
14:59:01.0767 1480  C:\Windows\SysWOW64\winnsi.dll - ok
14:59:01.0767 1480  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
14:59:01.0767 1480  C:\Windows\SysWOW64\ws2_32.dll - ok
14:59:01.0767 1480  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
14:59:01.0767 1480  C:\Windows\SysWOW64\wtsapi32.dll - ok
14:59:01.0783 1480  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
14:59:01.0783 1480  C:\Windows\System32\drivers\NisDrvWFP.sys - ok
14:59:01.0783 1480  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
14:59:01.0783 1480  C:\Windows\System32\aepic.dll - ok
14:59:01.0783 1480  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
14:59:01.0783 1480  C:\Windows\System32\dllhost.exe - ok
14:59:01.0799 1480  [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
14:59:01.0799 1480  C:\Windows\System32\ncsi.dll - ok
14:59:01.0799 1480  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
14:59:01.0799 1480  C:\Windows\System32\sfc.dll - ok
14:59:01.0799 1480  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
14:59:01.0799 1480  C:\Windows\System32\sfc_os.dll - ok
14:59:01.0799 1480  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
14:59:01.0799 1480  C:\Windows\SysWOW64\cryptsp.dll - ok
14:59:01.0814 1480  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
14:59:01.0814 1480  C:\Windows\System32\drivers\PEAuth.sys - ok
14:59:01.0814 1480  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
14:59:01.0814 1480  C:\Windows\System32\webio.dll - ok
14:59:01.0814 1480  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
14:59:01.0814 1480  C:\Windows\SysWOW64\rsaenh.dll - ok
14:59:01.0814 1480  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
14:59:01.0814 1480  C:\Windows\System32\drivers\secdrv.sys - ok
14:59:01.0830 1480  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
14:59:01.0830 1480  C:\Windows\System32\ssdpapi.dll - ok
14:59:01.0830 1480  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
14:59:01.0830 1480  C:\Windows\System32\snmpapi.dll - ok
14:59:01.0830 1480  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
14:59:01.0830 1480  C:\Windows\System32\IDStore.dll - ok
14:59:01.0845 1480  [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
14:59:01.0845 1480  C:\Windows\System32\taskhost.exe - ok
14:59:01.0845 1480  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
14:59:01.0845 1480  C:\Windows\System32\drivers\srvnet.sys - ok
14:59:01.0845 1480  [ 58D13B3D2CD54AFD395B7231761AF0A4 ] C:\Program Files\HitmanPro\HitmanPro.exe
14:59:01.0845 1480  C:\Program Files\HitmanPro\HitmanPro.exe - ok
14:59:01.0845 1480  [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
14:59:01.0845 1480  C:\Windows\System32\drivers\tcpipreg.sys - ok
14:59:01.0861 1480  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
14:59:01.0861 1480  C:\Windows\System32\NapiNSP.dll - ok
14:59:01.0861 1480  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
14:59:01.0861 1480  C:\Windows\System32\AtBroker.exe - ok
14:59:01.0861 1480  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
14:59:01.0861 1480  C:\Windows\System32\PlaySndSrv.dll - ok
14:59:01.0861 1480  [ 83682F469A3D65E8B6F06C28212318BD ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
14:59:01.0861 1480  C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe - ok
14:59:01.0877 1480  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
14:59:01.0877 1480  C:\Windows\System32\mpr.dll - ok
14:59:01.0877 1480  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
14:59:01.0877 1480  C:\Windows\System32\pnrpnsp.dll - ok
14:59:01.0877 1480  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
14:59:01.0877 1480  C:\Windows\System32\wiatrace.dll - ok
14:59:01.0892 1480  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
14:59:01.0892 1480  C:\Windows\System32\winrnr.dll - ok
14:59:01.0892 1480  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
14:59:01.0892 1480  C:\Windows\System32\rasadhlp.dll - ok
14:59:01.0892 1480  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
14:59:01.0892 1480  C:\Windows\System32\taskeng.exe - ok
14:59:01.0892 1480  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
14:59:01.0892 1480  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
14:59:01.0908 1480  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
14:59:01.0908 1480  C:\Windows\System32\userinit.exe - ok
14:59:01.0908 1480  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
14:59:01.0908 1480  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
14:59:01.0908 1480  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
14:59:01.0908 1480  C:\Windows\System32\HotStartUserAgent.dll - ok
14:59:01.0923 1480  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
14:59:01.0923 1480  C:\Windows\System32\httpapi.dll - ok
14:59:01.0923 1480  [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
14:59:01.0923 1480  C:\Windows\System32\wsdchngr.dll - ok
14:59:01.0923 1480  [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
14:59:01.0923 1480  C:\Windows\System32\msxml6.dll - ok
14:59:01.0923 1480  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
14:59:01.0923 1480  C:\Windows\System32\dwmredir.dll - ok
14:59:01.0939 1480  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
14:59:01.0939 1480  C:\Windows\System32\MsCtfMonitor.dll - ok
14:59:01.0939 1480  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
14:59:01.0939 1480  C:\Windows\System32\drivers\srv2.sys - ok
14:59:01.0939 1480  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
14:59:01.0939 1480  C:\Windows\System32\dwmcore.dll - ok
14:59:01.0955 1480  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
14:59:01.0955 1480  C:\Windows\System32\fdPnp.dll - ok
14:59:01.0955 1480  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
14:59:01.0955 1480  C:\Windows\System32\msutb.dll - ok
14:59:01.0955 1480  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
14:59:01.0955 1480  C:\Windows\System32\drivers\srv.sys - ok
14:59:01.0955 1480  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
14:59:01.0955 1480  C:\Windows\System32\wbemcomn.dll - ok
14:59:01.0970 1480  [ 4A0160911507281A74B4B2058CA93035 ] C:\Windows\System32\HPScanTRDrv_OJ8600.dll
14:59:01.0970 1480  C:\Windows\System32\HPScanTRDrv_OJ8600.dll - ok
14:59:01.0970 1480  [ F6FA875EB761713BE1C062A2FA2CDCB2 ] C:\Windows\System32\HPWia2_OJ8600.dll
14:59:01.0970 1480  C:\Windows\System32\HPWia2_OJ8600.dll - ok
14:59:01.0970 1480  [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
14:59:01.0970 1480  C:\Windows\System32\d3d10_1.dll - ok
14:59:01.0986 1480  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
14:59:01.0986 1480  C:\Windows\System32\dbghelp.dll - ok
14:59:01.0986 1480  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
14:59:01.0986 1480  C:\Windows\System32\sqmapi.dll - ok
14:59:01.0986 1480  [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
14:59:01.0986 1480  C:\Windows\System32\d3d10_1core.dll - ok
14:59:01.0986 1480  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
14:59:01.0986 1480  C:\Windows\System32\TSChannel.dll - ok
14:59:02.0001 1480  [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
14:59:02.0001 1480  C:\Windows\System32\dxgi.dll - ok
14:59:02.0001 1480  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
14:59:02.0001 1480  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
14:59:02.0017 1480  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
14:59:02.0017 1480  C:\Windows\System32\wbem\fastprox.dll - ok
14:59:02.0017 1480  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
14:59:02.0017 1480  C:\Windows\System32\wdscore.dll - ok
14:59:02.0017 1480  [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:59:02.0017 1480  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe - ok
14:59:02.0033 1480  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
14:59:02.0033 1480  C:\Windows\System32\ntdsapi.dll - ok
14:59:02.0033 1480  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
14:59:02.0033 1480  C:\Windows\System32\wbem\wbemprox.dll - ok
14:59:02.0048 1480  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
14:59:02.0048 1480  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
14:59:02.0064 1480  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
14:59:02.0064 1480  C:\Windows\explorer.exe - ok
14:59:02.0064 1480  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
14:59:02.0064 1480  C:\Windows\SysWOW64\msimg32.dll - ok
14:59:02.0064 1480  [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
14:59:02.0064 1480  C:\Windows\SysWOW64\Faultrep.dll - ok
14:59:02.0064 1480  [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
14:59:02.0064 1480  C:\Windows\SysWOW64\wer.dll - ok
14:59:02.0079 1480  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
14:59:02.0079 1480  C:\Windows\System32\netmsg.dll - ok
14:59:02.0079 1480  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
14:59:02.0079 1480  C:\Windows\System32\wbem\WinMgmtR.dll - ok
14:59:02.0079 1480  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
14:59:02.0079 1480  C:\Windows\SysWOW64\clbcatq.dll - ok
14:59:02.0079 1480  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
14:59:02.0079 1480  C:\Windows\SysWOW64\propsys.dll - ok
14:59:02.0095 1480  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
14:59:02.0095 1480  C:\Windows\System32\ExplorerFrame.dll - ok
14:59:02.0095 1480  [ 83C637BA1A2E085BFF9C1D660B7D37F9 ] C:\Windows\System32\nvwgf2umx.dll
14:59:02.0095 1480  C:\Windows\System32\nvwgf2umx.dll - ok
14:59:02.0095 1480  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
14:59:02.0095 1480  C:\Windows\System32\clusapi.dll - ok
14:59:02.0111 1480  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
14:59:02.0111 1480  C:\Windows\System32\sscore.dll - ok
14:59:02.0111 1480  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
14:59:02.0111 1480  C:\Windows\System32\netcfgx.dll - ok
14:59:02.0111 1480  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
14:59:02.0111 1480  C:\Windows\System32\resutils.dll - ok
14:59:02.0111 1480  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:59:02.0111 1480  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
14:59:02.0126 1480  [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
14:59:02.0126 1480  C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
14:59:02.0126 1480  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
14:59:02.0126 1480  C:\Windows\System32\hnetcfg.dll - ok
14:59:02.0126 1480  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
14:59:02.0126 1480  C:\Windows\System32\EhStorShell.dll - ok
14:59:02.0142 1480  [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
14:59:02.0142 1480  C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL - ok
14:59:02.0142 1480  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
14:59:02.0142 1480  C:\Windows\System32\wbem\wbemcore.dll - ok
14:59:02.0142 1480  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
14:59:02.0142 1480  C:\Windows\SysWOW64\netapi32.dll - ok
14:59:02.0142 1480  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
14:59:02.0142 1480  C:\Windows\SysWOW64\netutils.dll - ok
14:59:02.0157 1480  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
14:59:02.0157 1480  C:\Windows\SysWOW64\imagehlp.dll - ok
14:59:02.0157 1480  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
14:59:02.0157 1480  C:\Windows\SysWOW64\srvcli.dll - ok
14:59:02.0157 1480  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
14:59:02.0157 1480  C:\Windows\SysWOW64\wkscli.dll - ok
14:59:02.0173 1480  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
14:59:02.0173 1480  C:\Windows\System32\wbem\esscli.dll - ok
14:59:02.0173 1480  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
14:59:02.0173 1480  C:\Windows\SysWOW64\cscapi.dll - ok
14:59:02.0173 1480  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
14:59:02.0173 1480  C:\Windows\System32\wbem\wbemsvc.dll - ok
14:59:02.0173 1480  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
14:59:02.0173 1480  C:\Windows\SysWOW64\dbghelp.dll - ok
14:59:02.0189 1480  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
14:59:02.0189 1480  C:\Windows\System32\nci.dll - ok
14:59:02.0189 1480  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
14:59:02.0189 1480  C:\Windows\System32\uDWM.dll - ok
14:59:02.0189 1480  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
14:59:02.0189 1480  C:\Windows\SysWOW64\psapi.dll - ok
14:59:02.0204 1480  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
14:59:02.0204 1480  C:\Windows\System32\wbem\wmiutils.dll - ok
14:59:02.0204 1480  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
14:59:02.0204 1480  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
14:59:02.0204 1480  [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe
14:59:02.0204 1480  C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe - ok
14:59:02.0220 1480  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
14:59:02.0220 1480  C:\Windows\System32\wbem\repdrvfs.dll - ok
14:59:02.0220 1480  [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
14:59:02.0220 1480  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
14:59:02.0220 1480  [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
14:59:02.0220 1480  C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
14:59:02.0220 1480  [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
14:59:02.0220 1480  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
14:59:02.0235 1480  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
14:59:02.0235 1480  C:\Windows\SysWOW64\sxs.dll - ok
14:59:02.0251 1480  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
14:59:02.0251 1480  C:\Windows\SysWOW64\apphelp.dll - ok
14:59:02.0251 1480  [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
14:59:02.0251 1480  C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
14:59:02.0251 1480  [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
14:59:02.0251 1480  C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
14:59:02.0267 1480  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
14:59:02.0267 1480  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
14:59:02.0267 1480  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
14:59:02.0267 1480  C:\Windows\SysWOW64\wbemcomn.dll - ok
14:59:02.0267 1480  [ 1C350B12A71B2AC5947AFB20E235513A ] C:\PROGRA~1\MICROS~4\Office14\1031\GrooveIntlResource.dll
14:59:02.0267 1480  C:\PROGRA~1\MICROS~4\Office14\1031\GrooveIntlResource.dll - ok
14:59:02.0282 1480  [ AC261B61E9F38180EECD0B3CFB2596B5 ] C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
14:59:02.0282 1480  C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe - ok
14:59:02.0282 1480  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
14:59:02.0282 1480  C:\Windows\System32\ncobjapi.dll - ok
14:59:02.0282 1480  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
14:59:02.0282 1480  C:\Windows\System32\wbem\wbemess.dll - ok
14:59:02.0282 1480  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
14:59:02.0282 1480  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
14:59:02.0298 1480  [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
14:59:02.0298 1480  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
14:59:02.0298 1480  [ F6CC2FD47787F6E7045D544E1B568458 ] C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
14:59:02.0298 1480  C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe - ok
14:59:02.0298 1480  [ A23945FF122DCD5570FE2D135B8F0A10 ] C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
14:59:02.0298 1480  C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe - ok
14:59:02.0313 1480  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
14:59:02.0313 1480  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
14:59:02.0313 1480  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
14:59:02.0313 1480  C:\Windows\System32\cscdll.dll - ok
14:59:02.0313 1480  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
14:59:02.0313 1480  C:\Windows\System32\cscui.dll - ok
14:59:02.0313 1480  [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
14:59:02.0313 1480  C:\Windows\System32\pdh.dll - ok
14:59:02.0329 1480  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
14:59:02.0329 1480  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
14:59:02.0329 1480  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
14:59:02.0329 1480  C:\Windows\System32\cscapi.dll - ok
14:59:02.0329 1480  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
14:59:02.0329 1480  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
14:59:02.0345 1480  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
14:59:02.0345 1480  C:\Windows\System32\ntshrui.dll - ok
14:59:02.0345 1480  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
14:59:02.0345 1480  C:\Windows\SysWOW64\ntdsapi.dll - ok
14:59:02.0345 1480  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
14:59:02.0345 1480  C:\Windows\SysWOW64\uxtheme.dll - ok
14:59:02.0345 1480  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
14:59:02.0345 1480  C:\Windows\System32\IconCodecService.dll - ok
14:59:02.0360 1480  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
14:59:02.0360 1480  C:\Windows\System32\wbem\NCProv.dll - ok
14:59:02.0360 1480  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
14:59:02.0360 1480  C:\Windows\System32\runonce.exe - ok
14:59:02.0360 1480  [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
14:59:02.0360 1480  C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
14:59:02.0376 1480  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
14:59:02.0376 1480  C:\Windows\System32\wuapi.dll - ok
14:59:02.0376 1480  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
14:59:02.0376 1480  C:\Windows\System32\aeevts.dll - ok
14:59:02.0376 1480  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
14:59:02.0376 1480  C:\Windows\System32\wups.dll - ok
14:59:02.0376 1480  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
14:59:02.0376 1480  C:\Windows\SysWOW64\runonce.exe - ok
14:59:02.0391 1480  [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
14:59:02.0391 1480  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
14:59:02.0391 1480  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
14:59:02.0391 1480  C:\Windows\System32\perftrack.dll - ok
14:59:02.0391 1480  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
14:59:02.0391 1480  C:\Windows\System32\wer.dll - ok
14:59:02.0407 1480  [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
14:59:02.0407 1480  C:\Program Files\Microsoft Security Client\NisLog.dll - ok
14:59:02.0407 1480  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
14:59:02.0407 1480  C:\Windows\System32\npmproxy.dll - ok
14:59:02.0407 1480  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
14:59:02.0407 1480  C:\Windows\System32\umb.dll - ok
14:59:02.0423 1480  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
14:59:02.0423 1480  C:\Windows\System32\diagperf.dll - ok
14:59:02.0423 1480  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
14:59:02.0423 1480  C:\Windows\System32\localspl.dll - ok
14:59:02.0423 1480  [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] D:\PROGRA~1\Office\Office14\GROOVEEX.DLL
14:59:02.0423 1480  D:\PROGRA~1\Office\Office14\GROOVEEX.DLL - ok
14:59:02.0423 1480  [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
14:59:02.0423 1480  C:\Windows\System32\icm32.dll - ok
14:59:02.0438 1480  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
14:59:02.0438 1480  C:\Windows\System32\spoolss.dll - ok
14:59:02.0438 1480  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
14:59:02.0438 1480  C:\Windows\System32\pnpts.dll - ok
14:59:02.0438 1480  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
14:59:02.0438 1480  C:\Windows\System32\radardt.dll - ok
14:59:02.0454 1480  [ 488256C0AFA4D9C1CB3084C2956288DF ] C:\Windows\System32\CNMLMAH.DLL
14:59:02.0454 1480  C:\Windows\System32\CNMLMAH.DLL - ok
14:59:02.0454 1480  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
14:59:02.0454 1480  C:\Windows\System32\PrintIsolationProxy.dll - ok
14:59:02.0454 1480  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
14:59:02.0454 1480  C:\Windows\System32\wdiasqmmodule.dll - ok
14:59:02.0454 1480  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
14:59:02.0454 1480  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
14:59:02.0469 1480  [ 2490423CB5B228E337F1E14E3F9B6310 ] C:\Windows\System32\CNMXLMAH.DLL
14:59:02.0469 1480  C:\Windows\System32\CNMXLMAH.DLL - ok
14:59:02.0469 1480  [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
14:59:02.0469 1480  C:\Windows\System32\riched20.dll - ok
14:59:02.0469 1480  [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
14:59:02.0469 1480  C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
14:59:02.0485 1480  [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
14:59:02.0485 1480  C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
14:59:02.0485 1480  [ C68646093AB79AC5D794E5CED965BAE7 ] C:\Windows\System32\wow64mib.dll
14:59:02.0485 1480  C:\Windows\System32\wow64mib.dll - ok
14:59:02.0485 1480  [ F24F083224944042B1F3CF5B7A1BA1EE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\gapaengine.dll
14:59:02.0485 1480  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\gapaengine.dll - ok
14:59:02.0501 1480  [ BB3A49A23E53107D692F0D736473CEFE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\nisfull.vdm
14:59:02.0501 1480  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7CE9186-F613-4CD1-9C1A-762F84FE644B}\nisfull.vdm - ok
14:59:02.0501 1480  [ A14F896D4E5314E4E8732F894661F03B ] C:\Windows\System32\CNMN6PPM.DLL
14:59:02.0501 1480  C:\Windows\System32\CNMN6PPM.DLL - ok
14:59:02.0501 1480  [ 8F5171C837E64FF0AC48F0A29DD9E180 ] C:\Windows\SysWOW64\snmp.exe
14:59:02.0501 1480  C:\Windows\SysWOW64\snmp.exe - ok
14:59:02.0501 1480  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
14:59:02.0501 1480  C:\Windows\System32\Apphlpdm.dll - ok
14:59:02.0516 1480  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
14:59:02.0516 1480  C:\Windows\System32\PortableDeviceApi.dll - ok
14:59:02.0516 1480  [ D1E42B22C1E33CF752E23AFC32F89675 ] C:\Windows\System32\hpinksts5912LM.dll
14:59:02.0516 1480  C:\Windows\System32\hpinksts5912LM.dll - ok
14:59:02.0516 1480  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
14:59:02.0516 1480  C:\Windows\System32\SensApi.dll - ok
14:59:02.0532 1480  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
14:59:02.0532 1480  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
14:59:02.0532 1480  [ ACFD0B03F25EF6C7666A7F634CD86C14 ] C:\Windows\System32\HPDiscoPM5912.dll
14:59:02.0532 1480  C:\Windows\System32\HPDiscoPM5912.dll - ok
14:59:02.0532 1480  [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
14:59:02.0532 1480  C:\Windows\SysWOW64\snmpapi.dll - ok
14:59:02.0547 1480  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
14:59:02.0547 1480  C:\Windows\System32\wsnmp32.dll - ok
14:59:02.0547 1480  [ D0B8B51B89AC0640AC069403B4800787 ] C:\Windows\SysWOW64\Rcontrolagent.dll
14:59:02.0547 1480  C:\Windows\SysWOW64\Rcontrolagent.dll - ok
14:59:02.0547 1480  [ 81DD18FC6EBDE4AB7D5698EC2DF3F9E1 ] C:\Windows\SysWOW64\CmosDLL.dll
14:59:02.0547 1480  C:\Windows\SysWOW64\CmosDLL.dll - ok
14:59:02.0547 1480  [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
14:59:02.0547 1480  C:\Windows\System32\drivers\WUDFRd.sys - ok
14:59:02.0563 1480  [ 00EF572A5B9216630F874B6122E54117 ] C:\Windows\SysWOW64\ycc.dll
14:59:02.0563 1480  C:\Windows\SysWOW64\ycc.dll - ok
14:59:02.0563 1480  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
14:59:02.0563 1480  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
14:59:02.0563 1480  [ 4412705F7FD88AACB1DAD2ED321C3328 ] C:\Windows\gdrv.sys
14:59:02.0563 1480  C:\Windows\gdrv.sys - ok
14:59:02.0579 1480  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
14:59:02.0579 1480  C:\Windows\System32\FXSMON.dll - ok
14:59:02.0594 1480  [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
14:59:02.0594 1480  C:\Windows\System32\WUDFHost.exe - ok
14:59:02.0594 1480  [ AB89D70762C6A5E4803EDA057622EB98 ] C:\Windows\System32\pdfcmon.dll
14:59:02.0594 1480  C:\Windows\System32\pdfcmon.dll - ok
14:59:02.0594 1480  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
14:59:02.0594 1480  C:\Windows\System32\tcpmon.dll - ok
14:59:02.0594 1480  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
14:59:02.0594 1480  C:\Windows\SysWOW64\secur32.dll - ok
14:59:02.0610 1480  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
14:59:02.0610 1480  C:\Windows\System32\usbmon.dll - ok
14:59:02.0610 1480  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
14:59:02.0610 1480  C:\Windows\System32\WSDMon.dll - ok
14:59:02.0610 1480  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
14:59:02.0610 1480  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
14:59:02.0625 1480  [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
14:59:02.0625 1480  C:\Windows\System32\spp.dll - ok
14:59:02.0625 1480  [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
14:59:02.0625 1480  C:\Windows\System32\srclient.dll - ok
14:59:02.0625 1480  [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
14:59:02.0625 1480  C:\Windows\System32\win32spl.dll - ok
14:59:02.0641 1480  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
14:59:02.0641 1480  C:\Windows\System32\inetpp.dll - ok
14:59:02.0641 1480  [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
14:59:02.0641 1480  C:\Windows\System32\WUDFx.dll - ok
14:59:02.0641 1480  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
14:59:02.0641 1480  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
14:59:02.0657 1480  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
14:59:02.0657 1480  C:\Windows\System32\WMVCORE.DLL - ok
14:59:02.0657 1480  [ 44F92C1F913E582BEF9CAC66443C6230 ] C:\Windows\System32\drivers\hitmanpro36.sys
14:59:02.0657 1480  C:\Windows\System32\drivers\hitmanpro36.sys - ok
14:59:02.0657 1480  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
14:59:02.0657 1480  C:\Windows\System32\tdh.dll - ok
14:59:02.0657 1480  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
14:59:02.0657 1480  C:\Windows\System32\dssenh.dll - ok
14:59:02.0672 1480  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
14:59:02.0672 1480  C:\Windows\System32\WMASF.DLL - ok
14:59:02.0672 1480  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
14:59:02.0672 1480  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
14:59:02.0672 1480  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
14:59:02.0672 1480  C:\Windows\System32\dimsjob.dll - ok
14:59:02.0688 1480  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
14:59:02.0688 1480  C:\Windows\System32\PortableDeviceTypes.dll - ok
14:59:02.0688 1480  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
14:59:02.0688 1480  C:\Windows\System32\pnidui.dll - ok
14:59:02.0688 1480  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
14:59:02.0688 1480  C:\Windows\System32\pautoenr.dll - ok
14:59:02.0703 1480  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
14:59:02.0703 1480  C:\Windows\System32\wmp.dll - ok
14:59:02.0703 1480  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
14:59:02.0703 1480  C:\Windows\System32\certcli.dll - ok
14:59:02.0703 1480  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
14:59:02.0703 1480  C:\Windows\System32\CertEnroll.dll - ok
14:59:02.0703 1480  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
14:59:02.0703 1480  C:\Windows\SysWOW64\cmd.exe - ok
14:59:02.0719 1480  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
14:59:02.0719 1480  C:\Windows\System32\drivers\nwifi.sys - ok
14:59:02.0719 1480  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
14:59:02.0719 1480  C:\Windows\SysWOW64\winbrand.dll - ok
14:59:02.0719 1480  [ 8A4FC52B98E8CA135B90008FFB979C2A ] C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll
14:59:02.0719 1480  C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
14:59:02.0735 1480  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
14:59:02.0735 1480  C:\Windows\System32\esent.dll - ok
14:59:02.0735 1480  [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
14:59:02.0735 1480  C:\Windows\System32\wscisvif.dll - ok
14:59:02.0735 1480  [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
14:59:02.0735 1480  C:\Windows\System32\wscproxystub.dll - ok
14:59:02.0750 1480  [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
14:59:02.0750 1480  C:\Windows\SysWOW64\ieframe.dll - ok
14:59:02.0750 1480  [ 65728F2E5892603FEB016BED03F35576 ] C:\Program Files (x86)\Hardcopy\hardcopy_04.dll
14:59:02.0750 1480  C:\Program Files (x86)\Hardcopy\hardcopy_04.dll - ok
14:59:02.0750 1480  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
14:59:02.0750 1480  C:\Windows\SysWOW64\oleacc.dll - ok
14:59:02.0750 1480  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
14:59:02.0750 1480  C:\Windows\SysWOW64\dwmapi.dll - ok
14:59:02.0781 1480  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
14:59:02.0781 1480  C:\Windows\SysWOW64\shdocvw.dll - ok
14:59:02.0781 1480  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
14:59:02.0781 1480  C:\Windows\SysWOW64\mstask.dll - ok
14:59:02.0797 1480  [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
14:59:02.0797 1480  C:\Windows\System32\CertPolEng.dll - ok
14:59:02.0797 1480  [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
14:59:02.0797 1480  C:\Program Files\Windows Defender\MpClient.dll - ok
14:59:02.0797 1480  [ 03315AF1930A7E67EDAEF80FA8CF62AC ] C:\Windows\System32\spool\drivers\x64\3\fpgraph6.dll
14:59:02.0797 1480  C:\Windows\System32\spool\drivers\x64\3\fpgraph6.dll - ok
14:59:02.0813 1480  [ 9B799C2D73A9BC4ED8213A6FC664BB52 ] C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll
14:59:02.0813 1480  C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll - ok
14:59:02.0813 1480  [ 02D0097DF8ED69715E38CBB212076BA8 ] C:\Windows\System32\spool\drivers\x64\3\fpinter6.dll
14:59:02.0813 1480  C:\Windows\System32\spool\drivers\x64\3\fpinter6.dll - ok
14:59:02.0813 1480  [ 549051F73B6B43EB988AA36C86663642 ] C:\Windows\System32\spool\drivers\x64\3\fpres6-x64.dll
14:59:02.0813 1480  C:\Windows\System32\spool\drivers\x64\3\fpres6-x64.dll - ok
14:59:02.0828 1480  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
14:59:02.0828 1480  C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
14:59:02.0828 1480  [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\Users\Berni\AppData\Local\Temp\A183762A-EE30-41DE-9D9C-FCA2EAEEFC90.exe
14:59:02.0828 1480  C:\Users\Berni\AppData\Local\Temp\A183762A-EE30-41DE-9D9C-FCA2EAEEFC90.exe - ok
14:59:02.0828 1480  [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
14:59:02.0828 1480  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
14:59:02.0844 1480  [ A7B7C0B0A9CBA84CA1F94FEE32A20E45 ] C:\Windows\System32\spool\drivers\x64\3\hpvplui06.dll
14:59:02.0844 1480  C:\Windows\System32\spool\drivers\x64\3\hpvplui06.dll - ok
14:59:02.0844 1480  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
14:59:02.0844 1480  C:\Windows\SysWOW64\bcrypt.dll - ok
14:59:02.0844 1480  [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
14:59:02.0844 1480  C:\Windows\SysWOW64\ncrypt.dll - ok
14:59:02.0844 1480  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
14:59:02.0844 1480  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
14:59:02.0859 1480  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
14:59:02.0859 1480  C:\Windows\SysWOW64\gpapi.dll - ok
14:59:02.0859 1480  [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
14:59:02.0859 1480  C:\Windows\SysWOW64\cryptnet.dll - ok
14:59:02.0859 1480  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
14:59:02.0859 1480  C:\Windows\SysWOW64\SensApi.dll - ok
14:59:02.0875 1480  [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
14:59:02.0875 1480  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
14:59:02.0875 1480  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
14:59:02.0875 1480  C:\Windows\SysWOW64\EhStorShell.dll - ok
14:59:02.0875 1480  [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
14:59:02.0875 1480  C:\Windows\System32\ieframe.dll - ok
14:59:02.0875 1480  [ 39C1BE32A5CBE96A70EB883CCDF3206A ] D:\PROGRA~1\Office\Office14\1031\GrooveIntlResource.dll
14:59:02.0875 1480  D:\PROGRA~1\Office\Office14\1031\GrooveIntlResource.dll - ok
14:59:02.0891 1480  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
14:59:02.0891 1480  C:\Windows\SysWOW64\ntshrui.dll - ok
14:59:02.0891 1480  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
14:59:02.0891 1480  C:\Windows\SysWOW64\imageres.dll - ok
14:59:02.0891 1480  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
14:59:02.0891 1480  C:\Windows\SysWOW64\slc.dll - ok
14:59:02.0906 1480  [ A8041267569A2154908446D47A19A765 ] C:\Program Files (x86)\Real\RealPlayer\lang\upgrade_de.dll
         

Alt 16.10.2012, 07:14   #8
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



TDDSKiller Teil 3:

Code:
ATTFilter
14:59:02.0906 1480  C:\Program Files (x86)\Real\RealPlayer\lang\upgrade_de.dll - ok
14:59:02.0906 1480  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
14:59:02.0906 1480  C:\Windows\System32\mlang.dll - ok
14:59:02.0906 1480  [ F9E79E59A6A5C800BCE9665C1A6A683B ] C:\Windows\SysWOW64\DTInfo.dll
14:59:02.0906 1480  C:\Windows\SysWOW64\DTInfo.dll - ok
14:59:02.0906 1480  [ 5CD04789803F302A34D4F1766438600D ] C:\Windows\SysWOW64\SInfo.dll
14:59:02.0906 1480  C:\Windows\SysWOW64\SInfo.dll - ok
14:59:02.0922 1480  [ 6AF4D30F6A59AAB460D545559F854D0D ] C:\Windows\SysWOW64\DrvInfo.dll
14:59:02.0922 1480  C:\Windows\SysWOW64\DrvInfo.dll - ok
14:59:02.0922 1480  [ E909AC1AC5DE25F7BCCD3DC87C3590BA ] C:\Windows\SysWOW64\HwInfo.dll
14:59:02.0922 1480  C:\Windows\SysWOW64\HwInfo.dll - ok
14:59:02.0922 1480  [ 42D0F87E5D1D5CC779FA6E29C83A4CB6 ] C:\Windows\SysWOW64\IOInfo.dll
14:59:02.0922 1480  C:\Windows\SysWOW64\IOInfo.dll - ok
14:59:02.0937 1480  [ 102CC4DF4DA1ED1F49005F227F5942B8 ] C:\Windows\SysWOW64\SysConfig.dll
14:59:02.0937 1480  C:\Windows\SysWOW64\SysConfig.dll - ok
14:59:02.0937 1480  [ 85B7C54D43F4192A8EB6D2DB9205AB6D ] C:\Windows\SysWOW64\FLASHFUN.DLL
14:59:02.0937 1480  C:\Windows\SysWOW64\FLASHFUN.DLL - ok
14:59:02.0937 1480  [ 79B704AD04F37ADE516FD932E57DCBF7 ] C:\Windows\SysWOW64\MarkFunDrv.dll
14:59:02.0937 1480  C:\Windows\SysWOW64\MarkFunDrv.dll - ok
14:59:02.0937 1480  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
14:59:02.0937 1480  C:\Windows\SysWOW64\winmm.dll - ok
14:59:02.0953 1480  [ 00D92AD35D38DDC5776D9B401555B76D ] C:\Windows\SysWOW64\MARKFUN.A64
14:59:02.0953 1480  C:\Windows\SysWOW64\MARKFUN.A64 - ok
14:59:02.0953 1480  [ BB95007D5FB4C3AECB885A0040066F60 ] C:\Windows\SysWOW64\DeviceID.dll
14:59:02.0953 1480  C:\Windows\SysWOW64\DeviceID.dll - ok
14:59:02.0953 1480  [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\SysWOW64\vdmdbg.dll
14:59:02.0953 1480  C:\Windows\SysWOW64\vdmdbg.dll - ok
14:59:02.0953 1480  [ C2A12B061F591E093E3FD99D75811398 ] C:\Windows\SysWOW64\imaadp32.acm
14:59:02.0953 1480  C:\Windows\SysWOW64\imaadp32.acm - ok
14:59:02.0969 1480  [ BF3D6F7D929E018703BE2D4556DD679A ] C:\Windows\SysWOW64\msg711.acm
14:59:02.0969 1480  C:\Windows\SysWOW64\msg711.acm - ok
14:59:02.0969 1480  [ AE796D3FD1C69CE62BB6AFACDFB950AA ] C:\Windows\SysWOW64\msgsm32.acm
14:59:02.0969 1480  C:\Windows\SysWOW64\msgsm32.acm - ok
14:59:02.0969 1480  [ 55663BED58AEDDE8ADE37A582CD8380C ] C:\Windows\SysWOW64\iyuv_32.dll
14:59:02.0969 1480  C:\Windows\SysWOW64\iyuv_32.dll - ok
14:59:02.0969 1480  [ 8EE566982477BC5886FE622CEBEE9C86 ] C:\Windows\SysWOW64\msadp32.acm
14:59:02.0969 1480  C:\Windows\SysWOW64\msadp32.acm - ok
14:59:02.0969 1480  [ 04FAE971A77E76B3F4EF44053AEE0905 ] C:\Windows\SysWOW64\msrle32.dll
14:59:02.0969 1480  C:\Windows\SysWOW64\msrle32.dll - ok
14:59:02.0984 1480  [ 45DC6C69CE5759666EC758BAD657B040 ] C:\Windows\SysWOW64\msvidc32.dll
14:59:02.0984 1480  C:\Windows\SysWOW64\msvidc32.dll - ok
14:59:02.0984 1480  [ D30117DB43F48C4DBA9B41C08156A339 ] C:\Windows\SysWOW64\msyuv.dll
14:59:02.0984 1480  C:\Windows\SysWOW64\msyuv.dll - ok
14:59:02.0984 1480  [ 665AAD05AEE9E37A7A9BAEDCAC775989 ] C:\Windows\SysWOW64\tsbyuv.dll
14:59:02.0984 1480  C:\Windows\SysWOW64\tsbyuv.dll - ok
14:59:02.0984 1480  [ 1DE21EC4A2232FF4F5298ADCAE7B3690 ] C:\Windows\SysWOW64\iccvid.dll
14:59:02.0984 1480  C:\Windows\SysWOW64\iccvid.dll - ok
14:59:03.0000 1480  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
14:59:03.0000 1480  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
14:59:03.0000 1480  [ F42E95BFB193754E9148DB6434D2E88E ] C:\Windows\SysWOW64\DivX.dll
14:59:03.0000 1480  C:\Windows\SysWOW64\DivX.dll - ok
14:59:03.0000 1480  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
14:59:03.0000 1480  C:\Windows\SysWOW64\mswsock.dll - ok
14:59:03.0015 1480  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
14:59:03.0015 1480  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
14:59:03.0015 1480  [ C8583B9B516356994DFD49853DE54968 ] C:\Windows\SysWOW64\HWAgent.dll
14:59:03.0015 1480  C:\Windows\SysWOW64\HWAgent.dll - ok
14:59:03.0015 1480  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
14:59:03.0015 1480  C:\Windows\SysWOW64\comdlg32.dll - ok
14:59:03.0031 1480  [ BCB0E9064F3473E5DAC9DC07D52C9BBB ] C:\Windows\SysWOW64\HWM.dll
14:59:03.0031 1480  C:\Windows\SysWOW64\HWM.dll - ok
14:59:03.0031 1480  [ CF2C95D5FF3E37A535D0C9F2E7A1E0A2 ] C:\Windows\System32\evntagnt.dll
14:59:03.0031 1480  C:\Windows\System32\evntagnt.dll - ok
14:59:03.0031 1480  [ 85C81F2367126BAD531C86998CB4418A ] C:\Windows\System32\hostmib.dll
14:59:03.0031 1480  C:\Windows\System32\hostmib.dll - ok
14:59:03.0031 1480  [ 90CC31E54E79E9E5800FFF3CCF2FC5DB ] C:\Windows\System32\inetmib1.dll
14:59:03.0031 1480  C:\Windows\System32\inetmib1.dll - ok
14:59:03.0047 1480  [ C55A9A7FDDDD58347F320E08BBA76FD3 ] C:\Windows\System32\snmpmib.dll
14:59:03.0047 1480  C:\Windows\System32\snmpmib.dll - ok
14:59:03.0047 1480  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
14:59:03.0047 1480  C:\Windows\System32\wsock32.dll - ok
14:59:03.0047 1480  [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
14:59:03.0047 1480  C:\Windows\System32\perfos.dll - ok
14:59:03.0047 1480  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
14:59:03.0047 1480  C:\Windows\System32\drivers\fastfat.sys - ok
14:59:03.0078 1480  [ F19848A4B795A634CA5492C3E557C6A1 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
14:59:03.0078 1480  C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
14:59:03.0078 1480  [ 315CE3F09A3E945A50B1F412CAAE5F14 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
14:59:03.0078 1480  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
14:59:03.0078 1480  [ D73BA2C3C8F2C356711B6E1F965378EC ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
14:59:03.0078 1480  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
14:59:03.0093 1480  [ 46343C27DDE447AB34E2187F782DDE47 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
14:59:03.0093 1480  C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
14:59:03.0109 1480  [ 72FC3F6DC1A96F13A62BA34B15C532B6 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
14:59:03.0109 1480  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
14:59:03.0109 1480  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
14:59:03.0109 1480  C:\Windows\System32\browcli.dll - ok
14:59:03.0109 1480  [ 2693448F9BE4CE1809188495D1D711E1 ] C:\Windows\System32\lmmib2.dll
14:59:03.0109 1480  C:\Windows\System32\lmmib2.dll - ok
14:59:03.0125 1480  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
14:59:03.0125 1480  C:\Windows\System32\netshell.dll - ok
14:59:03.0125 1480  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
14:59:03.0125 1480  C:\Windows\System32\rasdlg.dll - ok
14:59:03.0125 1480  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
14:59:03.0125 1480  C:\Windows\System32\mprapi.dll - ok
14:59:03.0140 1480  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
14:59:03.0140 1480  C:\Windows\SysWOW64\sfc.dll - ok
14:59:03.0140 1480  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
14:59:03.0140 1480  C:\Windows\SysWOW64\sfc_os.dll - ok
14:59:03.0140 1480  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
14:59:03.0140 1480  C:\Windows\SysWOW64\mpr.dll - ok
14:59:03.0140 1480  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
14:59:03.0140 1480  C:\Windows\SysWOW64\winhttp.dll - ok
14:59:03.0156 1480  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
14:59:03.0156 1480  C:\Windows\System32\wmploc.DLL - ok
14:59:03.0156 1480  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
14:59:03.0156 1480  C:\Windows\SysWOW64\webio.dll - ok
14:59:03.0156 1480  [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
14:59:03.0156 1480  C:\Windows\System32\themeui.dll - ok
14:59:03.0171 1480  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
14:59:03.0171 1480  C:\Windows\System32\ie4uinit.exe - ok
14:59:03.0171 1480  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
14:59:03.0171 1480  C:\Windows\System32\iedkcs32.dll - ok
14:59:03.0171 1480  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
14:59:03.0171 1480  C:\Windows\SysWOW64\credssp.dll - ok
14:59:03.0171 1480  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
14:59:03.0171 1480  C:\Windows\SysWOW64\dnsapi.dll - ok
14:59:03.0187 1480  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
14:59:03.0187 1480  C:\Windows\SysWOW64\rasadhlp.dll - ok
14:59:03.0187 1480  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
14:59:03.0187 1480  C:\Windows\SysWOW64\wship6.dll - ok
14:59:03.0187 1480  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
14:59:03.0187 1480  C:\Windows\System32\timedate.cpl - ok
14:59:03.0187 1480  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
14:59:03.0187 1480  C:\Windows\System32\actxprxy.dll - ok
14:59:03.0203 1480  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
14:59:03.0203 1480  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
14:59:03.0203 1480  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
14:59:03.0203 1480  C:\Windows\System32\shdocvw.dll - ok
14:59:03.0203 1480  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
14:59:03.0203 1480  C:\Windows\System32\msiltcfg.dll - ok
14:59:03.0203 1480  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
14:59:03.0203 1480  C:\Windows\System32\msi.dll - ok
14:59:03.0218 1480  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
14:59:03.0218 1480  C:\Windows\System32\linkinfo.dll - ok
14:59:03.0218 1480  [ B795E6138E29A37508285FC31E92BD78 ] C:\Windows\System32\DisplaySwitch.exe
14:59:03.0218 1480  C:\Windows\System32\DisplaySwitch.exe - ok
14:59:03.0218 1480  [ 98F1C94E108DF0811CC5EF098ECFB842 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
14:59:03.0218 1480  C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
14:59:03.0218 1480  [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\Windows\System32\mblctr.exe
14:59:03.0218 1480  C:\Windows\System32\mblctr.exe - ok
14:59:03.0234 1480  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\51161750.sys
14:59:03.0234 1480  C:\Windows\System32\drivers\51161750.sys - ok
14:59:03.0234 1480  [ 47CC4EE5C9D98DC4F03FCD77DF8DF176 ] C:\Windows\System32\NetProjW.dll
14:59:03.0234 1480  C:\Windows\System32\NetProjW.dll - ok
14:59:03.0234 1480  [ C7301A1D3DB09DE86528D9D916069859 ] C:\Windows\System32\dfrgui.exe
14:59:03.0234 1480  C:\Windows\System32\dfrgui.exe - ok
14:59:03.0249 1480  [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
14:59:03.0249 1480  C:\Windows\System32\SoundRecorder.exe - ok
14:59:03.0249 1480  [ 6E26EE228F60D75C732D209688FB546C ] C:\Windows\System32\wdc.dll
14:59:03.0249 1480  C:\Windows\System32\wdc.dll - ok
14:59:03.0249 1480  [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Windows\System32\msinfo32.exe
14:59:03.0249 1480  C:\Windows\System32\msinfo32.exe - ok
14:59:03.0249 1480  [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\Windows\System32\rstrui.exe
14:59:03.0249 1480  C:\Windows\System32\rstrui.exe - ok
14:59:03.0265 1480  [ 51D186B582C905E49D84B70322F70B21 ] C:\Windows\System32\miguiresource.dll
14:59:03.0265 1480  C:\Windows\System32\miguiresource.dll - ok
14:59:03.0265 1480  [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\Windows\System32\migwiz\wet.dll
14:59:03.0265 1480  C:\Windows\System32\migwiz\wet.dll - ok
14:59:03.0265 1480  [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
14:59:03.0265 1480  C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
14:59:03.0265 1480  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
14:59:03.0265 1480  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
14:59:03.0281 1480  [ 1C09858449980D64577E377EB262C9D7 ] C:\Program Files\Windows Journal\Journal.exe
14:59:03.0281 1480  C:\Program Files\Windows Journal\Journal.exe - ok
14:59:03.0281 1480  [ 06A6FE79BD96C7FEF7322AFE5B45FFFF ] C:\Windows\System32\mycomput.dll
14:59:03.0281 1480  C:\Windows\System32\mycomput.dll - ok
14:59:03.0281 1480  [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
14:59:03.0281 1480  C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
14:59:03.0296 1480  [ B9CE8CF2FF2D5EAFFDBAA340E7B385A5 ] C:\Windows\System32\iscsicpl.dll
14:59:03.0296 1480  C:\Windows\System32\iscsicpl.dll - ok
14:59:03.0296 1480  [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
14:59:03.0296 1480  C:\Windows\System32\MdSched.exe - ok
14:59:03.0296 1480  [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
14:59:03.0296 1480  C:\Windows\System32\odbcint.dll - ok
14:59:03.0296 1480  [ 279AC1AD3CBD3980D5517924A7CBFCE2 ] C:\Windows\System32\pmcsnap.dll
14:59:03.0296 1480  C:\Windows\System32\pmcsnap.dll - ok
14:59:03.0312 1480  [ 1BCA343802DB1682A6C61FEB1C064B20 ] C:\Windows\System32\wsecedit.dll
14:59:03.0312 1480  C:\Windows\System32\wsecedit.dll - ok
14:59:03.0312 1480  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
14:59:03.0312 1480  C:\Windows\SysWOW64\riched20.dll - ok
14:59:03.0312 1480  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
14:59:03.0312 1480  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
14:59:03.0312 1480  [ DE038C40F3033EDA732655FA42DCBD18 ] C:\Windows\System32\filemgmt.dll
14:59:03.0312 1480  C:\Windows\System32\filemgmt.dll - ok
14:59:03.0327 1480  [ 11F174ED2050121C394C17B4F7B69983 ] C:\Windows\System32\AuthFWGP.dll
14:59:03.0327 1480  C:\Windows\System32\AuthFWGP.dll - ok
14:59:03.0327 1480  [ E19D102BAF266F34592F7C742FBFA886 ] C:\Windows\System32\msconfig.exe
14:59:03.0327 1480  C:\Windows\System32\msconfig.exe - ok
14:59:03.0327 1480  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
14:59:03.0327 1480  C:\Windows\SysWOW64\dui70.dll - ok
14:59:03.0327 1480  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
14:59:03.0327 1480  C:\Windows\SysWOW64\duser.dll - ok
14:59:03.0343 1480  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
14:59:03.0343 1480  C:\Windows\System32\gameux.dll - ok
14:59:03.0343 1480  [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\Windows\System32\msra.exe
14:59:03.0343 1480  C:\Windows\System32\msra.exe - ok
14:59:03.0343 1480  [ F3B306179F1840C0813DC6771B018358 ] C:\Windows\System32\recdisc.exe
14:59:03.0343 1480  C:\Windows\System32\recdisc.exe - ok
14:59:03.0359 1480  [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
14:59:03.0359 1480  C:\Program Files\DVD Maker\DVDMaker.exe - ok
14:59:03.0359 1480  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
14:59:03.0359 1480  C:\Windows\System32\msftedit.dll - ok
14:59:03.0359 1480  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
14:59:03.0359 1480  C:\Windows\System32\msls31.dll - ok
14:59:03.0359 1480  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
14:59:03.0359 1480  C:\Windows\System32\DeviceCenter.dll - ok
14:59:03.0374 1480  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
14:59:03.0374 1480  C:\Windows\System32\thumbcache.dll - ok
14:59:03.0374 1480  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
14:59:03.0374 1480  C:\Windows\System32\networkexplorer.dll - ok
14:59:03.0374 1480  [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
14:59:03.0374 1480  C:\Windows\System32\UIAnimation.dll - ok
14:59:03.0374 1480  [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
14:59:03.0374 1480  C:\Program Files\Microsoft Security Client\msseces.exe - ok
14:59:03.0390 1480  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
14:59:03.0390 1480  C:\Windows\System32\wdmaud.drv - ok
14:59:03.0390 1480  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
14:59:03.0390 1480  C:\Windows\System32\ksuser.dll - ok
14:59:03.0390 1480  [ 834A309C2FDF52FC09353F348CFE1235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:59:03.0390 1480  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
14:59:03.0405 1480  [ 1315C5C5C54CE2AA37A155F97027DB59 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
14:59:03.0405 1480  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
14:59:03.0405 1480  [ 8B0EB598A2BF7DB458B7BF48F0953D96 ] C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe
14:59:03.0405 1480  C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe - ok
14:59:03.0421 1480  [ DF72D700CC33611206675B8A2FD4D4F9 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
14:59:03.0421 1480  C:\Program Files\Logitech\SetPointP\SetPoint.exe - ok
14:59:03.0421 1480  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
14:59:03.0421 1480  C:\Windows\System32\dsound.dll - ok
14:59:03.0421 1480  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
14:59:03.0421 1480  C:\Windows\System32\oledlg.dll - ok
14:59:03.0421 1480  [ 52425F4F67DE0E8E7149EBC337D1A60A ] C:\Program Files\Logitech\SetPointP\KemUtil.dll
14:59:03.0421 1480  C:\Program Files\Logitech\SetPointP\KemUtil.dll - ok
14:59:03.0437 1480  [ 18921ED36B7AB65916C075E234E81930 ] C:\Program Files\Logitech\SetPointP\khalwrapper.dll
14:59:03.0437 1480  C:\Program Files\Logitech\SetPointP\khalwrapper.dll - ok
14:59:03.0437 1480  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
14:59:03.0437 1480  C:\Windows\System32\AudioSes.dll - ok
14:59:03.0437 1480  [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
14:59:03.0437 1480  C:\Windows\System32\msxml3.dll - ok
14:59:03.0437 1480  [ 2BAD84B393AF47006D80BA2F03B18029 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
14:59:03.0437 1480  C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
14:59:03.0452 1480  [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
14:59:03.0452 1480  C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
14:59:03.0452 1480  [ 7C7B8A47FFC43180FD49304A87EA78F5 ] C:\Program Files\Logitech\SetPointP\KemXML.dll
14:59:03.0452 1480  C:\Program Files\Logitech\SetPointP\KemXML.dll - ok
14:59:03.0452 1480  [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
14:59:03.0452 1480  C:\Program Files\Windows Sidebar\sidebar.exe - ok
14:59:03.0468 1480  [ A0CF76137D2F23C76C860CAD2C605780 ] C:\Windows\AppPatch\AcSpecfc.dll
14:59:03.0468 1480  C:\Windows\AppPatch\AcSpecfc.dll - ok
14:59:03.0468 1480  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
14:59:03.0468 1480  C:\Windows\SysWOW64\mscms.dll - ok
14:59:03.0468 1480  [ 451F41C7FEF78BC7CC6F442F9CDBAE62 ] C:\Program Files\Logitech\SetPointP\kemutb.dll
14:59:03.0468 1480  C:\Program Files\Logitech\SetPointP\kemutb.dll - ok
14:59:03.0468 1480  [ 88B6D9FD6B47B00BC76ECBD13AD24566 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
14:59:03.0468 1480  C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe - ok
14:59:03.0483 1480  [ 93B3D6E86E710CEDA136C973D0EDAA42 ] C:\Program Files\Logitech\SetPointP\KemWnd.dll
14:59:03.0483 1480  C:\Program Files\Logitech\SetPointP\KemWnd.dll - ok
14:59:03.0483 1480  [ 5197BFB7F70F44B8C5E56EF7C4F30200 ] C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
14:59:03.0483 1480  C:\Program Files\Logitech\SetPointP\SetPointCOM.dll - ok
14:59:03.0483 1480  [ 47D5AE02617882BB99CF14DB27511CEC ] C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe
14:59:03.0483 1480  C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe - ok
14:59:03.0499 1480  [ F98A242F61736233824F2E306069EE96 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
14:59:03.0499 1480  C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe - ok
14:59:03.0499 1480  [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
14:59:03.0499 1480  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
14:59:03.0499 1480  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
14:59:03.0499 1480  C:\Windows\System32\msacm32.drv - ok
14:59:03.0515 1480  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
14:59:03.0515 1480  C:\Windows\System32\midimap.dll - ok
14:59:03.0515 1480  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
14:59:03.0515 1480  C:\Windows\System32\msacm32.dll - ok
14:59:03.0515 1480  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
14:59:03.0515 1480  C:\Windows\System32\mscoree.dll - ok
14:59:03.0515 1480  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
14:59:03.0515 1480  C:\Windows\SysWOW64\dciman32.dll - ok
14:59:03.0530 1480  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
14:59:03.0530 1480  C:\Windows\SysWOW64\ddraw.dll - ok
14:59:03.0530 1480  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
14:59:03.0530 1480  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
14:59:03.0530 1480  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
14:59:03.0530 1480  C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
14:59:03.0546 1480  [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
14:59:03.0546 1480  C:\Windows\AppPatch\AcLayers.dll - ok
14:59:03.0546 1480  [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
14:59:03.0546 1480  C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
14:59:03.0546 1480  [ 390679F7A217A5E73D756276C40AE887 ] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
14:59:03.0546 1480  C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe - ok
14:59:03.0546 1480  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
14:59:03.0546 1480  C:\Windows\System32\AudioEng.dll - ok
14:59:03.0561 1480  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
14:59:03.0561 1480  C:\Windows\SysWOW64\rasapi32.dll - ok
14:59:03.0561 1480  [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
14:59:03.0561 1480  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
14:59:03.0561 1480  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
14:59:03.0561 1480  C:\Windows\SysWOW64\rasman.dll - ok
14:59:03.0577 1480  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
14:59:03.0577 1480  C:\Windows\System32\AUDIOKSE.dll - ok
14:59:03.0577 1480  [ A112E0E48F3AB7545D7F797AFD484B96 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL
14:59:03.0577 1480  C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL - ok
14:59:03.0577 1480  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
14:59:03.0577 1480  C:\Windows\SysWOW64\rtutils.dll - ok
14:59:03.0577 1480  [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
14:59:03.0577 1480  C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
14:59:03.0593 1480  [ 558BE7C9DE7DD5F206F3AD9FD541CD1F ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationUI.dll
14:59:03.0593 1480  C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationUI.dll - ok
14:59:03.0593 1480  [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
14:59:03.0593 1480  C:\Windows\SysWOW64\hhctrl.ocx - ok
14:59:03.0593 1480  [ 22CC6CDBA678790046693654C3B212E4 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
14:59:03.0593 1480  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
14:59:03.0608 1480  [ 2E5B4A993514375DC6092DD211262757 ] C:\Windows\System32\MBWrp64.dll
14:59:03.0608 1480  C:\Windows\System32\MBWrp64.dll - ok
14:59:03.0608 1480  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
14:59:03.0608 1480  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
14:59:03.0608 1480  [ 3181F76ED237CC3D50D10CEA05AF8B60 ] C:\Windows\System32\riched32.dll
14:59:03.0608 1480  C:\Windows\System32\riched32.dll - ok
14:59:03.0608 1480  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
14:59:03.0608 1480  C:\Windows\System32\drprov.dll - ok
14:59:03.0639 1480  [ F244DA6DD2C365ABAFD076222C22C2BE ] C:\Windows\System32\mshtml.dll
14:59:03.0639 1480  C:\Windows\System32\mshtml.dll - ok
14:59:03.0639 1480  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
14:59:03.0639 1480  C:\Windows\System32\ntlanman.dll - ok
14:59:03.0655 1480  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
14:59:03.0655 1480  C:\Windows\System32\davclnt.dll - ok
14:59:03.0655 1480  [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
14:59:03.0655 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
14:59:03.0655 1480  [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
14:59:03.0655 1480  C:\Windows\System32\RtkCfg64.dll - ok
14:59:03.0655 1480  [ 57ACF47B4FA24A6B9464C9919412C411 ] C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
14:59:03.0655 1480  C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll - ok
14:59:03.0671 1480  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
14:59:03.0671 1480  C:\Windows\System32\davhlpr.dll - ok
14:59:03.0671 1480  [ BC34B8831FAE17E5E7BD8318EDDC90BB ] C:\Windows\System32\RtkAPO64.dll
14:59:03.0671 1480  C:\Windows\System32\RtkAPO64.dll - ok
14:59:03.0671 1480  [ 40F6BC428065D34B840C5B1BE5503F6F ] C:\Program Files\MagicTune Premium\GammaTray.exe
14:59:03.0671 1480  C:\Program Files\MagicTune Premium\GammaTray.exe - ok
14:59:03.0686 1480  [ 509D846FDF0C83158ED5970DE751364C ] C:\Windows\SysWOW64\jsproxy.dll
14:59:03.0686 1480  C:\Windows\SysWOW64\jsproxy.dll - ok
14:59:03.0686 1480  [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
14:59:03.0686 1480  C:\Windows\SysWOW64\mfc42.dll - ok
14:59:03.0686 1480  [ 798387534977217525F11B758B3517AE ] C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
14:59:03.0686 1480  C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll - ok
14:59:03.0686 1480  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
14:59:03.0686 1480  C:\Windows\SysWOW64\taskschd.dll - ok
14:59:03.0702 1480  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
14:59:03.0702 1480  C:\Windows\SysWOW64\odbc32.dll - ok
14:59:03.0702 1480  [ EDEEAA5B121A89425A5DF7AB28E4E544 ] C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
14:59:03.0702 1480  C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll - ok
14:59:03.0702 1480  [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
14:59:03.0702 1480  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
14:59:03.0702 1480  [ BBD2DAE7BD103D88591F4712B196D611 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
14:59:03.0702 1480  C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe - ok
14:59:03.0717 1480  [ FC77F245431D4DA5A9E2A53F3A14B162 ] C:\Windows\RaidTool\xInsIDE.exe
14:59:03.0717 1480  C:\Windows\RaidTool\xInsIDE.exe - ok
14:59:03.0717 1480  [ 563C4641DAE5355C08DF4DDC4134E196 ] C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
14:59:03.0717 1480  C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll - ok
14:59:03.0717 1480  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
14:59:03.0717 1480  C:\Windows\SysWOW64\odbcint.dll - ok
14:59:03.0733 1480  [ 64B9816268F2003803A9E431882CBFAE ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
14:59:03.0733 1480  C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe - ok
14:59:03.0733 1480  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
14:59:03.0733 1480  C:\Windows\System32\WMALFXGFXDSP.dll - ok
14:59:03.0733 1480  [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
14:59:03.0733 1480  C:\Windows\AppPatch\AcGenral.dll - ok
14:59:03.0749 1480  [ 754BDBD9A6B351E83A8648AB469E238A ] C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
14:59:03.0749 1480  C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll - ok
14:59:03.0749 1480  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
14:59:03.0749 1480  C:\Windows\System32\mfplat.dll - ok
14:59:03.0764 1480  [ 9E279D1BC39F5C6C530F0A0DB1D2DC98 ] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
14:59:03.0764 1480  C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe - ok
14:59:03.0764 1480  [ B8F7FA586A70918FEC5C768250724635 ] C:\Program Files\Logitech\SetPointP\KemMon.dll
14:59:03.0764 1480  C:\Program Files\Logitech\SetPointP\KemMon.dll - ok
14:59:03.0764 1480  [ F625F4072C04A1AEE6C60B020778A8CD ] C:\Windows\RaidTool\xInsDrv.dll
14:59:03.0764 1480  C:\Windows\RaidTool\xInsDrv.dll - ok
14:59:03.0780 1480  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
14:59:03.0780 1480  C:\Windows\SysWOW64\samcli.dll - ok
14:59:03.0780 1480  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
14:59:03.0780 1480  C:\Windows\SysWOW64\msacm32.dll - ok
14:59:03.0780 1480  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
14:59:03.0780 1480  C:\Windows\System32\msimtf.dll - ok
14:59:03.0780 1480  [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\SysWOW64\newdev.dll
14:59:03.0780 1480  C:\Windows\SysWOW64\newdev.dll - ok
14:59:03.0795 1480  [ 915E198D1A21531A10F678F42E536496 ] C:\Program Files (x86)\Hardcopy\hardcopy.exe
14:59:03.0795 1480  C:\Program Files (x86)\Hardcopy\hardcopy.exe - ok
14:59:03.0795 1480  [ D5A69B24039442FD76B410CD2D7FEB7B ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll
14:59:03.0795 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll - ok
14:59:03.0795 1480  [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
14:59:03.0795 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
14:59:03.0811 1480  [ 03CC97EC838FBBA69E6E5FD744012C31 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
14:59:03.0811 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe - ok
14:59:03.0811 1480  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
14:59:03.0811 1480  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
14:59:03.0811 1480  [ 9998DCD053C25FED2AE544FA17F9970F ] C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
14:59:03.0811 1480  C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe - ok
14:59:03.0811 1480  [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
14:59:03.0811 1480  C:\Windows\SysWOW64\msiltcfg.dll - ok
14:59:03.0827 1480  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
14:59:03.0827 1480  C:\Windows\SysWOW64\oledlg.dll - ok
14:59:03.0827 1480  [ E968CAC86E356BEE1A369C1FB824F7EC ] C:\Program Files (x86)\MagicRotation\MagicPvt.exe
14:59:03.0827 1480  C:\Program Files (x86)\MagicRotation\MagicPvt.exe - ok
14:59:03.0827 1480  [ EE2DBFBFE0B16E816A74AD505CF0379C ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll
14:59:03.0827 1480  C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll - ok
14:59:03.0842 1480  [ 4EB19202D44B012387602DB5536FD093 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll
14:59:03.0842 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll - ok
14:59:03.0842 1480  [ 901AA7A38CE13F14B6BBEC38C0595698 ] D:\Programme (x86)\Office\Office14\BCSSync.exe
14:59:03.0842 1480  D:\Programme (x86)\Office\Office14\BCSSync.exe - ok
14:59:03.0842 1480  [ C79ECC33D5145224214FD82D3E458945 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
14:59:03.0842 1480  C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe - ok
14:59:03.0858 1480  [ D17277381B4522FA34FAE7851E705051 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll
14:59:03.0858 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll - ok
14:59:03.0858 1480  [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
14:59:03.0858 1480  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok
14:59:03.0858 1480  [ AC09992FFDDDDA251464F80EF5C6E908 ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
14:59:03.0858 1480  C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe - ok
14:59:03.0858 1480  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
14:59:03.0858 1480  C:\Windows\SysWOW64\mscoree.dll - ok
14:59:03.0873 1480  [ AF09A713D190B2E9DDFCC2CE89357302 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll
14:59:03.0873 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll - ok
14:59:03.0873 1480  [ 356656B5EEA8C990238E8FAE5C63395C ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll
14:59:03.0873 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll - ok
14:59:03.0873 1480  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
14:59:03.0873 1480  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
14:59:03.0889 1480  [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
14:59:03.0889 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
14:59:03.0889 1480  [ 1A4E49BBBBCD5CE19F8BF6B5D20AFC68 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll
14:59:03.0889 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll - ok
14:59:03.0889 1480  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
14:59:03.0889 1480  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
14:59:03.0905 1480  [ D4325026873BF2CF7A0BD5CF888161C5 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL
14:59:03.0905 1480  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL - ok
14:59:03.0905 1480  [ 6ABC6575EF4FEA6E7A44F5C61C66C9E1 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll
14:59:03.0905 1480  C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll - ok
14:59:03.0905 1480  [ 516C67F32A77F3ED296FE7F9AAD2ADAA ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\BCGCBPRO100u80.dll
14:59:03.0905 1480  C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\BCGCBPRO100u80.dll - ok
14:59:03.0905 1480  [ 1D3FAF2E2305A75EBFE1C5F5F7A2CB25 ] C:\Windows\System32\jscript9.dll
14:59:03.0905 1480  C:\Windows\System32\jscript9.dll - ok
14:59:03.0920 1480  [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
14:59:03.0920 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
14:59:03.0920 1480  [ F50F26E6DC3082D8334F2946CE9125FA ] C:\Windows\System32\vbscript.dll
14:59:03.0920 1480  C:\Windows\System32\vbscript.dll - ok
14:59:03.0920 1480  [ AEDC5488205B84A3E2A44D3B5B76E534 ] C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
14:59:03.0920 1480  C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe - ok
14:59:03.0936 1480  [ D4AA74409711F64540850F7BA4D4346D ] C:\Program Files (x86)\Hardcopy\HcDllS.dll
14:59:03.0936 1480  C:\Program Files (x86)\Hardcopy\HcDllS.dll - ok
14:59:03.0936 1480  [ 0C7FCFD00ECF8CCC381B1CE618380E49 ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\SolutionExplorer.dll
14:59:03.0936 1480  C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\SolutionExplorer.dll - ok
14:59:03.0936 1480  [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
14:59:03.0936 1480  C:\Windows\System32\d2d1.dll - ok
14:59:03.0951 1480  [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
14:59:03.0951 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
14:59:03.0951 1480  [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
14:59:03.0951 1480  C:\Windows\System32\DWrite.dll - ok
14:59:03.0951 1480  [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
14:59:03.0951 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
14:59:03.0967 1480  [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
14:59:03.0967 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
14:59:03.0967 1480  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
14:59:03.0967 1480  C:\Windows\SysWOW64\wsock32.dll - ok
14:59:03.0967 1480  [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
14:59:03.0967 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
14:59:03.0983 1480  [ 4E8B1E9567B3CD76CA628C9026AE1125 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80DEU.dll
14:59:03.0983 1480  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80DEU.dll - ok
14:59:03.0983 1480  [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
14:59:03.0983 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
14:59:03.0983 1480  [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
14:59:03.0983 1480  C:\Windows\SysWOW64\regsvr32.exe - ok
14:59:03.0998 1480  [ 916A2C4EB028604783FD5EA169236C1D ] D:\Programme (x86)\QuickTime\QTTask.exe
14:59:03.0998 1480  D:\Programme (x86)\QuickTime\QTTask.exe - ok
14:59:03.0998 1480  [ 0D391555EFBB823CA5DB36D79CDA2693 ] C:\Program Files (x86)\Hardcopy\LTKRN14n.DLL
14:59:03.0998 1480  C:\Program Files (x86)\Hardcopy\LTKRN14n.DLL - ok
14:59:03.0998 1480  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
14:59:03.0998 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
14:59:03.0998 1480  [ 629868F32036BBE4E1B268D386B4A2F6 ] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NB.dll
14:59:03.0998 1480  C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NB.dll - ok
14:59:04.0014 1480  [ A45E9924E74F43BC98071118A61F03D9 ] C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
14:59:04.0014 1480  C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll - ok
14:59:04.0014 1480  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
14:59:04.0014 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
14:59:04.0014 1480  [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:59:04.0014 1480  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
14:59:04.0029 1480  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
14:59:04.0029 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
14:59:04.0029 1480  [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
14:59:04.0029 1480  C:\Windows\SysWOW64\pdh.dll - ok
14:59:04.0045 1480  [ 7060AE41349FDFB9063193D375CBAA8E ] C:\Program Files (x86)\Hardcopy\LTFIL14n.DLL
14:59:04.0045 1480  C:\Program Files (x86)\Hardcopy\LTFIL14n.DLL - ok
14:59:04.0045 1480  [ 7CA00998C1AAF913AC089E29DB746037 ] C:\Windows\SysWOW64\unregmp2.exe
14:59:04.0045 1480  C:\Windows\SysWOW64\unregmp2.exe - ok
14:59:04.0061 1480  [ A05602FCF939A0A051D0CDF8C5CEDA98 ] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
14:59:04.0061 1480  C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe - ok
14:59:04.0061 1480  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
14:59:04.0061 1480  C:\Windows\System32\stobject.dll - ok
14:59:04.0061 1480  [ 3D024AA5D3152831D6D59B6E4EFC1C2E ] C:\Windows\mpvthook.dll
14:59:04.0061 1480  C:\Windows\mpvthook.dll - ok
14:59:04.0076 1480  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
14:59:04.0076 1480  C:\Windows\System32\batmeter.dll - ok
14:59:04.0076 1480  [ BA2B249CD7C8CE15E1A8D69ECAEE5FA3 ] C:\Windows\SysWOW64\main.cpl
14:59:04.0076 1480  C:\Windows\SysWOW64\main.cpl - ok
14:59:04.0092 1480  [ 5754573173A536802ACFDD50D684AE44 ] C:\Program Files (x86)\Hardcopy\LTDIS14n.DLL
14:59:04.0092 1480  C:\Program Files (x86)\Hardcopy\LTDIS14n.DLL - ok
14:59:04.0092 1480  [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
14:59:04.0092 1480  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
14:59:04.0092 1480  [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
14:59:04.0092 1480  C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
14:59:04.0107 1480  [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:59:04.0107 1480  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
14:59:04.0139 1480  [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
14:59:04.0139 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
14:59:04.0139 1480  [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
14:59:04.0139 1480  C:\Windows\System32\regsvr32.exe - ok
14:59:04.0154 1480  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
14:59:04.0154 1480  C:\Windows\SysWOW64\cabinet.dll - ok
14:59:04.0154 1480  [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
14:59:04.0154 1480  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
14:59:04.0154 1480  [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
14:59:04.0154 1480  C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
14:59:04.0170 1480  [ 518318A103C888001054EFA1236E5033 ] C:\Windows\SysWOW64\dfshim.dll
14:59:04.0170 1480  C:\Windows\SysWOW64\dfshim.dll - ok
14:59:04.0170 1480  [ B57053CD59114D36952461EE638D3784 ] C:\Windows\SysWOW64\acppage.dll
14:59:04.0170 1480  C:\Windows\SysWOW64\acppage.dll - ok
14:59:04.0170 1480  [ 8BCF1DCE05F4494C8891F33EEA450D0A ] C:\Windows\SysWOW64\wdc.dll
14:59:04.0170 1480  C:\Windows\SysWOW64\wdc.dll - ok
14:59:04.0170 1480  [ AE1685654C954DEB572EA5386633B2AA ] C:\Windows\ehome\ehdrop.dll
14:59:04.0170 1480  C:\Windows\ehome\ehdrop.dll - ok
14:59:04.0185 1480  [ 0F6E4656BD4938F0FEE3B3EBA1524965 ] C:\Windows\SysWOW64\colorui.dll
14:59:04.0185 1480  C:\Windows\SysWOW64\colorui.dll - ok
14:59:04.0185 1480  [ 12026103EEDF3B4F7B0F368E4C6C5B19 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent\2fcef7081659e8224aa28ab07ab73f48\Agent.ni.exe
14:59:04.0185 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent\2fcef7081659e8224aa28ab07ab73f48\Agent.ni.exe - ok
14:59:04.0185 1480  [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
14:59:04.0185 1480  C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
14:59:04.0201 1480  [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
14:59:04.0201 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
14:59:04.0201 1480  [ 57E8C7791AB2596AFB8EE1273C2DF1F8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
14:59:04.0201 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
14:59:04.0201 1480  [ 8FF9D8945CFECE70F93C36FF48AEA4DA ] C:\Windows\SysWOW64\cryptext.dll
14:59:04.0201 1480  C:\Windows\SysWOW64\cryptext.dll - ok
14:59:04.0201 1480  [ 07DD9DCD1CC2840751A1F8772F3C0195 ] C:\Program Files\Microsoft Games\Chess\Chess.exe
14:59:04.0201 1480  C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
14:59:04.0217 1480  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
14:59:04.0217 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
14:59:04.0217 1480  [ 50EFBC0F319C780E67D43AA7DDB12BF3 ] C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe
14:59:04.0217 1480  C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe - ok
14:59:04.0217 1480  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
14:59:04.0217 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
14:59:04.0232 1480  [ 278EA4126B7DBE0E107CC25D41C2F388 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Win32.Tas#\9d07daa643ece9f8eb826ab5f4b7df04\Microsoft.Win32.TaskScheduler.ni.dll
14:59:04.0232 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Win32.Tas#\9d07daa643ece9f8eb826ab5f4b7df04\Microsoft.Win32.TaskScheduler.ni.dll - ok
14:59:04.0232 1480  [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
14:59:04.0232 1480  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
14:59:04.0248 1480  [ EB596E72F63B7C31BE8DF75FA8829B3F ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
14:59:04.0248 1480  C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
14:59:04.0248 1480  [ 6A08F1C87BBF6197F5DAD95CF41E5175 ] C:\Windows\SysWOW64\PresentationHost.exe
14:59:04.0248 1480  C:\Windows\SysWOW64\PresentationHost.exe - ok
14:59:04.0263 1480  [ CE7B235C57F3E16654875A41B20448C4 ] C:\Windows\SysWOW64\icardres.dll
14:59:04.0263 1480  C:\Windows\SysWOW64\icardres.dll - ok
14:59:04.0263 1480  [ 726DFDB9E283B0CB78D87DDD7469BAF3 ] C:\Windows\SysWOW64\sendmail.dll
14:59:04.0263 1480  C:\Windows\SysWOW64\sendmail.dll - ok
14:59:04.0263 1480  [ F67A64C46DE10425045AF682802F5BA6 ] C:\Windows\SysWOW64\msdt.exe
14:59:04.0263 1480  C:\Windows\SysWOW64\msdt.exe - ok
14:59:04.0279 1480  [ 3EE82641D51AC10B4120ACBC515F6928 ] C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll
14:59:04.0279 1480  C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll - ok
14:59:04.0279 1480  [ 9E529F61AB51BA662E758BF2145CB37B ] C:\Program Files (x86)\GIGABYTE\ET6\work.dll
14:59:04.0279 1480  C:\Program Files (x86)\GIGABYTE\ET6\work.dll - ok
14:59:04.0279 1480  [ 75FA701D64996C18428EE72B4BF8EDEE ] C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
14:59:04.0279 1480  C:\Program Files (x86)\GIGABYTE\ET6\SF.dll - ok
14:59:04.0279 1480  [ 2FDCABFDBB423F00A0BFD8081EA891E8 ] C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
14:59:04.0279 1480  C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll - ok
14:59:04.0295 1480  [ 493CD726A4CCF422918CB86B78D18FB2 ] C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
14:59:04.0295 1480  C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll - ok
14:59:04.0295 1480  [ 59B7280D73906B43B13B273A1F9CC3DD ] C:\Windows\SysWOW64\xpsrchvw.exe
14:59:04.0295 1480  C:\Windows\SysWOW64\xpsrchvw.exe - ok
14:59:04.0295 1480  [ 8563204E44C222FDC144788EC99AFBDA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Common\e8bda9e93402e20c719b709f6e0894df\Agent.Common.ni.dll
14:59:04.0295 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Common\e8bda9e93402e20c719b709f6e0894df\Agent.Common.ni.dll - ok
14:59:04.0310 1480  [ BEFE4865B67D7A6F58391F0AF8766A28 ] C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
14:59:04.0310 1480  C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll - ok
14:59:04.0310 1480  [ B72F77DA5A69F5626696182E17B503BA ] C:\Windows\SysWOW64\miguiresource.dll
14:59:04.0310 1480  C:\Windows\SysWOW64\miguiresource.dll - ok
14:59:04.0310 1480  [ BEF8BE93965EC65C51D70030B9B6B058 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
14:59:04.0310 1480  C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
14:59:04.0326 1480  [ F72CDD99A8626538F3ED924EF7DBA703 ] C:\Program Files (x86)\Windows Sidebar\sbdrop.dll
14:59:04.0326 1480  C:\Program Files (x86)\Windows Sidebar\sbdrop.dll - ok
14:59:04.0326 1480  [ 2723652E8757255E6A55499494932123 ] C:\Program Files (x86)\Common Files\System\wab32res.dll
14:59:04.0326 1480  C:\Program Files (x86)\Common Files\System\wab32res.dll - ok
14:59:04.0326 1480  [ A24B9C122B32EEC8E06F508A1716A277 ] C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
14:59:04.0326 1480  C:\Program Files (x86)\GIGABYTE\ET6\HM.dll - ok
14:59:04.0341 1480  [ 3DCEF5BFD5F3B1A84E1FA4DFF7701F7C ] C:\Program Files\MagicTune Premium\MagicTune.exe
14:59:04.0341 1480  C:\Program Files\MagicTune Premium\MagicTune.exe - ok
14:59:04.0341 1480  [ 67517491E2367098334372E0C167F515 ] C:\Windows\SysWOW64\grpconv.exe
14:59:04.0341 1480  C:\Windows\SysWOW64\grpconv.exe - ok
14:59:04.0341 1480  [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
14:59:04.0341 1480  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
14:59:04.0341 1480  [ BF609C38D036B97E8AEB5D45546B1844 ] C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
14:59:04.0341 1480  C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll - ok
14:59:04.0357 1480  [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\SysWOW64\apds.dll
14:59:04.0357 1480  C:\Windows\SysWOW64\apds.dll - ok
14:59:04.0357 1480  [ E9E9D800D84B02868D3E5A69A51977DD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Common\c8a879174b5f757b9d2045d675187789\Common.ni.dll
14:59:04.0357 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Common\c8a879174b5f757b9d2045d675187789\Common.ni.dll - ok
14:59:04.0357 1480  [ 829581B5337DEB3BF88D622E89B59ECE ] C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
14:59:04.0357 1480  C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll - ok
14:59:04.0373 1480  [ 9381B625514FA17C8C0BEAF1C9A45FC0 ] C:\Program Files\MagicTune Premium\VESADll.dll
14:59:04.0373 1480  C:\Program Files\MagicTune Premium\VESADll.dll - ok
14:59:04.0373 1480  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
14:59:04.0373 1480  C:\Windows\System32\bitsperf.dll - ok
14:59:04.0373 1480  [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
14:59:04.0373 1480  C:\Windows\System32\d3d10warp.dll - ok
14:59:04.0388 1480  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
14:59:04.0388 1480  C:\Windows\System32\bitsigd.dll - ok
14:59:04.0388 1480  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
14:59:04.0388 1480  C:\Windows\SysWOW64\olepro32.dll - ok
14:59:04.0388 1480  [ 274FCC9FE55503737C1E317E47F201E4 ] C:\Program Files\MagicTune Premium\IProfile.dll
14:59:04.0388 1480  C:\Program Files\MagicTune Premium\IProfile.dll - ok
14:59:04.0388 1480  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
14:59:04.0388 1480  C:\Windows\System32\upnp.dll - ok
14:59:04.0404 1480  [ B3EC1F65E452FD758D513AC27BD0F3BB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Interop.WUApiLib\a7cc20e691cb9593388c0ada20e65158\Interop.WUApiLib.ni.dll
14:59:04.0404 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Interop.WUApiLib\a7cc20e691cb9593388c0ada20e65158\Interop.WUApiLib.ni.dll - ok
14:59:04.0404 1480  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
14:59:04.0404 1480  C:\Windows\System32\prnfldr.dll - ok
14:59:04.0404 1480  [ A8524F6C3AFF774911BCA26AB8322602 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
14:59:04.0404 1480  C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
14:59:04.0419 1480  [ EFA0DE074EBDE061EC08CA489A60CCCC ] C:\Windows\System32\nvd3dumx.dll
14:59:04.0419 1480  C:\Windows\System32\nvd3dumx.dll - ok
14:59:04.0419 1480  [ 074F20DD1A3F969B4AFFFD7670C98CAD ] C:\Program Files\MagicTune Premium\DProfile.dll
14:59:04.0419 1480  C:\Program Files\MagicTune Premium\DProfile.dll - ok
14:59:04.0419 1480  [ 061CBB1058A10C0875D18CAFF835AE97 ] C:\Windows\SysWOW64\mshta.exe
14:59:04.0419 1480  C:\Windows\SysWOW64\mshta.exe - ok
14:59:04.0435 1480  [ 95E60872B6E20E3EEF1E6197BC1ABDE9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Communication\3fdb4fa1ce48c2c606152881873e69f0\Agent.Communication.ni.dll
14:59:04.0435 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Agent.Communication\3fdb4fa1ce48c2c606152881873e69f0\Agent.Communication.ni.dll - ok
14:59:04.0435 1480  [ B64EC011A725AB1B47CB29B6271D9C63 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ExceptionLogging\1f76e22c476a94039cc059690306076a\ExceptionLogging.ni.dll
14:59:04.0435 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\ExceptionLogging\1f76e22c476a94039cc059690306076a\ExceptionLogging.ni.dll - ok
14:59:04.0435 1480  [ 49E3E21197CB828F55F50A6F8156A3BD ] C:\Program Files\MagicTune Premium\EProfile.dll
14:59:04.0435 1480  C:\Program Files\MagicTune Premium\EProfile.dll - ok
14:59:04.0435 1480  [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
14:59:04.0435 1480  C:\Windows\System32\dxtrans.dll - ok
14:59:04.0451 1480  [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
14:59:04.0451 1480  C:\Windows\System32\ddrawex.dll - ok
14:59:04.0466 1480  [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
14:59:04.0466 1480  C:\Windows\System32\ddraw.dll - ok
14:59:04.0466 1480  [ D3816C5E999612E39DF60C9DA3EAE72F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\XPBurnComponent\0750237e8294b5e6aefff76c2404293f\XPBurnComponent.ni.dll
14:59:04.0466 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\XPBurnComponent\0750237e8294b5e6aefff76c2404293f\XPBurnComponent.ni.dll - ok
14:59:04.0466 1480  [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
14:59:04.0466 1480  C:\Windows\System32\dciman32.dll - ok
14:59:04.0482 1480  [ 14947C3C0041E3D9BD807C55C81BDEBF ] C:\Program Files\MagicTune Premium\DeviceInterface.dll
14:59:04.0482 1480  C:\Program Files\MagicTune Premium\DeviceInterface.dll - ok
14:59:04.0482 1480  [ 3A91AAA7EDC8DE349699BB91A328DC3D ] C:\Program Files\Logitech\SetPointP\KGame.dll
14:59:04.0482 1480  C:\Program Files\Logitech\SetPointP\KGame.dll - ok
14:59:04.0482 1480  [ D6A99F26E31C9F15D8D8CC42FFE6D16B ] C:\Windows\System32\dxtmsft.dll
14:59:04.0482 1480  C:\Windows\System32\dxtmsft.dll - ok
14:59:04.0497 1480  [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
14:59:04.0497 1480  C:\Windows\System32\dxva2.dll - ok
14:59:04.0497 1480  [ 4D9DC6214E263A5D6995F353C9000886 ] C:\Program Files (x86)\Nero\Nero 10\Nero Burning ROM\ShellRes\ShellRes.dll
14:59:04.0497 1480  C:\Program Files (x86)\Nero\Nero 10\Nero Burning ROM\ShellRes\ShellRes.dll - ok
14:59:04.0497 1480  [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\SysWOW64\PeerDist.dll
14:59:04.0497 1480  C:\Windows\SysWOW64\PeerDist.dll - ok
14:59:04.0497 1480  [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
14:59:04.0497 1480  C:\Windows\SysWOW64\authz.dll - ok
14:59:04.0544 1480  [ 3B9C451947F6D29C9FA24F7689DFF734 ] C:\Program Files\MagicTune Premium\Highlight.dll
14:59:04.0544 1480  C:\Program Files\MagicTune Premium\Highlight.dll - ok
14:59:04.0560 1480  [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll
14:59:04.0560 1480  C:\Windows\SysWOW64\wshext.dll - ok
14:59:04.0560 1480  [ 7E1A97200E98893128A97C1A6DD36B92 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\RuleEngine\71a3fa9c10f9bf4e0076ca59bd0f47e2\RuleEngine.ni.dll
14:59:04.0560 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\RuleEngine\71a3fa9c10f9bf4e0076ca59bd0f47e2\RuleEngine.ni.dll - ok
14:59:04.0560 1480  [ 2A8DAB7AA50CC8305264683B13B61D6D ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90.dll
14:59:04.0560 1480  C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90.dll - ok
14:59:04.0560 1480  [ 8A4883F5E7AC37444F23279239553878 ] C:\Windows\SysWOW64\regedit.exe
14:59:04.0560 1480  C:\Windows\SysWOW64\regedit.exe - ok
14:59:04.0575 1480  [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
14:59:04.0575 1480  C:\Windows\System32\d3d10.dll - ok
14:59:04.0575 1480  [ E457C3F2DCF30EBD3812D3BEA2BDC40D ] C:\Program Files\MagicTune Premium\HzZone.dll
14:59:04.0575 1480  C:\Program Files\MagicTune Premium\HzZone.dll - ok
14:59:04.0575 1480  [ 143ABE4D5C10F7A5AA87DCD68B4CE57B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\2151fd0e6db30581263dfac1e93f64d9\Microsoft.ApplicationBlocks.Updater.ni.dll
14:59:04.0575 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\2151fd0e6db30581263dfac1e93f64d9\Microsoft.ApplicationBlocks.Updater.ni.dll - ok
14:59:04.0591 1480  [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
14:59:04.0591 1480  C:\Windows\System32\d3d10core.dll - ok
14:59:04.0591 1480  [ 2A17C56A95DEE72F02AAA76C1FD4146E ] C:\Program Files\MagicTune Premium\MTResGer.dll
14:59:04.0591 1480  C:\Program Files\MagicTune Premium\MTResGer.dll - ok
14:59:04.0591 1480  [ C005D9E5DC7841BB5E0C837C5C6DAB97 ] C:\Program Files\Logitech\SetPointP\LCabHandler.dll
14:59:04.0591 1480  C:\Program Files\Logitech\SetPointP\LCabHandler.dll - ok
14:59:04.0607 1480  [ 9AAADE86A4659A69CF5AA298C8AEEC22 ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
14:59:04.0607 1480  C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
14:59:04.0607 1480  [ 44A08596C5E4274C1565180BDA0B19A2 ] C:\Windows\System32\tzres.dll
14:59:04.0607 1480  C:\Windows\System32\tzres.dll - ok
14:59:04.0622 1480  [ 66ECAF6C054D15203FCE9FBBD9FBE09E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\a70987acc64c3549174d0625bc63ea5b\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
14:59:04.0622 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\a70987acc64c3549174d0625bc63ea5b\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll - ok
14:59:04.0622 1480  [ 2FF112EF1984C2AD73684F0B290DBFA3 ] C:\Windows\SysWOW64\migwiz\wet.dll
14:59:04.0622 1480  C:\Windows\SysWOW64\migwiz\wet.dll - ok
14:59:04.0622 1480  [ DB797B87A5596A5BD4AACDD18D23B165 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\e7312df6c674a1f9f9d4f4788985dd0a\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
14:59:04.0622 1480  C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Practices#\e7312df6c674a1f9f9d4f4788985dd0a\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll - ok
14:59:04.0622 1480  [ 9D78BE8C32202452F88A32D087149853 ] C:\Program Files (x86)\Hardcopy\HcDLL2_36_Win32.dll
14:59:04.0622 1480  C:\Program Files (x86)\Hardcopy\HcDLL2_36_Win32.dll - ok
14:59:04.0638 1480  ============================================================
14:59:04.0638 1480  Scan finished
14:59:04.0638 1480  ============================================================
14:59:04.0638 3304  Detected object count: 0
14:59:04.0638 3304  Actual detected object count: 0
14:59:12.0079 3644  Deinitialize success
         
So das war es. Ich hoffe, dass es jetzt nicht zu viele sind.
Aber wenn noch etwas fehlt, dann schaue ich mal.

Erst mal noch mal vielen Dank für die Unterstützung

Bernhard Bahr

Alt 16.10.2012, 19:06   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Redirekt Virus - Standard

Redirekt Virus



Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.10.2012, 10:44   #10
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



Oh ja,
da sind ja doch ein paar Infektionen dabei. Die sind doch aber schon gelöscht, oder?

Code:
ATTFilter
 Malwarebytes Anti-Malware  (PRO) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Berni :: BOVN2012-OBEN [Administrator]

Schutz: Aktiviert

01.10.2012 08:09:46
mbam-log-2012-10-01 (08-09-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 724410
Laufzeit: 1 Stunde(n), 19 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Berni\Downloads\AlienEncounters_downloader_by_SchriftartenFontsde(1).exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Berni\Downloads\AlienEncounters_downloader_by_SchriftartenFontsde.exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware  (PRO) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.07.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Berni :: BOVN2012-OBEN [Administrator]

Schutz: Deaktiviert

14.09.2012 13:57:36
mbam-log-2012-09-14 (13-57-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 724921
Laufzeit: 1 Stunde(n), 18 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 8
C:\Users\Berni\Downloads\VLCMediaPlayerSetup.exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\weitere Backups\Version -1\SSD Backup.last\downloads\Softango_VideoConverter_Multi (2).exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\weitere Backups\Version -1\SSD Backup.last\downloads\Softango_VideoConverter_Multi.exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\weitere Backups\Version -1\Users\Berni\Downloads\installer_magic_dvd_ripper.exe (PUP.Adbundler) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\weitere Backups\Version -1\Users\Berni\Downloads\Softango_VideoConverter_Multi.exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\FLVPlayerSetup.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
G:\0_Rechnersicherung\Datenrettung\HTC45_Bahr My Documents\UAContents\Emoticon\25_240x320.gif (Extension.Mismatch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
G:\0_Rechnersicherung\Datenrettung\HTC45_Bahr My Documents\UAContents\Emoticon\28_240x320.gif (Extension.Mismatch) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Berni :: BOVN2012-OBEN [Administrator]

Schutz: Aktiviert

16.07.2012 14:03:00
mbam-log-2012-07-16 (14-03-00).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 233701
Laufzeit: 1 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\Windows\SysWOW64\CML.exe (Backdoor.Agent) -> 3344 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|tray2 (Backdoor.Agent) -> Daten: C:\Windows\system32\CML.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|tray3 (Trojan.Agent) -> Daten: C:\Windows\system32\RecvMessage.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Windows\SysWOW64\CML.exe (Backdoor.Agent) -> Löschen bei Neustart.
C:\Windows\System32\CML.exe (Backdoor.Agent) -> Löschen bei Neustart.
C:\Users\Berni\Downloads\SoftonicDownloader_fuer_free-iso-burner.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\System32\RecvMessage.exe (Trojan.Agent) -> Löschen bei Neustart.

(Ende)
         
Hier noch mal die geblockten IP Adressen zu denen umgeleitet werden sollte:
Code:
ATTFilter
2012/10/15 08:14:24 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 60436, Process: firefox.exe)
2012/10/15 08:14:24 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 60437, Process: firefox.exe)
2012/10/15 08:47:45 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 61991, Process: firefox.exe)
2012/10/15 08:47:45 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 61992, Process: firefox.exe)
2012/10/15 08:47:45 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 61993, Process: firefox.exe)
2012/10/15 08:47:45 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 61995, Process: firefox.exe)
2012/10/15 12:17:05 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64547, Process: firefox.exe)
2012/10/15 12:17:06 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64548, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64633, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64640, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	212.117.165.86 (Type: outgoing, Port: 64714, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	212.117.165.86 (Type: outgoing, Port: 64715, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64741, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64748, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64749, Process: firefox.exe)
2012/10/15 12:17:22 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64750, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	212.117.165.86 (Type: outgoing, Port: 64795, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	212.117.165.86 (Type: outgoing, Port: 64796, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64814, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64821, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64823, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	94.23.13.61 (Type: outgoing, Port: 64824, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	212.117.165.86 (Type: outgoing, Port: 64863, Process: firefox.exe)
2012/10/15 12:17:30 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	212.117.165.86 (Type: outgoing, Port: 64864, Process: firefox.exe)
2012/10/15 12:36:03 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 49202, Process: firefox.exe)
2012/10/15 12:36:03 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 49203, Process: firefox.exe)
2012/10/15 12:36:03 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 49204, Process: firefox.exe)
2012/10/15 12:36:03 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 49205, Process: firefox.exe)
2012/10/15 14:15:49 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 50664, Process: firefox.exe)
2012/10/15 14:15:50 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 50665, Process: firefox.exe)
2012/10/15 14:15:50 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 50666, Process: firefox.exe)
2012/10/15 14:15:50 +0200	BOVN2012-OBEN	Berni	IP-BLOCK	74.118.192.152 (Type: outgoing, Port: 50668, Process: firefox.exe)
         

Alt 17.10.2012, 15:33   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Redirekt Virus - Standard

Redirekt Virus




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.10.2012, 08:14   #12
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



Hier das Ergebnis des Eset Laufes:

Code:
ATTFilter
C:\Program Files (x86)\FLVPlayer\Uninstall\Uninstall.exe	a variant of Win32/InstallCore.AC application
C:\Program Files (x86)\VideoConverter\VideoConverter.exe	a variant of Win32/InstallCore.A application
C:\Users\Berni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\9WCDZU6L\DHL-Express-Delivery-Notification-9KVJU811DD (2).zip	Win32/Spy.Bebloh.H trojan
C:\Users\Berni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\9WCDZU6L\DHL-Express-Delivery-Notification-9KVJU811DD.zip	Win32/Spy.Bebloh.H trojan
C:\Users\Berni\AppData\Local\Temp\is1590112554\GiantSavings_US.exe	a variant of Win32/Toolbar.CrossRider.A application
C:\Users\Berni\AppData\Local\Temp\YontooLayers\background.html	Win32/Adware.Yontoo.C application
C:\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\174e094-66a715d3	Java/Exploit.CVE-2012-0507.BZ trojan
C:\Users\Berni\AppData\Roaming\Mozilla\Firefox\Profiles\Backups\extensions\plugin@yontoo.com\content\overlay.js	Win32/Adware.Yontoo application
C:\Users\Berni\Downloads\AnySendSetup.exe	a variant of Win32/InstallCore.AG application
C:\Users\Berni\Downloads\FLVPlayerSetup.exe	a variant of Win32/InstallCore.AC application
D:\Benutzer\Berni\Downloads\VideoConverterSetup.exe	a variant of Win32/InstallCore.AF application
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-07-04 120535\Backup files 5.zip	JS/Kryptik.RK trojan
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-07-15 220735\Backup files 1.zip	Win32/Adware.Yontoo application
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-08-17 111120\Backup files 1.zip	JS/Kryptik.VK trojan
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-17 131955\Backup files 1.zip	HTML/ScrInject.B.Gen virus
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-27 084121\Backup files 3.zip	Java/Exploit.CVE-2012-0507.BZ trojan
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-27 084121\Backup files 4.zip	multiple threats
E:\BOVN2012-OBEN\Backup Set 2012-07-04 120535\Backup Files 2012-09-30 210000\Backup files 2.zip	a variant of Win32/InstallCore.AC application
E:\weitere Backups\Version -1\SSD Backup.last\Program Files\Perfect Uninstaller\PU.exe	a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -1\Users\Administrator\Documents\FinePrint-Dateien\Spiele\War_Rock_10182011_G1_Xfire.exe	multiple threats
E:\weitere Backups\Version -1\Users\Berni\AppData\Local\Temp\ibtmp531f389\component_395.decrpt	a variant of Win32/bProtector application
E:\weitere Backups\Version -1\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\20d772f-31014455	Java/Exploit.CVE-2012-0507.L trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\FreeYouTubeDownload3123.exe	Win32/OpenCandy application
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM-UltraEdit-18.00.0.1034-incl-Keygen-CORE.rar	a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM.UltraEdit.18.00.0.1034.keygen-CORE.zip	a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\zp815free.exe	Win32/OpenCandy application
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect Uninstaller v6.3.3.9 Portable\Perfect Uninstaller v6.3.3.9 Portable.rar	a variant of MSIL/TrojanDropper.Agent.LZ trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_keygen_SN\Perfect_Uninstaller_keygen_SN.rar	probably a variant of Win32/Bifrose.ITAITJT trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011\PerfectUninstaller_Setup.exe	a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011.rar	a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -1\Users\Niko\Downloads\FreeYouTubeToMP3Converter_3.11.22.exe	Win32/OpenCandy application
E:\weitere Backups\Version -1\Users\Public\Downloads\PerfectUninstaller_Setup.exe	a variant of Win32/PerfectUninstaller application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\5c21374c-1f15e770	multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\f6e4b8e-4e254066	multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\3a75a842-2b60e518	multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1d4e065f-3b4e38a6	multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\375f56e3-4b55f97d	multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\164f55a6-7b072c44	multiple threats
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Audio und Video\SUPERsetup48.exe	Win32/OpenCandy application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Nero\Nero 8\Nero-8.2.8.0_deu_update.exe	Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Nero\Nero 8\nerophotoshowdeluxe-4-win-eu.exe	Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -2\----------Datenrettung\W7System\Users\Berni\Downloads\Software\Nero\Nero 9\9.4.26\Nero_BackItUpAndBurn-1.2.17b.exe	Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\5c21374c-1f15e770	multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\f6e4b8e-4e254066	multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\3a75a842-2b60e518	multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1d4e065f-3b4e38a6	multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\375f56e3-4b55f97d	multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\164f55a6-7b072c44	multiple threats
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\MyPhoneExplorer_Setup_1.8.1.exe	Win32/OpenCandy application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\SoftonicDownloader43585.exe	a variant of Win32/SoftonicDownloader.A application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\SoftonicDownloader_fuer_php-designer.exe	a variant of Win32/SoftonicDownloader.A application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\SUPERsetup48.exe	Win32/OpenCandy application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\winamp5621_full_emusic-7plus_all.exe	Win32/OpenCandy application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\Software\Nero\Nero 8\Nero-8.2.8.0_deu_update.exe	Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\Software\Nero\Nero 8\nerophotoshowdeluxe-4-win-eu.exe	Win32/Toolbar.AskSBar application
E:\weitere Backups\Version -3\C\Users\Berni\Downloads\Software\Nero\Nero 9\9.4.26\Nero_BackItUpAndBurn-1.2.17b.exe	Win32/Toolbar.AskSBar application
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 115.zip	Win32/Toolbar.AskSBar application
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 18.zip	multiple threats
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 19.zip	multiple threats
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 21.zip	multiple threats
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 22.zip	Win32/OpenCandy application
F:\BIVN2008OBEN\Backup Set 2011-11-27 190009\Backup Files 2011-11-27 190009\Backup files 27.zip	Win32/Toolbar.AskSBar application
G:\Downloads\version oficial de winrar 4 keygen.zip	a variant of Win32/Keygen.AI application
G:\Originale\Packer\Winzip\Winzip Pro v11.0 Winall Multilanguage  Keygen.rar	BAT/Starter.P trojan
         

Alt 19.10.2012, 10:47   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Redirekt Virus - Standard

Redirekt Virus



Code:
ATTFilter
G:\Downloads\version oficial de winrar 4 keygen.zip	a variant of Win32/Keygen.AI application
G:\Originale\Packer\Winzip\Winzip Pro v11.0 Winall Multilanguage  Keygen.rar	BAT/Starter.P trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM-UltraEdit-18.00.0.1034-incl-Keygen-CORE.rar	a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\IDM.UltraEdit.18.00.0.1034.keygen-CORE.zip	a variant of Win32/Keygen.AU application
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_keygen_SN\Perfect_Uninstaller_keygen_SN.rar	probably a variant of Win32/Bifrose.ITAITJT trojan
E:\weitere Backups\Version -1\Users\Berni\Downloads\Perfect_Uninstaller_v6.3.3.9_Datecode_29.06.2011\PerfectUninstaller_Setup.exe	a variant of
         


Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!


In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.10.2012, 12:04   #14
ImmiMax
 
Redirekt Virus - Standard

Redirekt Virus



Oh ja ihr habt recht. Ich habe nicht mehr daran gedacht, da ich nur noch mit legal erworbener Software arbeite. Auf den Betriebssystem - Laufwerken ist davon nichts mehr zu finden.

In meinen Vorversionen war das in der Tat nicht so. Deshalb sind in den alten Backups anscheinend noch Reste davon zu finden.
Die Laufwerke E:, F: und G: sind bei mir Backup Laufwerke.

Sorry, dass ich nicht daran gedacht habe.
Ist damit für Euch die Unterstützung beendet?

Antwort

Themen zu Redirekt Virus
administrator, anti, anti malware, aswmbr, destroy, dreck, hartnäckig, hitman, hoffnung, installier, installiert, laufe, laufen, lösung, malwarebytes, poste, redirect, schlagen, search, spybot, tdsskiller, versuche, viren, virus, überhaupt




Ähnliche Themen: Redirekt Virus


  1. Werbetooltipps doppelt blau unterstrichen in Chrome und IE 11 (Win 8.1) + Redirekt
    Plagegeister aller Art und deren Bekämpfung - 13.04.2014 (7)
  2. Redirekt Virus Google und andere Bidvertiser ?!
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (28)
  3. 95p.com redirekt rootkid
    Log-Analyse und Auswertung - 02.01.2012 (2)
  4. Alle Dateien versteckt - behoben, jetzt ständg redirekt zu gomeo
    Log-Analyse und Auswertung - 30.05.2011 (2)
  5. redirekt zu cpcadnet
    Plagegeister aller Art und deren Bekämpfung - 12.02.2011 (15)
  6. Virus versenden; virus angriff; virus schützen; rache;
    Log-Analyse und Auswertung - 06.12.2010 (10)
  7. AVG Anti Virus free meldet Virus PSW.Generic7.BWMP, Virus läßt sich nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (21)
  8. Redirekt Browser / Eingeschränkte Netzverbindung / Antir und Malwareohne Wirkung
    Log-Analyse und Auswertung - 06.01.2010 (3)

Zum Thema Redirekt Virus - Hallo, diese Redirect Viren sind ja echt hartnäckig! Ich bekomme meinen überhaupt nicht weg, obwohl ich Malwarebytes Anti Malware und Hitman Pro installiert habe und laufen lasse. Auch Spybot Search - Redirekt Virus...
Archiv
Du betrachtest: Redirekt Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.