Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner/Viren Infizierung per Post von der Telekom

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.01.2015, 16:11   #1
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Unglücklich

Trojaner/Viren Infizierung per Post von der Telekom



Hallo, ich bin neu hier und suche, wie alle Hilfe. Heute kam per Post in Brief der Telekom, das mind. 1 Rechner im Haus mit Trojaner oder Viren verseucht sei.
Ich hab nicht wirklich Ahnung wie oder nach was ich da schauen muss, um herauszufinden was denn nun mit dem Rechner los ist.
Ich würde mich über Hilfe riesig freuen. Vorallem- schön langsam und auch für mich verständlich

Danke schön mal....

Alt 31.01.2015, 16:26   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 31.01.2015, 18:01   #3
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



ich hoffe das ist jetzt richtig
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015 01
Ran by Sandra Weilnau (administrator) on SANDRAWEILNAU on 31-01-2015 16:59:28
Running from C:\Users\Sandra Weilnau\Downloads
Loaded Profiles: Sandra Weilnau (Available profiles: Sandra Weilnau)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\MountPoints2: {ab52bafd-f0c5-11e3-a4bd-a4f630a77dd2} - J:\pushinst.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-16] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
CHR HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402425029&from=cor&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402425029&from=cor&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402425029&from=cor&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MF707B0DB-9F72-4FB3-8B5C-BD827F6FEB9B&SearchSource=58&CUI=&UM=5&UP=SP376388CC-D9D6-4AC3-983D-A34E65E9E38A&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1420140386&from=wpm12311&uid=ST500DM002-1BD142_Z2ACPSSFXXXXZ2ACPSSF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-338094041-3377201104-4203914905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sandra Weilnau\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\searchplugins\V9.xml

Chrome: 
=======
CHR Profile: C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google Search) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Security Protection) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-01-01]
CHR Extension: (Gmail) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\Sandra Weilnau\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-15] (Elex do Brasil Participações Ltda)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SupraSavingsService64; C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [469504 2014-12-31] (SysTool PasSame LIMITED) [File not signed]
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
S2 Update EnterDigital; "C:\Program Files (x86)\EnterDigital\updateEnterDigital.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-15] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-03] (Elex do Brasil Participações Ltda)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 16:59 - 2015-01-31 17:00 - 00016748 _____ () C:\Users\Sandra Weilnau\Downloads\FRST.txt
2015-01-31 16:59 - 2015-01-31 16:59 - 00000000 ____D () C:\FRST
2015-01-31 16:58 - 2015-01-31 16:58 - 02130944 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64(1).exe
2015-01-31 16:57 - 2015-01-31 16:57 - 02130944 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64.exe
2015-01-27 10:13 - 2015-01-27 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-18 17:12 - 2015-01-31 16:48 - 00004138 _____ () C:\Windows\setupact.log
2015-01-18 17:12 - 2015-01-18 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 17:11 - 2015-01-18 17:11 - 00000350 _____ () C:\Windows\PFRO.log
2015-01-18 14:25 - 2015-01-18 14:25 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-01-18 14:24 - 2015-01-18 14:25 - 00000000 ____D () C:\Program Files (x86)\Safari
2015-01-18 14:23 - 2015-01-18 14:23 - 38494576 _____ (Apple Inc.) C:\Users\Sandra Weilnau\Downloads\SafariSetup.exe
2015-01-18 14:22 - 2015-01-18 14:22 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Macromedia
2015-01-18 14:21 - 2015-01-18 14:21 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-01-18 14:21 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Mozilla
2015-01-18 14:20 - 2015-01-27 14:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 14:20 - 2015-01-18 14:20 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-18 13:55 - 2015-01-18 13:54 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-18 13:54 - 2015-01-18 13:54 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-18 13:53 - 2015-01-18 13:53 - 00638376 _____ (Oracle Corporation) C:\Users\Sandra Weilnau\Downloads\jre-8u25-windows-i586-iftw (1).exe
2015-01-18 13:52 - 2015-01-18 13:52 - 00638376 _____ (Oracle Corporation) C:\Users\Sandra Weilnau\Downloads\jre-8u25-windows-i586-iftw.exe
2015-01-18 11:07 - 2015-01-18 11:07 - 00849032 _____ () C:\Users\Sandra Weilnau\Downloads\Player Setup.exe
2015-01-16 12:25 - 2015-01-16 12:25 - 00000000 ____D () C:\Windows\system32\log
2015-01-16 12:25 - 2015-01-16 12:25 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Elex-tech
2015-01-16 12:25 - 2015-01-16 12:25 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2015-01-16 12:25 - 2015-01-15 07:51 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-01-16 12:25 - 2015-01-03 09:57 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-01-14 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:19 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:19 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:19 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:19 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 15:19 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-01 20:26 - 2015-01-31 16:51 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2015-01-01 20:26 - 2015-01-16 11:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\WinZipper
2015-01-01 20:26 - 2015-01-01 20:26 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-01 20:26 - 2015-01-01 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 17:00 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-31 17:00 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-31 16:59 - 2014-06-10 18:16 - 02057924 _____ () C:\Windows\WindowsUpdate.log
2015-01-31 16:48 - 2014-06-12 08:18 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-31 16:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 14:23 - 2014-06-12 08:18 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 14:22 - 2014-11-02 14:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 10:48 - 2014-06-27 15:45 - 00000000 ____D () C:\Program Files\SupraSavings
2015-01-27 12:25 - 2014-09-02 08:53 - 00000242 _____ () C:\Users\Sandra Weilnau\BullseyeCoverageError.txt
2015-01-26 10:22 - 2014-11-02 14:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 10:22 - 2014-06-10 19:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 10:22 - 2014-06-10 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 20:20 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Apple Computer
2015-01-18 20:30 - 2014-06-11 04:10 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 20:30 - 2014-06-11 04:10 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 20:30 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-18 14:25 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Apple Computer
2015-01-18 14:11 - 2014-06-12 08:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-18 13:58 - 2014-11-02 14:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-18 13:55 - 2014-11-02 14:31 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-14 17:26 - 2014-06-13 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:21 - 2014-06-13 18:27 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 19:54 - 2014-06-17 08:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\vlc
2015-01-09 11:15 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-08 20:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-01 20:26 - 2014-06-10 19:30 - 00000000 ____D () C:\ProgramData\WPM
2015-01-01 20:26 - 2014-06-10 18:44 - 00001647 _____ () C:\Users\Sandra Weilnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Some content of TEMP:
====================
C:\Users\Sandra Weilnau\AppData\Local\Temp\BullseyeCoverage-2-x86.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 09:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-01-2015 01
Ran by Sandra Weilnau at 2015-01-31 17:00:32
Running from C:\Users\Sandra Weilnau\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Unity Web Player (HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.83 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-01-2015 13:45:27 Windows Update
18-01-2015 14:24:06 Installed Safari
21-01-2015 21:35:17 Windows Update
26-01-2015 09:09:59 Windows Update
29-01-2015 10:36:51 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-10 19:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03471EC2-D1EF-4912-A06D-6E3527413301} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {27386192-1739-401F-BFBE-719394FC1EF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4F9168FA-DF64-4BDB-9DC2-F5CD7214BAD8} - System32\Tasks\{0BFD0BD1-B78A-48FB-BDB0-1D19DAEB6821} => pcalua.exe -a C:\Users\SANDRA~1\AppData\Local\Temp\{D132361B-7D51-4CA2-B31D-695926883B08}\InstallFlashPlayer.exe -d C:\Users\SANDRA~1\AppData\Local\Temp\IDC2.tmp -c -iv 6
Task: {582986BC-7704-4E3D-8A47-FEFDAF58E4B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {C6EF8342-447B-4602-9D82-E368285BE08E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE6C9AD6-19A0-4D00-AB3E-11F9E9E1A157} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5780DA4-9CC0-479A-89CC-2C0A6264611F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F4CE997F-9700-4C42-BE97-8726373DF709} - System32\Tasks\{39E7ABE2-4635-4A33-A61A-5561D6505943} => pcalua.exe -a "C:\Users\Sandra Weilnau\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-25 18:58 - 2014-06-25 18:58 - 00172544 _____ () C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
2014-06-12 20:05 - 2014-06-12 20:05 - 00110080 _____ () C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\nfapi.dll
2014-06-12 20:05 - 2014-06-12 20:05 - 00456192 _____ () C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\ProtocolFilters.dll
2015-01-16 12:25 - 2015-01-15 07:43 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2015-01-01 20:26 - 2014-12-31 05:34 - 00612528 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2015-01-16 12:25 - 2015-01-15 07:43 - 00185656 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-27 10:13 - 2015-01-27 10:14 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-26 10:22 - 2015-01-26 10:22 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-338094041-3377201104-4203914905-500 - Administrator - Disabled)
Gast (S-1-5-21-338094041-3377201104-4203914905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-338094041-3377201104-4203914905-1002 - Limited - Enabled)
Sandra Weilnau (S-1-5-21-338094041-3377201104-4203914905-1000 - Administrator - Enabled) => C:\Users\Sandra Weilnau

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10357593

Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10357593

Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10356595

Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10356595

Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10355596

Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10355596

Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2015 03:24:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10354582


System errors:
=============
Error: (01/31/2015 04:49:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update EnterDigital" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/31/2015 04:48:19 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/31/2015 04:48:19 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/30/2015 02:19:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update EnterDigital" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/30/2015 02:18:59 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/30/2015 02:18:59 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/30/2015 11:09:44 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/30/2015 09:36:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update EnterDigital" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/30/2015 09:36:22 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/30/2015 09:36:22 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================
Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10357593

Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10357593

Error: (01/29/2015 03:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10356595

Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10356595

Error: (01/29/2015 03:24:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10355596

Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10355596

Error: (01/29/2015 03:24:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2015 03:24:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10354582


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X2 260 Processor
Percentage of memory in use: 57%
Total physical RAM: 3839.18 MB
Available physical RAM: 1614.23 MB
Total Pagefile: 7676.54 MB
Available Pagefile: 5184.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:86.1 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.08 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 02C0D7BF)
Partition 1: (Active) - (Size=84 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 31.01.2015, 23:18   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    WinZipper

    YAC


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2015, 10:58   #5
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Malwarebytes Anti-Rootkit BETA 1.08.3.1004
Malwarebytes | Free Anti-Malware & Internet Security Software

Database version:
main: v2015.02.01.01
rootkit: v2015.01.14.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Sandra Weilnau :: SANDRAWEILNAU [administrator]

01.02.2015 09:37:43
mbar-log-2015-02-01 (09-37-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 334468
Time elapsed: 13 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Ich hab den Log von TDSS aber der ist ja so riesig das ich das bestimmt auf 5 mal teilen muss

Code:
ATTFilter
10:03:00.0475 0x1364  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:03:31.0357 0x1364  ============================================================
10:03:31.0358 0x1364  Current date / time: 2015/02/01 10:03:31.0357
10:03:31.0358 0x1364  SystemInfo:
10:03:31.0358 0x1364  
10:03:31.0358 0x1364  OS Version: 6.1.7601 ServicePack: 1.0
10:03:31.0358 0x1364  Product type: Workstation
10:03:31.0358 0x1364  ComputerName: SANDRAWEILNAU
10:03:31.0358 0x1364  UserName: Sandra Weilnau
10:03:31.0358 0x1364  Windows directory: C:\Windows
10:03:31.0358 0x1364  System windows directory: C:\Windows
10:03:31.0358 0x1364  Running under WOW64
10:03:31.0358 0x1364  Processor architecture: Intel x64
10:03:31.0358 0x1364  Number of processors: 2
10:03:31.0358 0x1364  Page size: 0x1000
10:03:31.0358 0x1364  Boot type: Normal boot
10:03:31.0358 0x1364  ============================================================
10:03:32.0189 0x1364  KLMD registered as C:\Windows\system32\drivers\76823833.sys
10:03:32.0690 0x1364  System UUID: {02FA8625-3663-D95B-3AF6-FDF3999C9616}
10:03:33.0336 0x1364  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:03:33.0375 0x1364  ============================================================
10:03:33.0376 0x1364  \Device\Harddisk0\DR0:
10:03:33.0382 0x1364  MBR partitions:
10:03:33.0382 0x1364  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2A000
10:03:33.0382 0x1364  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
10:03:33.0382 0x1364  ============================================================
10:03:33.0409 0x1364  C: <-> \Device\Harddisk0\DR0\Partition2
10:03:33.0426 0x1364  E: <-> \Device\Harddisk0\DR0\Partition1
10:03:33.0427 0x1364  ============================================================
10:03:33.0427 0x1364  Initialize success
10:03:33.0427 0x1364  ============================================================
10:03:54.0305 0x1534  ============================================================
10:03:54.0305 0x1534  Scan started
10:03:54.0305 0x1534  Mode: Manual; 
10:03:54.0305 0x1534  ============================================================
10:03:54.0305 0x1534  KSN ping started
10:03:59.0861 0x1534  KSN ping finished: true
10:04:00.0789 0x1534  ================ Scan system memory ========================
10:04:00.0790 0x1534  System memory - ok
         
Code:
ATTFilter
10:04:00.0791 0x1534  ================ Scan services =============================
10:04:00.0946 0x1534  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:04:00.0953 0x1534  1394ohci - ok
10:04:01.0038 0x1534  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:04:01.0049 0x1534  ACPI - ok
10:04:01.0107 0x1534  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:04:01.0108 0x1534  AcpiPmi - ok
10:04:01.0257 0x1534  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:04:01.0260 0x1534  AdobeARMservice - ok
10:04:01.0427 0x1534  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:04:01.0434 0x1534  AdobeFlashPlayerUpdateSvc - ok
10:04:01.0510 0x1534  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:04:01.0527 0x1534  adp94xx - ok
10:04:01.0560 0x1534  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:04:01.0569 0x1534  adpahci - ok
10:04:01.0587 0x1534  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:04:01.0592 0x1534  adpu320 - ok
10:04:01.0647 0x1534  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:04:01.0654 0x1534  AeLookupSvc - ok
10:04:01.0722 0x1534  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:04:01.0740 0x1534  AFD - ok
10:04:01.0802 0x1534  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:04:01.0805 0x1534  agp440 - ok
10:04:01.0823 0x1534  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:04:01.0827 0x1534  ALG - ok
10:04:01.0885 0x1534  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:04:01.0886 0x1534  aliide - ok
10:04:01.0911 0x1534  [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:04:01.0916 0x1534  AMD External Events Utility - ok
10:04:01.0963 0x1534  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:04:01.0965 0x1534  amdide - ok
10:04:02.0023 0x1534  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:04:02.0026 0x1534  AmdK8 - ok
10:04:02.0056 0x1534  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:04:02.0058 0x1534  AmdPPM - ok
10:04:02.0110 0x1534  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:04:02.0114 0x1534  amdsata - ok
10:04:02.0135 0x1534  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:04:02.0140 0x1534  amdsbs - ok
10:04:02.0157 0x1534  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:04:02.0159 0x1534  amdxata - ok
10:04:02.0218 0x1534  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:04:02.0222 0x1534  AppID - ok
10:04:02.0271 0x1534  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:04:02.0285 0x1534  AppIDSvc - ok
10:04:02.0344 0x1534  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:04:02.0346 0x1534  Appinfo - ok
10:04:02.0510 0x1534  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:04:02.0516 0x1534  Apple Mobile Device - ok
10:04:02.0579 0x1534  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:04:02.0584 0x1534  arc - ok
10:04:02.0610 0x1534  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:04:02.0614 0x1534  arcsas - ok
10:04:02.0766 0x1534  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:04:02.0769 0x1534  aspnet_state - ok
10:04:02.0801 0x1534  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:04:02.0804 0x1534  AsyncMac - ok
10:04:02.0850 0x1534  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:04:02.0851 0x1534  atapi - ok
10:04:03.0040 0x1534  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:04:03.0194 0x1534  atikmdag - ok
10:04:03.0301 0x1534  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:04:03.0321 0x1534  AudioEndpointBuilder - ok
10:04:03.0340 0x1534  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:04:03.0351 0x1534  AudioSrv - ok
10:04:03.0393 0x1534  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
10:04:03.0395 0x1534  avmeject - ok
10:04:03.0456 0x1534  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:04:03.0459 0x1534  AxInstSV - ok
10:04:03.0527 0x1534  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:04:03.0537 0x1534  b06bdrv - ok
10:04:03.0581 0x1534  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:04:03.0588 0x1534  b57nd60a - ok
10:04:03.0660 0x1534  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:04:03.0664 0x1534  BDESVC - ok
10:04:03.0711 0x1534  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:04:03.0712 0x1534  Beep - ok
10:04:03.0833 0x1534  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:04:03.0856 0x1534  BFE - ok
10:04:03.0890 0x1534  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:04:03.0909 0x1534  BITS - ok
         
Code:
ATTFilter
10:04:03.0929 0x1534  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:04:03.0931 0x1534  blbdrive - ok
10:04:04.0041 0x1534  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:04:04.0053 0x1534  Bonjour Service - ok
10:04:04.0103 0x1534  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:04:04.0106 0x1534  bowser - ok
10:04:04.0137 0x1534  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:04:04.0139 0x1534  BrFiltLo - ok
10:04:04.0155 0x1534  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:04:04.0157 0x1534  BrFiltUp - ok
10:04:04.0208 0x1534  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:04:04.0212 0x1534  Browser - ok
10:04:04.0236 0x1534  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:04:04.0243 0x1534  Brserid - ok
10:04:04.0257 0x1534  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:04:04.0259 0x1534  BrSerWdm - ok
10:04:04.0269 0x1534  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:04:04.0271 0x1534  BrUsbMdm - ok
10:04:04.0285 0x1534  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:04:04.0287 0x1534  BrUsbSer - ok
10:04:04.0313 0x1534  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:04:04.0315 0x1534  BTHMODEM - ok
10:04:04.0384 0x1534  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:04:04.0387 0x1534  bthserv - ok
10:04:04.0413 0x1534  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:04:04.0416 0x1534  cdfs - ok
10:04:04.0492 0x1534  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:04:04.0503 0x1534  cdrom - ok
10:04:04.0581 0x1534  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:04:04.0585 0x1534  CertPropSvc - ok
10:04:04.0640 0x1534  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:04:04.0645 0x1534  circlass - ok
10:04:04.0683 0x1534  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:04:04.0696 0x1534  CLFS - ok
10:04:04.0776 0x1534  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:04.0782 0x1534  clr_optimization_v2.0.50727_32 - ok
10:04:04.0854 0x1534  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:04:04.0863 0x1534  clr_optimization_v2.0.50727_64 - ok
10:04:04.0968 0x1534  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:04.0971 0x1534  clr_optimization_v4.0.30319_32 - ok
10:04:05.0002 0x1534  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:04:05.0005 0x1534  clr_optimization_v4.0.30319_64 - ok
10:04:05.0056 0x1534  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:04:05.0058 0x1534  CmBatt - ok
10:04:05.0074 0x1534  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:04:05.0076 0x1534  cmdide - ok
10:04:05.0143 0x1534  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:04:05.0153 0x1534  CNG - ok
10:04:05.0168 0x1534  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:04:05.0170 0x1534  Compbatt - ok
10:04:05.0226 0x1534  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:04:05.0230 0x1534  CompositeBus - ok
10:04:05.0245 0x1534  COMSysApp - ok
10:04:05.0261 0x1534  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:04:05.0262 0x1534  crcdisk - ok
10:04:05.0328 0x1534  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:04:05.0333 0x1534  CryptSvc - ok
10:04:05.0402 0x1534  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:04:05.0414 0x1534  DcomLaunch - ok
10:04:05.0481 0x1534  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:04:05.0488 0x1534  defragsvc - ok
10:04:05.0549 0x1534  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:04:05.0560 0x1534  DfsC - ok
10:04:05.0592 0x1534  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:04:05.0601 0x1534  Dhcp - ok
10:04:05.0615 0x1534  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:04:05.0617 0x1534  discache - ok
10:04:05.0643 0x1534  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:04:05.0647 0x1534  Disk - ok
10:04:05.0703 0x1534  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:04:05.0708 0x1534  Dnscache - ok
10:04:05.0775 0x1534  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:04:05.0784 0x1534  dot3svc - ok
10:04:05.0859 0x1534  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:04:05.0865 0x1534  DPS - ok
10:04:05.0921 0x1534  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:04:05.0923 0x1534  drmkaud - ok
10:04:05.0984 0x1534  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:04:06.0006 0x1534  DXGKrnl - ok
10:04:06.0073 0x1534  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:04:06.0080 0x1534  EapHost - ok
10:04:06.0230 0x1534  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:04:06.0315 0x1534  ebdrv - ok
10:04:06.0370 0x1534  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:04:06.0372 0x1534  EFS - ok
10:04:06.0475 0x1534  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:04:06.0498 0x1534  ehRecvr - ok
10:04:06.0566 0x1534  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:04:06.0577 0x1534  ehSched - ok
10:04:06.0664 0x1534  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:04:06.0676 0x1534  elxstor - ok
10:04:06.0727 0x1534  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:04:06.0728 0x1534  ErrDev - ok
10:04:06.0792 0x1534  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:04:06.0801 0x1534  EventSystem - ok
10:04:06.0825 0x1534  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:04:06.0830 0x1534  exfat - ok
10:04:06.0856 0x1534  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:04:06.0861 0x1534  fastfat - ok
10:04:06.0926 0x1534  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:04:06.0942 0x1534  Fax - ok
10:04:06.0955 0x1534  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:04:06.0958 0x1534  fdc - ok
10:04:06.0975 0x1534  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:04:06.0977 0x1534  fdPHost - ok
10:04:06.0991 0x1534  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:04:06.0994 0x1534  FDResPub - ok
10:04:07.0004 0x1534  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:04:07.0007 0x1534  FileInfo - ok
10:04:07.0020 0x1534  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:04:07.0023 0x1534  Filetrace - ok
10:04:07.0044 0x1534  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:04:07.0046 0x1534  flpydisk - ok
10:04:07.0115 0x1534  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:04:07.0123 0x1534  FltMgr - ok
10:04:07.0229 0x1534  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:04:07.0281 0x1534  FontCache - ok
10:04:07.0422 0x1534  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:04:07.0431 0x1534  FontCache3.0.0.0 - ok
10:04:07.0491 0x1534  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:04:07.0494 0x1534  FsDepends - ok
10:04:07.0551 0x1534  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:04:07.0553 0x1534  Fs_Rec - ok
10:04:07.0620 0x1534  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:04:07.0630 0x1534  fvevol - ok
10:04:07.0672 0x1534  [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5       C:\Windows\system32\DRIVERS\fwlanusb5.sys
10:04:07.0695 0x1534  fwlanusb5 - ok
10:04:07.0722 0x1534  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:04:07.0725 0x1534  gagp30kx - ok
10:04:07.0792 0x1534  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:04:07.0796 0x1534  GEARAspiWDM - ok
10:04:07.0874 0x1534  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:04:07.0894 0x1534  gpsvc - ok
10:04:07.0924 0x1534  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:04:07.0927 0x1534  hcw85cir - ok
10:04:08.0011 0x1534  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:04:08.0020 0x1534  HdAudAddService - ok
10:04:08.0101 0x1534  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:04:08.0105 0x1534  HDAudBus - ok
10:04:08.0123 0x1534  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:04:08.0125 0x1534  HidBatt - ok
10:04:08.0146 0x1534  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:04:08.0152 0x1534  HidBth - ok
10:04:08.0163 0x1534  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:04:08.0166 0x1534  HidIr - ok
10:04:08.0218 0x1534  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:04:08.0222 0x1534  hidserv - ok
10:04:08.0283 0x1534  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:04:08.0294 0x1534  HidUsb - ok
10:04:08.0359 0x1534  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:04:08.0370 0x1534  hkmsvc - ok
10:04:08.0433 0x1534  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:04:08.0440 0x1534  HomeGroupListener - ok
10:04:08.0500 0x1534  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:04:08.0506 0x1534  HomeGroupProvider - ok
10:04:08.0579 0x1534  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:04:08.0584 0x1534  HpSAMD - ok
10:04:08.0656 0x1534  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:04:08.0674 0x1534  HTTP - ok
         
Code:
ATTFilter
[ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:04:08.0693 0x1534  hwpolicy - ok
10:04:08.0758 0x1534  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:04:08.0763 0x1534  i8042prt - ok
10:04:08.0826 0x1534  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:04:08.0836 0x1534  iaStorV - ok
10:04:08.0920 0x1534  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:04:08.0940 0x1534  idsvc - ok
10:04:08.0990 0x1534  IEEtwCollectorService - ok
10:04:09.0030 0x1534  IePluginServices - ok
10:04:09.0076 0x1534  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:04:09.0079 0x1534  iirsp - ok
10:04:09.0154 0x1534  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:04:09.0173 0x1534  IKEEXT - ok
10:04:09.0220 0x1534  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:04:09.0222 0x1534  intelide - ok
10:04:09.0249 0x1534  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:04:09.0253 0x1534  intelppm - ok
10:04:09.0300 0x1534  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:04:09.0303 0x1534  IPBusEnum - ok
10:04:09.0348 0x1534  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:04:09.0352 0x1534  IpFilterDriver - ok
10:04:09.0413 0x1534  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:04:09.0428 0x1534  iphlpsvc - ok
10:04:09.0487 0x1534  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:04:09.0492 0x1534  IPMIDRV - ok
10:04:09.0517 0x1534  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:04:09.0522 0x1534  IPNAT - ok
10:04:09.0624 0x1534  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:04:09.0643 0x1534  iPod Service - ok
10:04:09.0670 0x1534  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:04:09.0673 0x1534  IRENUM - ok
10:04:09.0890 0x1534  [ 433A1606FCC62A99E6848929198A78B1, 76DF83A5F85917BA244674A6234BECF3F9C6FE44C6F8A0B82F08616517C93922 ] iSafeKrnl       C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
10:04:09.0896 0x1534  iSafeKrnl - ok
10:04:09.0956 0x1534  [ AA0E848E069F99936966E03E2C01733F, 5B8F796231C3CF4D0C2D7FC5084F1D27F19D78B6EE9181BB8315D9F8C58B3A6E ] iSafeKrnlBoot   C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys
10:04:09.0958 0x1534  iSafeKrnlBoot - ok
10:04:09.0981 0x1534  [ 95178BB4E3AC2FDE16AFF7A3E4355498, 53544CC3B4E7F5F779BF8F2D77C84836AA66D678DB918456EE3EE277F109B044 ] iSafeKrnlKit    C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
10:04:09.0985 0x1534  iSafeKrnlKit - ok
10:04:10.0026 0x1534  [ 13CB0B41E703E9FBE6386D4549291F83, 313B671DFC4A0C006CA6289E5399C740DF6DAC12204E6FAEDBE4D5219CD12D09 ] iSafeKrnlMon    C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
10:04:10.0028 0x1534  iSafeKrnlMon - ok
10:04:10.0055 0x1534  [ 5260DF59CE11CEE7173CE864C122D9EE, DA8F0C1AE7EC5784B6E40BEB17F77A3FA401A20B94F42206F7AF4C518EF1A6DD ] iSafeKrnlR3     C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
10:04:10.0058 0x1534  iSafeKrnlR3 - ok
10:04:10.0074 0x1534  [ 8EE84CC87D67CE4DE7AF907CCA559F52, F9E93CA39F300A585A47BB9A2C916772947A0A8289A3A18AB1B2A7D9BE7615BF ] iSafeNetFilter  C:\Windows\system32\DRIVERS\iSafeNetFilter.sys
10:04:10.0076 0x1534  iSafeNetFilter - ok
10:04:10.0093 0x1534  [ 1EC45DC4F84777759EB6620325FCAD89, F354DDDC9B6E84F95016D1648FA4E16BC93600BFFDEB37EACE1B0DFA3DE645A3 ] iSafeService    C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
10:04:10.0095 0x1534  iSafeService - ok
10:04:10.0143 0x1534  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:04:10.0145 0x1534  isapnp - ok
10:04:10.0211 0x1534  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:04:10.0218 0x1534  iScsiPrt - ok
10:04:10.0257 0x1534  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:04:10.0264 0x1534  kbdclass - ok
10:04:10.0328 0x1534  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:04:10.0334 0x1534  kbdhid - ok
10:04:10.0349 0x1534  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:04:10.0351 0x1534  KeyIso - ok
10:04:10.0399 0x1534  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:04:10.0419 0x1534  KSecDD - ok
10:04:10.0473 0x1534  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:04:10.0485 0x1534  KSecPkg - ok
10:04:10.0575 0x1534  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:04:10.0577 0x1534  ksthunk - ok
10:04:10.0657 0x1534  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:04:10.0669 0x1534  KtmRm - ok
10:04:10.0736 0x1534  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:04:10.0744 0x1534  LanmanServer - ok
10:04:10.0794 0x1534  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:04:10.0799 0x1534  LanmanWorkstation - ok
10:04:10.0888 0x1534  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:04:10.0891 0x1534  lltdio - ok
10:04:10.0950 0x1534  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:04:10.0957 0x1534  lltdsvc - ok
10:04:10.0966 0x1534  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:04:10.0969 0x1534  lmhosts - ok
10:04:11.0000 0x1534  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:04:11.0004 0x1534  LSI_FC - ok
10:04:11.0024 0x1534  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:04:11.0040 0x1534  LSI_SAS - ok
10:04:11.0076 0x1534  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:04:11.0092 0x1534  LSI_SAS2 - ok
10:04:11.0107 0x1534  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:04:11.0111 0x1534  LSI_SCSI - ok
10:04:11.0140 0x1534  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:04:11.0144 0x1534  luafv - ok
10:04:11.0199 0x1534  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:04:11.0205 0x1534  Mcx2Svc - ok
10:04:11.0226 0x1534  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:04:11.0229 0x1534  megasas - ok
10:04:11.0256 0x1534  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:04:11.0274 0x1534  MegaSR - ok
10:04:11.0356 0x1534  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:04:11.0359 0x1534  MMCSS - ok
10:04:11.0398 0x1534  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:04:11.0401 0x1534  Modem - ok
10:04:11.0467 0x1534  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:04:11.0484 0x1534  monitor - ok
10:04:11.0507 0x1534  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
10:04:11.0512 0x1534  mouclass - ok
10:04:11.0548 0x1534  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:04:11.0554 0x1534  mouhid - ok
10:04:11.0604 0x1534  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:04:11.0612 0x1534  mountmgr - ok
10:04:11.0725 0x1534  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:04:11.0728 0x1534  MozillaMaintenance - ok
10:04:11.0815 0x1534  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:04:11.0821 0x1534  MpFilter - ok
10:04:11.0881 0x1534  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:04:11.0885 0x1534  mpio - ok
10:04:11.0963 0x1534  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:04:11.0970 0x1534  mpsdrv - ok
10:04:12.0050 0x1534  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:04:12.0073 0x1534  MpsSvc - ok
10:04:12.0124 0x1534  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:04:12.0129 0x1534  MRxDAV - ok
10:04:12.0188 0x1534  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:04:12.0193 0x1534  mrxsmb - ok
10:04:12.0213 0x1534  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:04:12.0220 0x1534  mrxsmb10 - ok
10:04:12.0275 0x1534  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:04:12.0280 0x1534  mrxsmb20 - ok
10:04:12.0335 0x1534  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:04:12.0337 0x1534  msahci - ok
10:04:12.0413 0x1534  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:04:12.0418 0x1534  msdsm - ok
10:04:12.0480 0x1534  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:04:12.0484 0x1534  MSDTC - ok
10:04:12.0532 0x1534  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:04:12.0534 0x1534  Msfs - ok
10:04:12.0554 0x1534  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:04:12.0556 0x1534  mshidkmdf - ok
10:04:12.0621 0x1534  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:04:12.0625 0x1534  msisadrv - ok
10:04:12.0694 0x1534  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:04:12.0700 0x1534  MSiSCSI - ok
10:04:12.0705 0x1534  msiserver - ok
10:04:12.0731 0x1534  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:04:12.0733 0x1534  MSKSSRV - ok
10:04:12.0853 0x1534  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:04:12.0854 0x1534  MsMpSvc - ok
10:04:12.0878 0x1534  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:04:12.0882 0x1534  MSPCLOCK - ok
10:04:12.0897 0x1534  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:04:12.0901 0x1534  MSPQM - ok
10:04:12.0979 0x1534  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:04:12.0991 0x1534  MsRPC - ok
10:04:13.0044 0x1534  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:04:13.0051 0x1534  mssmbios - ok
10:04:13.0083 0x1534  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:04:13.0086 0x1534  MSTEE - ok
10:04:13.0096 0x1534  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:04:13.0098 0x1534  MTConfig - ok
10:04:13.0119 0x1534  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:04:13.0122 0x1534  Mup - ok
10:04:13.0186 0x1534  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:04:13.0197 0x1534  napagent - ok
10:04:13.0235 0x1534  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:04:13.0242 0x1534  NativeWifiP - ok
10:04:13.0349 0x1534  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:04:13.0372 0x1534  NDIS - ok
10:04:13.0383 0x1534  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:04:13.0386 0x1534  NdisCap - ok
10:04:13.0413 0x1534  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:04:13.0415 0x1534  NdisTapi - ok
10:04:13.0463 0x1534  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:04:13.0466 0x1534  Ndisuio - ok
10:04:13.0518 0x1534  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:04:13.0523 0x1534  NdisWan - ok
10:04:13.0574 0x1534  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:04:13.0577 0x1534  NDProxy - ok
10:04:13.0582 0x1534  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:04:13.0584 0x1534  NetBIOS - ok
10:04:13.0640 0x1534  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:04:13.0646 0x1534  NetBT - ok
10:04:13.0681 0x1534  [ 9E34BF0784E087F7366DBD2BDA01C8EB, 299B4D9DFFC409FDC8AB8678190164E286D16A93F8FEBCE1DA649D2F748A0D1D ] netfilter64     C:\Windows\system32\drivers\netfilter64.sys
10:04:13.0684 0x1534  netfilter64 - ok
10:04:13.0696 0x1534  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:04:13.0697 0x1534  Netlogon - ok
10:04:13.0755 0x1534  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:04:13.0764 0x1534  Netman - ok
10:04:13.0812 0x1534  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0816 0x1534  NetMsmqActivator - ok
10:04:13.0822 0x1534  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0825 0x1534  NetPipeActivator - ok
10:04:13.0846 0x1534  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:04:13.0857 0x1534  netprofm - ok
10:04:13.0865 0x1534  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0868 0x1534  NetTcpActivator - ok
10:04:13.0874 0x1534  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:04:13.0877 0x1534  NetTcpPortSharing - ok
10:04:13.0924 0x1534  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:04:13.0927 0x1534  nfrd960 - ok
10:04:14.0010 0x1534  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:04:14.0020 0x1534  NisDrv - ok
10:04:14.0080 0x1534  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:04:14.0090 0x1534  NisSrv - ok
10:04:14.0138 0x1534  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:04:14.0146 0x1534  NlaSvc - ok
10:04:14.0161 0x1534  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:04:14.0164 0x1534  Npfs - ok
10:04:14.0215 0x1534  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:04:14.0219 0x1534  nsi - ok
10:04:14.0247 0x1534  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:04:14.0250 0x1534  nsiproxy - ok
10:04:14.0387 0x1534  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:04:14.0447 0x1534  Ntfs - ok
10:04:14.0482 0x1534  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:04:14.0483 0x1534  Null - ok
10:04:14.0502 0x1534  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:04:14.0506 0x1534  nvraid - ok
10:04:14.0555 0x1534  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:04:14.0562 0x1534  nvstor - ok
10:04:14.0616 0x1534  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:04:14.0620 0x1534  nv_agp - ok
10:04:14.0663 0x1534  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:04:14.0666 0x1534  ohci1394 - ok
10:04:14.0719 0x1534  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:04:14.0727 0x1534  p2pimsvc - ok
10:04:14.0746 0x1534  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:04:14.0757 0x1534  p2psvc - ok
10:04:14.0781 0x1534  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:04:14.0785 0x1534  Parport - ok
10:04:14.0833 0x1534  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:04:14.0836 0x1534  partmgr - ok
10:04:14.0849 0x1534  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:04:14.0854 0x1534  PcaSvc - ok
10:04:14.0869 0x1534  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:04:14.0874 0x1534  pci - ok
10:04:14.0928 0x1534  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:04:14.0930 0x1534  pciide - ok
10:04:14.0956 0x1534  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:04:14.0961 0x1534  pcmcia - ok
10:04:14.0979 0x1534  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:04:14.0981 0x1534  pcw - ok
10:04:15.0010 0x1534  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:04:15.0025 0x1534  PEAUTH - ok
10:04:15.0109 0x1534  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:04:15.0111 0x1534  PerfHost - ok
10:04:15.0202 0x1534  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:04:15.0244 0x1534  pla - ok
10:04:15.0321 0x1534  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:04:15.0331 0x1534  PlugPlay - ok
10:04:15.0382 0x1534  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:04:15.0386 0x1534  PNRPAutoReg - ok
10:04:15.0410 0x1534  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:04:15.0416 0x1534  PNRPsvc - ok
10:04:15.0475 0x1534  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:04:15.0486 0x1534  PolicyAgent - ok
         


Alt 01.02.2015, 11:01   #6
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Code:
ATTFilter
10:04:15.0548 0x1534  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:04:15.0571 0x1534  Power - ok
10:04:15.0634 0x1534  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:04:15.0639 0x1534  PptpMiniport - ok
10:04:15.0689 0x1534  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:04:15.0692 0x1534  Processor - ok
10:04:15.0761 0x1534  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:04:15.0767 0x1534  ProfSvc - ok
10:04:15.0777 0x1534  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:04:15.0778 0x1534  ProtectedStorage - ok
10:04:15.0832 0x1534  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:04:15.0836 0x1534  Psched - ok
10:04:15.0894 0x1534  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:04:15.0943 0x1534  ql2300 - ok
10:04:15.0958 0x1534  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:04:15.0962 0x1534  ql40xx - ok
10:04:16.0025 0x1534  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:04:16.0040 0x1534  QWAVE - ok
10:04:16.0060 0x1534  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:04:16.0063 0x1534  QWAVEdrv - ok
10:04:16.0079 0x1534  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:04:16.0081 0x1534  RasAcd - ok
10:04:16.0103 0x1534  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:04:16.0106 0x1534  RasAgileVpn - ok
10:04:16.0115 0x1534  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:04:16.0120 0x1534  RasAuto - ok
10:04:16.0173 0x1534  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:04:16.0177 0x1534  Rasl2tp - ok
10:04:16.0194 0x1534  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:04:16.0205 0x1534  RasMan - ok
10:04:16.0220 0x1534  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:04:16.0224 0x1534  RasPppoe - ok
10:04:16.0239 0x1534  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:04:16.0242 0x1534  RasSstp - ok
10:04:16.0298 0x1534  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:04:16.0306 0x1534  rdbss - ok
10:04:16.0326 0x1534  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:04:16.0327 0x1534  rdpbus - ok
10:04:16.0343 0x1534  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:04:16.0345 0x1534  RDPCDD - ok
10:04:16.0369 0x1534  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:04:16.0371 0x1534  RDPENCDD - ok
10:04:16.0387 0x1534  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:04:16.0389 0x1534  RDPREFMP - ok
10:04:16.0493 0x1534  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:04:16.0495 0x1534  RdpVideoMiniport - ok
10:04:16.0549 0x1534  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:04:16.0555 0x1534  RDPWD - ok
10:04:16.0614 0x1534  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:04:16.0619 0x1534  rdyboost - ok
10:04:16.0662 0x1534  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:04:16.0666 0x1534  RemoteAccess - ok
10:04:16.0719 0x1534  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:04:16.0724 0x1534  RemoteRegistry - ok
10:04:16.0740 0x1534  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:04:16.0743 0x1534  RpcEptMapper - ok
10:04:16.0795 0x1534  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:04:16.0797 0x1534  RpcLocator - ok
10:04:16.0881 0x1534  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:04:16.0898 0x1534  RpcSs - ok
10:04:16.0958 0x1534  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:04:16.0962 0x1534  rspndr - ok
10:04:17.0021 0x1534  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:04:17.0034 0x1534  RTL8167 - ok
10:04:17.0042 0x1534  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:04:17.0043 0x1534  SamSs - ok
10:04:17.0089 0x1534  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:04:17.0092 0x1534  sbp2port - ok
10:04:17.0148 0x1534  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:04:17.0166 0x1534  SCardSvr - ok
10:04:17.0215 0x1534  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:04:17.0217 0x1534  scfilter - ok
10:04:17.0296 0x1534  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:04:17.0331 0x1534  Schedule - ok
10:04:17.0383 0x1534  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:04:17.0385 0x1534  SCPolicySvc - ok
10:04:17.0438 0x1534  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:04:17.0444 0x1534  SDRSVC - ok
10:04:17.0501 0x1534  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:04:17.0503 0x1534  secdrv - ok
10:04:17.0516 0x1534  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:04:17.0519 0x1534  seclogon - ok
10:04:17.0533 0x1534  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:04:17.0536 0x1534  SENS - ok
10:04:17.0554 0x1534  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:04:17.0560 0x1534  SensrSvc - ok
10:04:17.0569 0x1534  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:04:17.0572 0x1534  Serenum - ok
10:04:17.0590 0x1534  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:04:17.0594 0x1534  Serial - ok
10:04:17.0644 0x1534  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:04:17.0646 0x1534  sermouse - ok
10:04:17.0712 0x1534  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:04:17.0716 0x1534  SessionEnv - ok
10:04:17.0762 0x1534  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:04:17.0764 0x1534  sffdisk - ok
10:04:17.0813 0x1534  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:04:17.0817 0x1534  sffp_mmc - ok
10:04:17.0876 0x1534  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:04:17.0878 0x1534  sffp_sd - ok
10:04:17.0895 0x1534  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:04:17.0897 0x1534  sfloppy - ok
10:04:17.0955 0x1534  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:04:17.0965 0x1534  SharedAccess - ok
10:04:18.0017 0x1534  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:04:18.0026 0x1534  ShellHWDetection - ok
10:04:18.0046 0x1534  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:04:18.0048 0x1534  SiSRaid2 - ok
10:04:18.0064 0x1534  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:04:18.0067 0x1534  SiSRaid4 - ok
10:04:18.0092 0x1534  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:04:18.0096 0x1534  Smb - ok
10:04:18.0165 0x1534  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:04:18.0167 0x1534  SNMPTRAP - ok
10:04:18.0175 0x1534  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:04:18.0177 0x1534  spldr - ok
10:04:18.0237 0x1534  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:04:18.0249 0x1534  Spooler - ok
10:04:18.0412 0x1534  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:04:18.0501 0x1534  sppsvc - ok
10:04:18.0519 0x1534  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:04:18.0523 0x1534  sppuinotify - ok
10:04:18.0581 0x1534  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:04:18.0591 0x1534  srv - ok
10:04:18.0651 0x1534  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:04:18.0660 0x1534  srv2 - ok
10:04:18.0714 0x1534  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:04:18.0718 0x1534  srvnet - ok
10:04:18.0732 0x1534  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:04:18.0738 0x1534  SSDPSRV - ok
10:04:18.0750 0x1534  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:04:18.0754 0x1534  SstpSvc - ok
10:04:18.0803 0x1534  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:04:18.0849 0x1534  stexstor - ok
10:04:18.0945 0x1534  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:04:18.0966 0x1534  stisvc - ok
10:04:19.0002 0x1534  [ 1A6636D0E7E38CEB2B6B2E00AC17A4AF, 6649E824E6C0CD3FAC84BB395A340170807068A290E6F2A1CE84CB803FD684C9 ] SupraSavingsService64 C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
10:04:19.0006 0x1534  SupraSavingsService64 - ok
10:04:19.0052 0x1534  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:04:19.0053 0x1534  swenum - ok
10:04:19.0133 0x1534  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:04:19.0152 0x1534  swprv - ok
10:04:19.0249 0x1534  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:04:19.0300 0x1534  SysMain - ok
10:04:19.0353 0x1534  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:04:19.0356 0x1534  TabletInputService - ok
10:04:19.0378 0x1534  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:04:19.0386 0x1534  TapiSrv - ok
10:04:19.0399 0x1534  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:04:19.0403 0x1534  TBS - ok
10:04:19.0494 0x1534  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:04:19.0545 0x1534  Tcpip - ok
10:04:19.0618 0x1534  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:04:19.0652 0x1534  TCPIP6 - ok
10:04:19.0706 0x1534  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:04:19.0712 0x1534  tcpipreg - ok
10:04:19.0772 0x1534  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:04:19.0774 0x1534  TDPIPE - ok
10:04:19.0797 0x1534  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:04:19.0799 0x1534  TDTCP - ok
10:04:19.0873 0x1534  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:04:19.0879 0x1534  tdx - ok
10:04:19.0932 0x1534  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:04:19.0936 0x1534  TermDD - ok
10:04:20.0003 0x1534  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:04:20.0019 0x1534  TermService - ok
10:04:20.0062 0x1534  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:04:20.0065 0x1534  Themes - ok
10:04:20.0114 0x1534  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:04:20.0116 0x1534  THREADORDER - ok
10:04:20.0136 0x1534  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:04:20.0140 0x1534  TrkWks - ok
10:04:20.0212 0x1534  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:04:20.0216 0x1534  TrustedInstaller - ok
10:04:20.0264 0x1534  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:04:20.0266 0x1534  tssecsrv - ok
10:04:20.0329 0x1534  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:04:20.0332 0x1534  TsUsbFlt - ok
10:04:20.0401 0x1534  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:04:20.0405 0x1534  tunnel - ok
10:04:20.0459 0x1534  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:04:20.0467 0x1534  uagp35 - ok
10:04:20.0500 0x1534  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:04:20.0510 0x1534  udfs - ok
10:04:20.0565 0x1534  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:04:20.0569 0x1534  UI0Detect - ok
10:04:20.0584 0x1534  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:04:20.0588 0x1534  uliagpkx - ok
10:04:20.0648 0x1534  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:04:20.0651 0x1534  umbus - ok
10:04:20.0668 0x1534  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:04:20.0670 0x1534  UmPass - ok
10:04:20.0708 0x1534  Update EnterDigital - ok
10:04:20.0728 0x1534  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:04:20.0738 0x1534  upnphost - ok
10:04:20.0789 0x1534  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:04:20.0792 0x1534  USBAAPL64 - ok
10:04:20.0855 0x1534  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:04:20.0864 0x1534  usbccgp - ok
10:04:20.0908 0x1534  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:04:20.0914 0x1534  usbcir - ok
10:04:20.0935 0x1534  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:04:20.0939 0x1534  usbehci - ok
10:04:20.0957 0x1534  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:04:20.0966 0x1534  usbhub - ok
10:04:20.0981 0x1534  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:04:20.0984 0x1534  usbohci - ok
10:04:21.0038 0x1534  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:04:21.0042 0x1534  usbprint - ok
10:04:21.0103 0x1534  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:04:21.0106 0x1534  USBSTOR - ok
10:04:21.0161 0x1534  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:04:21.0165 0x1534  usbuhci - ok
10:04:21.0214 0x1534  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:04:21.0219 0x1534  UxSms - ok
10:04:21.0238 0x1534  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:04:21.0240 0x1534  VaultSvc - ok
10:04:21.0249 0x1534  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:04:21.0251 0x1534  vdrvroot - ok
10:04:21.0308 0x1534  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:04:21.0321 0x1534  vds - ok
10:04:21.0369 0x1534  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:04:21.0371 0x1534  vga - ok
10:04:21.0384 0x1534  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:04:21.0386 0x1534  VgaSave - ok
10:04:21.0439 0x1534  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:04:21.0444 0x1534  vhdmp - ok
10:04:21.0492 0x1534  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:04:21.0495 0x1534  viaide - ok
10:04:21.0504 0x1534  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:04:21.0507 0x1534  volmgr - ok
10:04:21.0579 0x1534  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:04:21.0593 0x1534  volmgrx - ok
10:04:21.0651 0x1534  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:04:21.0660 0x1534  volsnap - ok
10:04:21.0689 0x1534  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:04:21.0693 0x1534  vsmraid - ok
10:04:21.0782 0x1534  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:04:21.0823 0x1534  VSS - ok
10:04:21.0835 0x1534  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:04:21.0837 0x1534  vwifibus - ok
10:04:21.0860 0x1534  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:04:21.0863 0x1534  vwififlt - ok
10:04:21.0943 0x1534  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:04:21.0960 0x1534  W32Time - ok
10:04:21.0981 0x1534  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:04:21.0983 0x1534  WacomPen - ok
10:04:22.0049 0x1534  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:04:22.0053 0x1534  WANARP - ok
10:04:22.0058 0x1534  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:04:22.0060 0x1534  Wanarpv6 - ok
10:04:22.0136 0x1534  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:04:22.0179 0x1534  wbengine - ok
10:04:22.0192 0x1534  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:04:22.0198 0x1534  WbioSrvc - ok
10:04:22.0250 0x1534  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:04:22.0259 0x1534  wcncsvc - ok
10:04:22.0278 0x1534  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:04:22.0282 0x1534  WcsPlugInService - ok
10:04:22.0325 0x1534  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:04:22.0327 0x1534  Wd - ok
10:04:22.0388 0x1534  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:04:22.0406 0x1534  Wdf01000 - ok
10:04:22.0423 0x1534  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:04:22.0427 0x1534  WdiServiceHost - ok
10:04:22.0433 0x1534  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:04:22.0436 0x1534  WdiSystemHost - ok
10:04:22.0492 0x1534  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:04:22.0499 0x1534  WebClient - ok
10:04:22.0514 0x1534  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:04:22.0521 0x1534  Wecsvc - ok
10:04:22.0536 0x1534  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:04:22.0540 0x1534  wercplsupport - ok
10:04:22.0559 0x1534  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:04:22.0578 0x1534  WerSvc - ok
10:04:22.0646 0x1534  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:04:22.0649 0x1534  WfpLwf - ok
10:04:22.0688 0x1534  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:04:22.0690 0x1534  WIMMount - ok
10:04:22.0751 0x1534  WinDefend - ok
10:04:22.0797 0x1534  WindowsMangerProtect - ok
10:04:22.0801 0x1534  WinHttpAutoProxySvc - ok
10:04:22.0875 0x1534  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:04:22.0881 0x1534  Winmgmt - ok
10:04:23.0000 0x1534  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
10:04:23.0055 0x1534  WinRM - ok
10:04:23.0133 0x1534  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:04:23.0135 0x1534  WinUsb - ok
10:04:23.0201 0x1534  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:04:23.0222 0x1534  Wlansvc - ok
10:04:23.0331 0x1534  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:04:23.0370 0x1534  wlidsvc - ok
10:04:23.0433 0x1534  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:04:23.0435 0x1534  WmiAcpi - ok
10:04:23.0499 0x1534  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:04:23.0504 0x1534  wmiApSrv - ok
10:04:23.0521 0x1534  WMPNetworkSvc - ok
10:04:23.0573 0x1534  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:04:23.0578 0x1534  WPCSvc - ok
10:04:23.0639 0x1534  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:04:23.0645 0x1534  WPDBusEnum - ok
10:04:23.0703 0x1534  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:04:23.0707 0x1534  ws2ifsl - ok
10:04:23.0740 0x1534  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:04:23.0744 0x1534  wscsvc - ok
10:04:23.0749 0x1534  WSearch - ok
10:04:23.0911 0x1534  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:04:23.0980 0x1534  wuauserv - ok
10:04:24.0039 0x1534  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:04:24.0043 0x1534  WudfPf - ok
10:04:24.0057 0x1534  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:04:24.0062 0x1534  WUDFRd - ok
10:04:24.0113 0x1534  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:04:24.0117 0x1534  wudfsvc - ok
10:04:24.0171 0x1534  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:04:24.0178 0x1534  WwanSvc - ok
10:04:24.0199 0x1534  ================ Scan global ===============================
10:04:24.0227 0x1534  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:04:24.0289 0x1534  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:04:24.0302 0x1534  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:04:24.0349 0x1534  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:04:24.0403 0x1534  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:04:24.0411 0x1534  [ Global ] - ok
10:04:24.0412 0x1534  ================ Scan MBR ==================================
10:04:24.0417 0x1534  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:04:24.0549 0x1534  \Device\Harddisk0\DR0 - ok
10:04:24.0552 0x1534  ================ Scan VBR ==================================
10:04:24.0553 0x1534  [ 165AFBE9DB6734817E9C60ECB340A5CA ] \Device\Harddisk0\DR0\Partition1
10:04:24.0554 0x1534  \Device\Harddisk0\DR0\Partition1 - ok
10:04:24.0562 0x1534  [ F2393307D2C6853D77840921D21F94C8 ] \Device\Harddisk0\DR0\Partition2
10:04:24.0563 0x1534  \Device\Harddisk0\DR0\Partition2 - ok
10:04:24.0567 0x1534  ================ Scan generic autorun ======================
10:04:24.0681 0x1534  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:04:24.0704 0x1534  MSC - ok
10:04:24.0749 0x1534  [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
10:04:24.0768 0x1534  AVMWlanClient - ok
10:04:24.0835 0x1534  [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:04:24.0843 0x1534  SunJavaUpdateSched - ok
10:04:24.0948 0x1534  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:04:24.0952 0x1534  iTunesHelper - ok
10:04:25.0023 0x1534  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:04:25.0032 0x1534  QuickTime Task - ok
10:04:25.0117 0x1534  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:04:25.0149 0x1534  Sidebar - ok
10:04:25.0198 0x1534  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:04:25.0202 0x1534  mctadmin - ok
10:04:25.0250 0x1534  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:04:25.0268 0x1534  Sidebar - ok
10:04:25.0276 0x1534  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:04:25.0278 0x1534  mctadmin - ok
10:04:25.0279 0x1534  Waiting for KSN requests completion. In queue: 322
10:04:26.0279 0x1534  Waiting for KSN requests completion. In queue: 322
10:04:27.0279 0x1534  Waiting for KSN requests completion. In queue: 289
10:04:28.0279 0x1534  Waiting for KSN requests completion. In queue: 289
10:04:29.0279 0x1534  Waiting for KSN requests completion. In queue: 28
10:04:30.0279 0x1534  Waiting for KSN requests completion. In queue: 28
10:04:31.0279 0x1534  Waiting for KSN requests completion. In queue: 28
10:04:32.0279 0x1534  Waiting for KSN requests completion. In queue: 28
10:04:33.0299 0x1534  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:04:33.0338 0x1534  Win FW state via NFP2: enabled
10:04:35.0743 0x1534  ============================================================
10:04:35.0743 0x1534  Scan finished
10:04:35.0743 0x1534  ============================================================
10:04:35.0767 0x16c0  Detected object count: 0
10:04:35.0767 0x16c0  Actual detected object count: 0
10:04:49.0299 0x11b8  ============================================================
10:04:49.0299 0x11b8  Scan started
10:04:49.0299 0x11b8  Mode: Manual; 
10:04:49.0299 0x11b8  ============================================================
10:04:49.0299 0x11b8  KSN ping started
10:04:51.0670 0x11b8  KSN ping finished: true
10:04:52.0670 0x11b8  ================ Scan system memory ========================
10:04:52.0670 0x11b8  System memory - ok
10:04:52.0670 0x11b8  ================ Scan services =============================
10:04:52.0810 0x11b8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:04:52.0820 0x11b8  1394ohci - ok
10:04:52.0900 0x11b8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:04:52.0910 0x11b8  ACPI - ok
10:04:52.0970 0x11b8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:04:52.0970 0x11b8  AcpiPmi - ok
10:04:53.0100 0x11b8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:04:53.0100 0x11b8  AdobeARMservice - ok
10:04:53.0240 0x11b8  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:04:53.0250 0x11b8  AdobeFlashPlayerUpdateSvc - ok
10:04:53.0330 0x11b8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:04:53.0340 0x11b8  adp94xx - ok
10:04:53.0370 0x11b8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:04:53.0370 0x11b8  adpahci - ok
10:04:53.0400 0x11b8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:04:53.0400 0x11b8  adpu320 - ok
10:04:53.0440 0x11b8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:04:53.0450 0x11b8  AeLookupSvc - ok
10:04:53.0510 0x11b8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:04:53.0520 0x11b8  AFD - ok
10:04:53.0570 0x11b8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:04:53.0570 0x11b8  agp440 - ok
10:04:53.0580 0x11b8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:04:53.0580 0x11b8  ALG - ok
10:04:53.0630 0x11b8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:04:53.0630 0x11b8  aliide - ok
10:04:53.0650 0x11b8  [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:04:53.0660 0x11b8  AMD External Events Utility - ok
10:04:53.0710 0x11b8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:04:53.0710 0x11b8  amdide - ok
10:04:53.0770 0x11b8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:04:53.0770 0x11b8  AmdK8 - ok
10:04:53.0780 0x11b8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:04:53.0780 0x11b8  AmdPPM - ok
10:04:53.0840 0x11b8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:04:53.0840 0x11b8  amdsata - ok
10:04:53.0860 0x11b8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:04:53.0860 0x11b8  amdsbs - ok
10:04:53.0880 0x11b8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:04:53.0880 0x11b8  amdxata - ok
10:04:53.0940 0x11b8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:04:53.0940 0x11b8  AppID - ok
10:04:54.0000 0x11b8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:04:54.0000 0x11b8  AppIDSvc - ok
10:04:54.0050 0x11b8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:04:54.0060 0x11b8  Appinfo - ok
10:04:54.0200 0x11b8  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:04:54.0210 0x11b8  Apple Mobile Device - ok
10:04:54.0270 0x11b8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:04:54.0280 0x11b8  arc - ok
10:04:54.0300 0x11b8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:04:54.0310 0x11b8  arcsas - ok
10:04:54.0450 0x11b8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:04:54.0450 0x11b8  aspnet_state - ok
10:04:54.0460 0x11b8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:04:54.0460 0x11b8  AsyncMac - ok
10:04:54.0510 0x11b8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:04:54.0510 0x11b8  atapi - ok
10:04:54.0690 0x11b8  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:04:54.0790 0x11b8  atikmdag - ok
10:04:54.0890 0x11b8  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:04:54.0913 0x11b8  AudioEndpointBuilder - ok
10:04:54.0932 0x11b8  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:04:54.0942 0x11b8  AudioSrv - ok
10:04:54.0972 0x11b8  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
10:04:54.0972 0x11b8  avmeject - ok
10:04:55.0022 0x11b8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:04:55.0022 0x11b8  AxInstSV - ok
10:04:55.0082 0x11b8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:04:55.0092 0x11b8  b06bdrv - ok
10:04:55.0128 0x11b8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:04:55.0133 0x11b8  b57nd60a - ok
10:04:55.0184 0x11b8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:04:55.0184 0x11b8  BDESVC - ok
10:04:55.0194 0x11b8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:04:55.0194 0x11b8  Beep - ok
10:04:55.0264 0x11b8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:04:55.0274 0x11b8  BFE - ok
10:04:55.0304 0x11b8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:04:55.0324 0x11b8  BITS - ok
10:04:55.0334 0x11b8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:04:55.0334 0x11b8  blbdrive - ok
10:04:55.0414 0x11b8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:04:55.0424 0x11b8  Bonjour Service - ok
10:04:55.0474 0x11b8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:04:55.0484 0x11b8  bowser - ok
10:04:55.0524 0x11b8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:04:55.0524 0x11b8  BrFiltLo - ok
10:04:55.0544 0x11b8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:04:55.0544 0x11b8  BrFiltUp - ok
10:04:55.0594 0x11b8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:04:55.0594 0x11b8  Browser - ok
10:04:55.0624 0x11b8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:04:55.0624 0x11b8  Brserid - ok
10:04:55.0644 0x11b8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:04:55.0644 0x11b8  BrSerWdm - ok
10:04:55.0654 0x11b8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:04:55.0654 0x11b8  BrUsbMdm - ok
10:04:55.0674 0x11b8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:04:55.0674 0x11b8  BrUsbSer - ok
10:04:55.0684 0x11b8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:04:55.0694 0x11b8  BTHMODEM - ok
10:04:55.0744 0x11b8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:04:55.0754 0x11b8  bthserv - ok
10:04:55.0784 0x11b8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:04:55.0794 0x11b8  cdfs - ok
10:04:55.0844 0x11b8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:04:55.0844 0x11b8  cdrom - ok
10:04:55.0894 0x11b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:04:55.0904 0x11b8  CertPropSvc - ok
10:04:55.0914 0x11b8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:04:55.0914 0x11b8  circlass - ok
10:04:55.0934 0x11b8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:04:55.0944 0x11b8  CLFS - ok
10:04:56.0024 0x11b8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:56.0024 0x11b8  clr_optimization_v2.0.50727_32 - ok
10:04:56.0084 0x11b8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:04:56.0084 0x11b8  clr_optimization_v2.0.50727_64 - ok
10:04:56.0164 0x11b8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:56.0174 0x11b8  clr_optimization_v4.0.30319_32 - ok
10:04:56.0184 0x11b8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:04:56.0194 0x11b8  clr_optimization_v4.0.30319_64 - ok
10:04:56.0244 0x11b8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:04:56.0244 0x11b8  CmBatt - ok
10:04:56.0264 0x11b8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:04:56.0264 0x11b8  cmdide - ok
10:04:56.0354 0x11b8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:04:56.0364 0x11b8  CNG - ok
10:04:56.0384 0x11b8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:04:56.0384 0x11b8  Compbatt - ok
10:04:56.0434 0x11b8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:04:56.0434 0x11b8  CompositeBus - ok
10:04:56.0444 0x11b8  COMSysApp - ok
10:04:56.0464 0x11b8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:04:56.0464 0x11b8  crcdisk - ok
10:04:56.0514 0x11b8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:04:56.0514 0x11b8  CryptSvc - ok
10:04:56.0584 0x11b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:04:56.0594 0x11b8  DcomLaunch - ok
10:04:56.0654 0x11b8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:04:56.0664 0x11b8  defragsvc - ok
10:04:56.0725 0x11b8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:04:56.0727 0x11b8  DfsC - ok
10:04:56.0770 0x11b8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:04:56.0777 0x11b8  Dhcp - ok
10:04:56.0820 0x11b8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:04:56.0823 0x11b8  discache - ok
10:04:56.0882 0x11b8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:04:56.0884 0x11b8  Disk - ok
10:04:56.0942 0x11b8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:04:56.0946 0x11b8  Dnscache - ok
10:04:57.0002 0x11b8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:04:57.0007 0x11b8  dot3svc - ok
10:04:57.0075 0x11b8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:04:57.0079 0x11b8  DPS - ok
10:04:57.0126 0x11b8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:04:57.0126 0x11b8  drmkaud - ok
10:04:57.0182 0x11b8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:04:57.0200 0x11b8  DXGKrnl - ok
10:04:57.0256 0x11b8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:04:57.0264 0x11b8  EapHost - ok
10:04:57.0449 0x11b8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:04:57.0538 0x11b8  ebdrv - ok
10:04:57.0594 0x11b8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:04:57.0596 0x11b8  EFS - ok
10:04:57.0930 0x11b8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:04:57.0951 0x11b8  ehRecvr - ok
10:04:58.0041 0x11b8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:04:58.0046 0x11b8  ehSched - ok
10:04:58.0156 0x11b8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:04:58.0170 0x11b8  elxstor - ok
10:04:58.0240 0x11b8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:04:58.0241 0x11b8  ErrDev - ok
10:04:58.0361 0x11b8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:04:58.0368 0x11b8  EventSystem - ok
10:04:58.0469 0x11b8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:04:58.0489 0x11b8  exfat - ok
10:04:58.0524 0x11b8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:04:58.0529 0x11b8  fastfat - ok
10:04:58.0641 0x11b8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:04:58.0653 0x11b8  Fax - ok
10:04:58.0668 0x11b8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:04:58.0669 0x11b8  fdc - ok
10:04:58.0722 0x11b8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:04:58.0723 0x11b8  fdPHost - ok
10:04:58.0737 0x11b8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:04:58.0739 0x11b8  FDResPub - ok
10:04:58.0751 0x11b8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:04:58.0752 0x11b8  FileInfo - ok
10:04:58.0767 0x11b8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:04:58.0768 0x11b8  Filetrace - ok
10:04:58.0783 0x11b8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:04:58.0784 0x11b8  flpydisk - ok
10:04:58.0857 0x11b8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:04:58.0862 0x11b8  FltMgr - ok
10:04:59.0095 0x11b8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:04:59.0120 0x11b8  FontCache - ok
10:04:59.0227 0x11b8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:04:59.0228 0x11b8  FontCache3.0.0.0 - ok
10:04:59.0296 0x11b8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:04:59.0297 0x11b8  FsDepends - ok
10:04:59.0380 0x11b8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:04:59.0381 0x11b8  Fs_Rec - ok
10:04:59.0449 0x11b8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:04:59.0454 0x11b8  fvevol - ok
10:04:59.0562 0x11b8  [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5       C:\Windows\system32\DRIVERS\fwlanusb5.sys
10:04:59.0580 0x11b8  fwlanusb5 - ok
10:04:59.0652 0x11b8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:04:59.0654 0x11b8  gagp30kx - ok
10:04:59.0735 0x11b8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:04:59.0735 0x11b8  GEARAspiWDM - ok
10:04:59.0815 0x11b8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:04:59.0829 0x11b8  gpsvc - ok
10:04:59.0853 0x11b8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:04:59.0854 0x11b8  hcw85cir - ok
10:04:59.0938 0x11b8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:04:59.0945 0x11b8  HdAudAddService - ok
10:04:59.0997 0x11b8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:04:59.0999 0x11b8  HDAudBus - ok
10:05:00.0019 0x11b8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:05:00.0020 0x11b8  HidBatt - ok
10:05:00.0054 0x11b8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:05:00.0056 0x11b8  HidBth - ok
10:05:00.0101 0x11b8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:05:00.0102 0x11b8  HidIr - ok
10:05:00.0180 0x11b8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:05:00.0182 0x11b8  hidserv - ok
10:05:00.0237 0x11b8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:05:00.0238 0x11b8  HidUsb - ok
10:05:00.0305 0x11b8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:05:00.0307 0x11b8  hkmsvc - ok
10:05:00.0390 0x11b8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:05:00.0394 0x11b8  HomeGroupListener - ok
10:05:00.0486 0x11b8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:05:00.0493 0x11b8  HomeGroupProvider - ok
10:05:00.0575 0x11b8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:05:00.0581 0x11b8  HpSAMD - ok
10:05:00.0750 0x11b8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:05:00.0766 0x11b8  HTTP - ok
10:05:00.0831 0x11b8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:05:00.0832 0x11b8  hwpolicy - ok
10:05:00.0900 0x11b8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:05:00.0903 0x11b8  i8042prt - ok
10:05:01.0018 0x11b8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:05:01.0026 0x11b8  iaStorV - ok
10:05:01.0245 0x11b8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:05:01.0267 0x11b8  idsvc - ok
10:05:01.0286 0x11b8  IEEtwCollectorService - ok
10:05:01.0353 0x11b8  IePluginServices - ok
10:05:01.0430 0x11b8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:05:01.0431 0x11b8  iirsp - ok
10:05:01.0562 0x11b8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:05:01.0577 0x11b8  IKEEXT - ok
10:05:01.0624 0x11b8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:05:01.0624 0x11b8  intelide - ok
10:05:01.0645 0x11b8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:05:01.0646 0x11b8  intelppm - ok
10:05:01.0717 0x11b8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:05:01.0720 0x11b8  IPBusEnum - ok
10:05:01.0778 0x11b8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:05:01.0779 0x11b8  IpFilterDriver - ok
10:05:01.0907 0x11b8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:05:01.0929 0x11b8  iphlpsvc - ok
10:05:02.0028 0x11b8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:05:02.0029 0x11b8  IPMIDRV - ok
10:05:02.0079 0x11b8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:05:02.0081 0x11b8  IPNAT - ok
10:05:02.0253 0x11b8  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:05:02.0264 0x11b8  iPod Service - ok
10:05:02.0282 0x11b8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:05:02.0283 0x11b8  IRENUM - ok
10:05:02.0508 0x11b8  [ 433A1606FCC62A99E6848929198A78B1, 76DF83A5F85917BA244674A6234BECF3F9C6FE44C6F8A0B82F08616517C93922 ] iSafeKrnl       C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
10:05:02.0513 0x11b8  iSafeKrnl - ok
10:05:02.0577 0x11b8  [ AA0E848E069F99936966E03E2C01733F, 5B8F796231C3CF4D0C2D7FC5084F1D27F19D78B6EE9181BB8315D9F8C58B3A6E ] iSafeKrnlBoot   C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys
10:05:02.0579 0x11b8  iSafeKrnlBoot - ok
10:05:02.0628 0x11b8  [ 95178BB4E3AC2FDE16AFF7A3E4355498, 53544CC3B4E7F5F779BF8F2D77C84836AA66D678DB918456EE3EE277F109B044 ] iSafeKrnlKit    C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
10:05:02.0631 0x11b8  iSafeKrnlKit - ok
10:05:02.0663 0x11b8  [ 13CB0B41E703E9FBE6386D4549291F83, 313B671DFC4A0C006CA6289E5399C740DF6DAC12204E6FAEDBE4D5219CD12D09 ] iSafeKrnlMon    C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
10:05:02.0667 0x11b8  iSafeKrnlMon - ok
10:05:02.0701 0x11b8  [ 5260DF59CE11CEE7173CE864C122D9EE, DA8F0C1AE7EC5784B6E40BEB17F77A3FA401A20B94F42206F7AF4C518EF1A6DD ] iSafeKrnlR3     C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
10:05:02.0703 0x11b8  iSafeKrnlR3 - ok
10:05:02.0728 0x11b8  [ 8EE84CC87D67CE4DE7AF907CCA559F52, F9E93CA39F300A585A47BB9A2C916772947A0A8289A3A18AB1B2A7D9BE7615BF ] iSafeNetFilter  C:\Windows\system32\DRIVERS\iSafeNetFilter.sys
10:05:02.0729 0x11b8  iSafeNetFilter - ok
10:05:02.0757 0x11b8  [ 1EC45DC4F84777759EB6620325FCAD89, F354DDDC9B6E84F95016D1648FA4E16BC93600BFFDEB37EACE1B0DFA3DE645A3 ] iSafeService    C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
10:05:02.0761 0x11b8  iSafeService - ok
10:05:02.0827 0x11b8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:05:02.0828 0x11b8  isapnp - ok
10:05:02.0942 0x11b8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:05:02.0947 0x11b8  iScsiPrt - ok
10:05:02.0977 0x11b8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:05:02.0979 0x11b8  kbdclass - ok
10:05:03.0157 0x11b8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:05:03.0158 0x11b8  kbdhid - ok
10:05:03.0194 0x11b8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:05:03.0197 0x11b8  KeyIso - ok
10:05:03.0286 0x11b8  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:05:03.0288 0x11b8  KSecDD - ok
10:05:03.0352 0x11b8  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:05:03.0355 0x11b8  KSecPkg - ok
10:05:03.0429 0x11b8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:05:03.0429 0x11b8  ksthunk - ok
10:05:03.0501 0x11b8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:05:03.0508 0x11b8  KtmRm - ok
10:05:03.0586 0x11b8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:05:03.0593 0x11b8  LanmanServer - ok
10:05:03.0656 0x11b8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:05:03.0659 0x11b8  LanmanWorkstation - ok
10:05:03.0675 0x11b8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:05:03.0676 0x11b8  lltdio - ok
10:05:03.0764 0x11b8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:05:03.0775 0x11b8  lltdsvc - ok
10:05:03.0795 0x11b8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:05:03.0796 0x11b8  lmhosts - ok
10:05:03.0839 0x11b8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:05:03.0842 0x11b8  LSI_FC - ok
10:05:03.0869 0x11b8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:05:03.0872 0x11b8  LSI_SAS - ok
10:05:03.0896 0x11b8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:05:03.0897 0x11b8  LSI_SAS2 - ok
10:05:03.0909 0x11b8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:05:03.0912 0x11b8  LSI_SCSI - ok
10:05:03.0942 0x11b8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:05:03.0944 0x11b8  luafv - ok
10:05:04.0002 0x11b8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:05:04.0005 0x11b8  Mcx2Svc - ok
10:05:04.0021 0x11b8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:05:04.0022 0x11b8  megasas - ok
10:05:04.0051 0x11b8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:05:04.0057 0x11b8  MegaSR - ok
10:05:04.0110 0x11b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:05:04.0117 0x11b8  MMCSS - ok
10:05:04.0187 0x11b8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:05:04.0188 0x11b8  Modem - ok
10:05:04.0212 0x11b8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:05:04.0213 0x11b8  monitor - ok
10:05:04.0227 0x11b8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
10:05:04.0229 0x11b8  mouclass - ok
10:05:04.0244 0x11b8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:05:04.0245 0x11b8  mouhid - ok
10:05:04.0309 0x11b8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:05:04.0311 0x11b8  mountmgr - ok
10:05:04.0404 0x11b8  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:05:04.0406 0x11b8  MozillaMaintenance - ok
10:05:04.0479 0x11b8  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:05:04.0485 0x11b8  MpFilter - ok
10:05:04.0564 0x11b8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:05:04.0567 0x11b8  mpio - ok
10:05:04.0667 0x11b8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:05:04.0668 0x11b8  mpsdrv - ok
10:05:04.0824 0x11b8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:05:04.0841 0x11b8  MpsSvc - ok
10:05:04.0931 0x11b8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:05:04.0942 0x11b8  MRxDAV - ok
10:05:05.0007 0x11b8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:05:05.0011 0x11b8  mrxsmb - ok
10:05:05.0092 0x11b8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:05:05.0097 0x11b8  mrxsmb10 - ok
10:05:05.0112 0x11b8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:05:05.0114 0x11b8  mrxsmb20 - ok
10:05:05.0164 0x11b8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:05:05.0165 0x11b8  msahci - ok
10:05:05.0249 0x11b8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:05:05.0252 0x11b8  msdsm - ok
10:05:05.0332 0x11b8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:05:05.0337 0x11b8  MSDTC - ok
10:05:05.0420 0x11b8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:05:05.0423 0x11b8  Msfs - ok
10:05:05.0479 0x11b8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:05:05.0480 0x11b8  mshidkmdf - ok
10:05:05.0550 0x11b8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:05:05.0551 0x11b8  msisadrv - ok
10:05:05.0676 0x11b8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:05:05.0681 0x11b8  MSiSCSI - ok
10:05:05.0690 0x11b8  msiserver - ok
10:05:05.0709 0x11b8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:05:05.0711 0x11b8  MSKSSRV - ok
10:05:05.0782 0x11b8  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:05:05.0782 0x11b8  MsMpSvc - ok
10:05:05.0814 0x11b8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:05:05.0815 0x11b8  MSPCLOCK - ok
10:05:05.0826 0x11b8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:05:05.0826 0x11b8  MSPQM - ok
10:05:05.0878 0x11b8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:05:05.0885 0x11b8  MsRPC - ok
10:05:05.0946 0x11b8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:05:05.0947 0x11b8  mssmbios - ok
10:05:05.0970 0x11b8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:05:05.0971 0x11b8  MSTEE - ok
10:05:05.0990 0x11b8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:05:05.0991 0x11b8  MTConfig - ok
10:05:06.0013 0x11b8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:05:06.0015 0x11b8  Mup - ok
10:05:06.0091 0x11b8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:05:06.0112 0x11b8  napagent - ok
10:05:06.0173 0x11b8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:05:06.0179 0x11b8  NativeWifiP - ok
10:05:06.0366 0x11b8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:05:06.0390 0x11b8  NDIS - ok
10:05:06.0459 0x11b8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:05:06.0460 0x11b8  NdisCap - ok
10:05:06.0484 0x11b8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:05:06.0485 0x11b8  NdisTapi - ok
10:05:06.0550 0x11b8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:05:06.0552 0x11b8  Ndisuio - ok
10:05:06.0644 0x11b8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:05:06.0648 0x11b8  NdisWan - ok
10:05:06.0730 0x11b8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:05:06.0734 0x11b8  NDProxy - ok
10:05:06.0793 0x11b8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:05:06.0795 0x11b8  NetBIOS - ok
10:05:06.0869 0x11b8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:05:06.0875 0x11b8  NetBT - ok
10:05:06.0901 0x11b8  [ 9E34BF0784E087F7366DBD2BDA01C8EB, 299B4D9DFFC409FDC8AB8678190164E286D16A93F8FEBCE1DA649D2F748A0D1D ] netfilter64     C:\Windows\system32\drivers\netfilter64.sys
10:05:06.0903 0x11b8  netfilter64 - ok
10:05:06.0915 0x11b8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:05:06.0917 0x11b8  Netlogon - ok
10:05:07.0021 0x11b8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:05:07.0028 0x11b8  Netman - ok
10:05:07.0108 0x11b8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0111 0x11b8  NetMsmqActivator - ok
10:05:07.0151 0x11b8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0154 0x11b8  NetPipeActivator - ok
10:05:07.0265 0x11b8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:05:07.0275 0x11b8  netprofm - ok
10:05:07.0315 0x11b8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0319 0x11b8  NetTcpActivator - ok
10:05:07.0334 0x11b8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:07.0337 0x11b8  NetTcpPortSharing - ok
10:05:07.0399 0x11b8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:05:07.0400 0x11b8  nfrd960 - ok
10:05:07.0573 0x11b8  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:05:07.0576 0x11b8  NisDrv - ok
10:05:07.0789 0x11b8  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:05:07.0800 0x11b8  NisSrv - ok
10:05:07.0976 0x11b8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:05:07.0985 0x11b8  NlaSvc - ok
10:05:08.0006 0x11b8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:05:08.0007 0x11b8  Npfs - ok
10:05:08.0076 0x11b8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:05:08.0078 0x11b8  nsi - ok
10:05:08.0150 0x11b8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:05:08.0151 0x11b8  nsiproxy - ok
10:05:08.0310 0x11b8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:05:08.0339 0x11b8  Ntfs - ok
10:05:08.0359 0x11b8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:05:08.0360 0x11b8  Null - ok
10:05:08.0379 0x11b8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:05:08.0382 0x11b8  nvraid - ok
10:05:08.0441 0x11b8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:05:08.0444 0x11b8  nvstor - ok
10:05:08.0493 0x11b8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:05:08.0499 0x11b8  nv_agp - ok
         
Code:
ATTFilter
10:05:08.0567 0x11b8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:05:08.0572 0x11b8  ohci1394 - ok
10:05:08.0699 0x11b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:05:08.0706 0x11b8  p2pimsvc - ok
10:05:08.0871 0x11b8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:05:08.0883 0x11b8  p2psvc - ok
10:05:08.0992 0x11b8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:05:08.0994 0x11b8  Parport - ok
10:05:09.0092 0x11b8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:05:09.0093 0x11b8  partmgr - ok
10:05:09.0170 0x11b8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:05:09.0177 0x11b8  PcaSvc - ok
10:05:09.0230 0x11b8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:05:09.0235 0x11b8  pci - ok
10:05:09.0331 0x11b8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:05:09.0332 0x11b8  pciide - ok
10:05:09.0368 0x11b8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:05:09.0372 0x11b8  pcmcia - ok
10:05:09.0397 0x11b8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:05:09.0399 0x11b8  pcw - ok
10:05:09.0438 0x11b8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:05:09.0454 0x11b8  PEAUTH - ok
10:05:09.0579 0x11b8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:05:09.0580 0x11b8  PerfHost - ok
10:05:09.0698 0x11b8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:05:09.0733 0x11b8  pla - ok
10:05:09.0814 0x11b8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:05:09.0826 0x11b8  PlugPlay - ok
10:05:09.0894 0x11b8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:05:09.0897 0x11b8  PNRPAutoReg - ok
10:05:09.0920 0x11b8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:05:09.0929 0x11b8  PNRPsvc - ok
10:05:10.0061 0x11b8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:05:10.0072 0x11b8  PolicyAgent - ok
10:05:10.0143 0x11b8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:05:10.0147 0x11b8  Power - ok
10:05:10.0202 0x11b8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:05:10.0205 0x11b8  PptpMiniport - ok
10:05:10.0257 0x11b8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:05:10.0258 0x11b8  Processor - ok
10:05:10.0312 0x11b8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:05:10.0319 0x11b8  ProfSvc - ok
10:05:10.0353 0x11b8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:05:10.0356 0x11b8  ProtectedStorage - ok
10:05:10.0454 0x11b8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:05:10.0457 0x11b8  Psched - ok
10:05:10.0590 0x11b8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:05:10.0626 0x11b8  ql2300 - ok
10:05:10.0685 0x11b8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:05:10.0688 0x11b8  ql40xx - ok
10:05:10.0775 0x11b8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:05:10.0791 0x11b8  QWAVE - ok
10:05:10.0831 0x11b8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:05:10.0835 0x11b8  QWAVEdrv - ok
10:05:10.0855 0x11b8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:05:10.0856 0x11b8  RasAcd - ok
10:05:10.0879 0x11b8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:05:10.0884 0x11b8  RasAgileVpn - ok
10:05:10.0934 0x11b8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:05:10.0937 0x11b8  RasAuto - ok
10:05:10.0999 0x11b8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:05:11.0003 0x11b8  Rasl2tp - ok
10:05:11.0107 0x11b8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:05:11.0123 0x11b8  RasMan - ok
10:05:11.0197 0x11b8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:05:11.0202 0x11b8  RasPppoe - ok
10:05:11.0230 0x11b8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:05:11.0233 0x11b8  RasSstp - ok
10:05:11.0308 0x11b8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:05:11.0315 0x11b8  rdbss - ok
10:05:11.0353 0x11b8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:05:11.0359 0x11b8  rdpbus - ok
10:05:11.0378 0x11b8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:05:11.0378 0x11b8  RDPCDD - ok
10:05:11.0411 0x11b8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:05:11.0412 0x11b8  RDPENCDD - ok
10:05:11.0423 0x11b8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:05:11.0423 0x11b8  RDPREFMP - ok
10:05:11.0521 0x11b8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:05:11.0523 0x11b8  RdpVideoMiniport - ok
10:05:11.0616 0x11b8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:05:11.0620 0x11b8  RDPWD - ok
10:05:11.0716 0x11b8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:05:11.0727 0x11b8  rdyboost - ok
10:05:11.0794 0x11b8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:05:11.0803 0x11b8  RemoteAccess - ok
10:05:11.0862 0x11b8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:05:11.0868 0x11b8  RemoteRegistry - ok
10:05:11.0882 0x11b8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:05:11.0885 0x11b8  RpcEptMapper - ok
10:05:11.0938 0x11b8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:05:11.0940 0x11b8  RpcLocator - ok
10:05:12.0022 0x11b8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:05:12.0034 0x11b8  RpcSs - ok
10:05:12.0100 0x11b8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:05:12.0102 0x11b8  rspndr - ok
10:05:12.0159 0x11b8  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:05:12.0170 0x11b8  RTL8167 - ok
10:05:12.0184 0x11b8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:05:12.0186 0x11b8  SamSs - ok
10:05:12.0240 0x11b8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:05:12.0244 0x11b8  sbp2port - ok
10:05:12.0315 0x11b8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:05:12.0320 0x11b8  SCardSvr - ok
10:05:12.0366 0x11b8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:05:12.0367 0x11b8  scfilter - ok
10:05:12.0468 0x11b8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:05:12.0493 0x11b8  Schedule - ok
10:05:12.0569 0x11b8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:05:12.0571 0x11b8  SCPolicySvc - ok
10:05:12.0687 0x11b8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:05:12.0693 0x11b8  SDRSVC - ok
10:05:12.0751 0x11b8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:05:12.0753 0x11b8  secdrv - ok
10:05:12.0822 0x11b8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:05:12.0828 0x11b8  seclogon - ok
10:05:12.0884 0x11b8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:05:12.0888 0x11b8  SENS - ok
10:05:12.0905 0x11b8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:05:12.0907 0x11b8  SensrSvc - ok
10:05:12.0920 0x11b8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:05:12.0921 0x11b8  Serenum - ok
10:05:12.0982 0x11b8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:05:12.0984 0x11b8  Serial - ok
10:05:13.0044 0x11b8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:05:13.0045 0x11b8  sermouse - ok
10:05:13.0112 0x11b8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:05:13.0116 0x11b8  SessionEnv - ok
10:05:13.0163 0x11b8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:05:13.0164 0x11b8  sffdisk - ok
10:05:13.0213 0x11b8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:05:13.0213 0x11b8  sffp_mmc - ok
10:05:13.0235 0x11b8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:05:13.0236 0x11b8  sffp_sd - ok
10:05:13.0287 0x11b8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:05:13.0288 0x11b8  sfloppy - ok
10:05:13.0346 0x11b8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:05:13.0353 0x11b8  SharedAccess - ok
10:05:13.0426 0x11b8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:05:13.0435 0x11b8  ShellHWDetection - ok
10:05:13.0455 0x11b8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:05:13.0456 0x11b8  SiSRaid2 - ok
10:05:13.0473 0x11b8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:05:13.0475 0x11b8  SiSRaid4 - ok
10:05:13.0494 0x11b8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:05:13.0496 0x11b8  Smb - ok
10:05:13.0560 0x11b8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:05:13.0561 0x11b8  SNMPTRAP - ok
10:05:13.0807 0x11b8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:05:13.0808 0x11b8  spldr - ok
10:05:13.0875 0x11b8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:05:13.0888 0x11b8  Spooler - ok
10:05:14.0071 0x11b8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:05:14.0137 0x11b8  sppsvc - ok
10:05:14.0154 0x11b8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:05:14.0156 0x11b8  sppuinotify - ok
10:05:14.0213 0x11b8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:05:14.0221 0x11b8  srv - ok
10:05:14.0278 0x11b8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:05:14.0285 0x11b8  srv2 - ok
10:05:14.0340 0x11b8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:05:14.0344 0x11b8  srvnet - ok
10:05:14.0367 0x11b8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:05:14.0372 0x11b8  SSDPSRV - ok
10:05:14.0381 0x11b8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:05:14.0384 0x11b8  SstpSvc - ok
10:05:14.0454 0x11b8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:05:14.0455 0x11b8  stexstor - ok
10:05:14.0518 0x11b8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:05:14.0530 0x11b8  stisvc - ok
10:05:14.0612 0x11b8  [ 1A6636D0E7E38CEB2B6B2E00AC17A4AF, 6649E824E6C0CD3FAC84BB395A340170807068A290E6F2A1CE84CB803FD684C9 ] SupraSavingsService64 C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
10:05:14.0616 0x11b8  SupraSavingsService64 - ok
10:05:14.0670 0x11b8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:05:14.0670 0x11b8  swenum - ok
10:05:14.0747 0x11b8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:05:14.0760 0x11b8  swprv - ok
10:05:14.0863 0x11b8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:05:14.0898 0x11b8  SysMain - ok
10:05:14.0954 0x11b8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:05:14.0957 0x11b8  TabletInputService - ok
10:05:15.0007 0x11b8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:05:15.0013 0x11b8  TapiSrv - ok
10:05:15.0034 0x11b8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:05:15.0036 0x11b8  TBS - ok
10:05:15.0128 0x11b8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:05:15.0171 0x11b8  Tcpip - ok
10:05:15.0258 0x11b8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:05:15.0295 0x11b8  TCPIP6 - ok
10:05:15.0354 0x11b8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:05:15.0355 0x11b8  tcpipreg - ok
10:05:15.0406 0x11b8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:05:15.0406 0x11b8  TDPIPE - ok
10:05:15.0439 0x11b8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:05:15.0440 0x11b8  TDTCP - ok
10:05:15.0490 0x11b8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:05:15.0493 0x11b8  tdx - ok
10:05:15.0548 0x11b8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:05:15.0551 0x11b8  TermDD - ok
10:05:15.0627 0x11b8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:05:15.0642 0x11b8  TermService - ok
10:05:15.0696 0x11b8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:05:15.0699 0x11b8  Themes - ok
10:05:15.0756 0x11b8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:05:15.0758 0x11b8  THREADORDER - ok
10:05:15.0779 0x11b8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:05:15.0784 0x11b8  TrkWks - ok
10:05:15.0864 0x11b8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:05:15.0868 0x11b8  TrustedInstaller - ok
10:05:15.0922 0x11b8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:05:15.0924 0x11b8  tssecsrv - ok
10:05:15.0972 0x11b8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:05:15.0974 0x11b8  TsUsbFlt - ok
10:05:16.0036 0x11b8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:05:16.0038 0x11b8  tunnel - ok
10:05:16.0098 0x11b8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:05:16.0099 0x11b8  uagp35 - ok
10:05:16.0122 0x11b8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:05:16.0129 0x11b8  udfs - ok
10:05:16.0190 0x11b8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:05:16.0193 0x11b8  UI0Detect - ok
10:05:16.0210 0x11b8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:05:16.0212 0x11b8  uliagpkx - ok
10:05:16.0265 0x11b8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:05:16.0266 0x11b8  umbus - ok
10:05:16.0286 0x11b8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:05:16.0287 0x11b8  UmPass - ok
10:05:16.0307 0x11b8  Update EnterDigital - ok
10:05:16.0337 0x11b8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:05:16.0344 0x11b8  upnphost - ok
10:05:16.0398 0x11b8  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:05:16.0401 0x11b8  USBAAPL64 - ok
10:05:16.0451 0x11b8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:05:16.0453 0x11b8  usbccgp - ok
10:05:16.0474 0x11b8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:05:16.0477 0x11b8  usbcir - ok
10:05:16.0494 0x11b8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:05:16.0496 0x11b8  usbehci - ok
10:05:16.0516 0x11b8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:05:16.0522 0x11b8  usbhub - ok
10:05:16.0540 0x11b8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:05:16.0541 0x11b8  usbohci - ok
10:05:16.0640 0x11b8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:05:16.0643 0x11b8  usbprint - ok
10:05:16.0703 0x11b8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:05:16.0705 0x11b8  USBSTOR - ok
10:05:16.0787 0x11b8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:05:16.0788 0x11b8  usbuhci - ok
10:05:16.0865 0x11b8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:05:16.0867 0x11b8  UxSms - ok
         

Alt 01.02.2015, 11:06   #7
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Code:
ATTFilter
10:05:16.0947 0x11b8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:05:16.0948 0x11b8  VaultSvc - ok
10:05:16.0957 0x11b8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:05:16.0958 0x11b8  vdrvroot - ok
10:05:17.0043 0x11b8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:05:17.0053 0x11b8  vds - ok
10:05:17.0102 0x11b8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:05:17.0104 0x11b8  vga - ok
10:05:17.0193 0x11b8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:05:17.0194 0x11b8  VgaSave - ok
10:05:17.0258 0x11b8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:05:17.0265 0x11b8  vhdmp - ok
10:05:17.0318 0x11b8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:05:17.0318 0x11b8  viaide - ok
10:05:17.0330 0x11b8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:05:17.0332 0x11b8  volmgr - ok
10:05:17.0396 0x11b8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:05:17.0403 0x11b8  volmgrx - ok
10:05:17.0467 0x11b8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:05:17.0472 0x11b8  volsnap - ok
10:05:17.0522 0x11b8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:05:17.0526 0x11b8  vsmraid - ok
10:05:17.0705 0x11b8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:05:17.0737 0x11b8  VSS - ok
10:05:17.0769 0x11b8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:05:17.0769 0x11b8  vwifibus - ok
10:05:17.0785 0x11b8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:05:17.0786 0x11b8  vwififlt - ok
10:05:17.0859 0x11b8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:05:17.0871 0x11b8  W32Time - ok
10:05:17.0923 0x11b8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:05:17.0925 0x11b8  WacomPen - ok
10:05:17.0992 0x11b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:05:17.0995 0x11b8  WANARP - ok
10:05:18.0000 0x11b8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:05:18.0002 0x11b8  Wanarpv6 - ok
10:05:18.0107 0x11b8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:05:18.0134 0x11b8  wbengine - ok
10:05:18.0172 0x11b8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:05:18.0177 0x11b8  WbioSrvc - ok
10:05:18.0234 0x11b8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:05:18.0241 0x11b8  wcncsvc - ok
10:05:18.0261 0x11b8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:05:18.0264 0x11b8  WcsPlugInService - ok
10:05:18.0324 0x11b8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:05:18.0325 0x11b8  Wd - ok
10:05:18.0395 0x11b8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:05:18.0414 0x11b8  Wdf01000 - ok
10:05:18.0432 0x11b8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:05:18.0436 0x11b8  WdiServiceHost - ok
10:05:18.0446 0x11b8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:05:18.0450 0x11b8  WdiSystemHost - ok
10:05:18.0510 0x11b8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:05:18.0517 0x11b8  WebClient - ok
10:05:18.0586 0x11b8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:05:18.0592 0x11b8  Wecsvc - ok
10:05:18.0628 0x11b8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:05:18.0632 0x11b8  wercplsupport - ok
10:05:18.0658 0x11b8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:05:18.0660 0x11b8  WerSvc - ok
10:05:18.0712 0x11b8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:05:18.0713 0x11b8  WfpLwf - ok
10:05:18.0738 0x11b8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:05:18.0739 0x11b8  WIMMount - ok
10:05:18.0768 0x11b8  WinDefend - ok
10:05:18.0806 0x11b8  WindowsMangerProtect - ok
10:05:18.0809 0x11b8  WinHttpAutoProxySvc - ok
10:05:18.0884 0x11b8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:05:18.0889 0x11b8  Winmgmt - ok
10:05:19.0094 0x11b8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
10:05:19.0137 0x11b8  WinRM - ok
10:05:19.0174 0x11b8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:05:19.0175 0x11b8  WinUsb - ok
10:05:19.0252 0x11b8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:05:19.0270 0x11b8  Wlansvc - ok
10:05:19.0373 0x11b8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:05:19.0424 0x11b8  wlidsvc - ok
10:05:19.0483 0x11b8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:05:19.0484 0x11b8  WmiAcpi - ok
10:05:19.0555 0x11b8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:05:19.0563 0x11b8  wmiApSrv - ok
10:05:19.0597 0x11b8  WMPNetworkSvc - ok
10:05:19.0657 0x11b8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:05:19.0659 0x11b8  WPCSvc - ok
10:05:19.0715 0x11b8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:05:19.0720 0x11b8  WPDBusEnum - ok
10:05:19.0780 0x11b8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:05:19.0781 0x11b8  ws2ifsl - ok
10:05:19.0798 0x11b8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:05:19.0802 0x11b8  wscsvc - ok
10:05:19.0849 0x11b8  WSearch - ok
10:05:20.0051 0x11b8  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:05:20.0123 0x11b8  wuauserv - ok
10:05:20.0198 0x11b8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:05:20.0200 0x11b8  WudfPf - ok
10:05:20.0215 0x11b8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:05:20.0219 0x11b8  WUDFRd - ok
10:05:20.0271 0x11b8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:05:20.0274 0x11b8  wudfsvc - ok
10:05:20.0350 0x11b8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:05:20.0356 0x11b8  WwanSvc - ok
10:05:20.0371 0x11b8  ================ Scan global ===============================
10:05:20.0427 0x11b8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:05:20.0489 0x11b8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:05:20.0507 0x11b8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:05:20.0566 0x11b8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:05:20.0628 0x11b8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:05:20.0634 0x11b8  [ Global ] - ok
10:05:20.0635 0x11b8  ================ Scan MBR ==================================
10:05:20.0650 0x11b8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:05:20.0823 0x11b8  \Device\Harddisk0\DR0 - ok
10:05:20.0826 0x11b8  ================ Scan VBR ==================================
10:05:20.0839 0x11b8  [ 165AFBE9DB6734817E9C60ECB340A5CA ] \Device\Harddisk0\DR0\Partition1
10:05:20.0842 0x11b8  \Device\Harddisk0\DR0\Partition1 - ok
10:05:20.0857 0x11b8  [ F2393307D2C6853D77840921D21F94C8 ] \Device\Harddisk0\DR0\Partition2
10:05:20.0858 0x11b8  \Device\Harddisk0\DR0\Partition2 - ok
10:05:20.0861 0x11b8  ================ Scan generic autorun ======================
10:05:20.0964 0x11b8  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:05:20.0989 0x11b8  MSC - ok
10:05:21.0033 0x11b8  [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
10:05:21.0051 0x11b8  AVMWlanClient - ok
10:05:21.0120 0x11b8  [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:05:21.0128 0x11b8  SunJavaUpdateSched - ok
10:05:21.0233 0x11b8  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:05:21.0236 0x11b8  iTunesHelper - ok
10:05:21.0298 0x11b8  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:05:21.0306 0x11b8  QuickTime Task - ok
10:05:21.0404 0x11b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:05:21.0428 0x11b8  Sidebar - ok
10:05:21.0472 0x11b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:05:21.0475 0x11b8  mctadmin - ok
10:05:21.0528 0x11b8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:05:21.0551 0x11b8  Sidebar - ok
10:05:21.0562 0x11b8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:05:21.0564 0x11b8  mctadmin - ok
10:05:21.0578 0x11b8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:05:21.0582 0x11b8  Win FW state via NFP2: enabled
10:05:21.0583 0x11b8  ============================================================
10:05:21.0583 0x11b8  Scan finished
10:05:21.0583 0x11b8  ============================================================
10:05:21.0595 0x16c8  Detected object count: 0
10:05:21.0595 0x16c8  Actual detected object count: 0
10:06:10.0801 0x0eb4  ============================================================
10:06:10.0801 0x0eb4  Scan started
10:06:10.0801 0x0eb4  Mode: Manual; TDLFS; 
10:06:10.0801 0x0eb4  ============================================================
10:06:10.0801 0x0eb4  KSN ping started
10:06:13.0254 0x0eb4  KSN ping finished: true
10:06:15.0070 0x0eb4  ================ Scan system memory ========================
10:06:15.0070 0x0eb4  System memory - ok
10:06:15.0076 0x0eb4  ================ Scan services =============================
10:06:15.0247 0x0eb4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:06:15.0251 0x0eb4  1394ohci - ok
10:06:15.0310 0x0eb4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:06:15.0316 0x0eb4  ACPI - ok
10:06:15.0367 0x0eb4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:06:15.0368 0x0eb4  AcpiPmi - ok
10:06:15.0491 0x0eb4  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:06:15.0494 0x0eb4  AdobeARMservice - ok
10:06:15.0629 0x0eb4  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:06:15.0634 0x0eb4  AdobeFlashPlayerUpdateSvc - ok
10:06:15.0699 0x0eb4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:06:15.0708 0x0eb4  adp94xx - ok
10:06:15.0727 0x0eb4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:06:15.0734 0x0eb4  adpahci - ok
10:06:15.0756 0x0eb4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:06:15.0760 0x0eb4  adpu320 - ok
10:06:15.0821 0x0eb4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:06:15.0823 0x0eb4  AeLookupSvc - ok
10:06:15.0853 0x0eb4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:06:15.0863 0x0eb4  AFD - ok
10:06:15.0912 0x0eb4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:06:15.0913 0x0eb4  agp440 - ok
10:06:15.0925 0x0eb4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:06:15.0927 0x0eb4  ALG - ok
10:06:15.0970 0x0eb4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:06:15.0971 0x0eb4  aliide - ok
10:06:15.0998 0x0eb4  [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:06:16.0001 0x0eb4  AMD External Events Utility - ok
10:06:16.0049 0x0eb4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:06:16.0050 0x0eb4  amdide - ok
10:06:16.0109 0x0eb4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:06:16.0112 0x0eb4  AmdK8 - ok
10:06:16.0133 0x0eb4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:06:16.0135 0x0eb4  AmdPPM - ok
10:06:16.0188 0x0eb4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:06:16.0190 0x0eb4  amdsata - ok
10:06:16.0213 0x0eb4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:06:16.0217 0x0eb4  amdsbs - ok
10:06:16.0234 0x0eb4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:06:16.0235 0x0eb4  amdxata - ok
10:06:16.0287 0x0eb4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:06:16.0289 0x0eb4  AppID - ok
10:06:16.0339 0x0eb4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:06:16.0340 0x0eb4  AppIDSvc - ok
10:06:16.0395 0x0eb4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:06:16.0397 0x0eb4  Appinfo - ok
10:06:16.0554 0x0eb4  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:06:16.0567 0x0eb4  Apple Mobile Device - ok
10:06:16.0646 0x0eb4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:06:16.0648 0x0eb4  arc - ok
10:06:16.0677 0x0eb4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:06:16.0679 0x0eb4  arcsas - ok
10:06:16.0926 0x0eb4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:06:16.0927 0x0eb4  aspnet_state - ok
10:06:16.0947 0x0eb4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:06:16.0948 0x0eb4  AsyncMac - ok
10:06:17.0009 0x0eb4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:06:17.0010 0x0eb4  atapi - ok
10:06:17.0242 0x0eb4  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:06:17.0367 0x0eb4  atikmdag - ok
10:06:17.0433 0x0eb4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:06:17.0445 0x0eb4  AudioEndpointBuilder - ok
10:06:17.0469 0x0eb4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:06:17.0482 0x0eb4  AudioSrv - ok
10:06:17.0511 0x0eb4  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
10:06:17.0512 0x0eb4  avmeject - ok
10:06:17.0568 0x0eb4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:06:17.0571 0x0eb4  AxInstSV - ok
10:06:17.0639 0x0eb4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:06:17.0659 0x0eb4  b06bdrv - ok
10:06:17.0699 0x0eb4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:06:17.0710 0x0eb4  b57nd60a - ok
10:06:17.0778 0x0eb4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:06:17.0780 0x0eb4  BDESVC - ok
10:06:17.0788 0x0eb4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:06:17.0788 0x0eb4  Beep - ok
10:06:17.0846 0x0eb4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:06:17.0860 0x0eb4  BFE - ok
10:06:17.0892 0x0eb4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:06:17.0908 0x0eb4  BITS - ok
10:06:17.0922 0x0eb4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:06:17.0923 0x0eb4  blbdrive - ok
10:06:18.0002 0x0eb4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:06:18.0014 0x0eb4  Bonjour Service - ok
10:06:18.0071 0x0eb4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:06:18.0073 0x0eb4  bowser - ok
10:06:18.0088 0x0eb4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:06:18.0089 0x0eb4  BrFiltLo - ok
10:06:18.0149 0x0eb4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:06:18.0149 0x0eb4  BrFiltUp - ok
10:06:18.0202 0x0eb4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:06:18.0205 0x0eb4  Browser - ok
10:06:18.0229 0x0eb4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:06:18.0234 0x0eb4  Brserid - ok
10:06:18.0250 0x0eb4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:06:18.0251 0x0eb4  BrSerWdm - ok
10:06:18.0271 0x0eb4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:06:18.0271 0x0eb4  BrUsbMdm - ok
10:06:18.0279 0x0eb4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:06:18.0279 0x0eb4  BrUsbSer - ok
10:06:18.0298 0x0eb4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:06:18.0300 0x0eb4  BTHMODEM - ok
10:06:18.0352 0x0eb4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:06:18.0354 0x0eb4  bthserv - ok
10:06:18.0373 0x0eb4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:06:18.0374 0x0eb4  cdfs - ok
10:06:18.0429 0x0eb4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:06:18.0431 0x0eb4  cdrom - ok
10:06:18.0482 0x0eb4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:06:18.0484 0x0eb4  CertPropSvc - ok
10:06:18.0497 0x0eb4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:06:18.0499 0x0eb4  circlass - ok
10:06:18.0523 0x0eb4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:06:18.0529 0x0eb4  CLFS - ok
10:06:18.0600 0x0eb4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:06:18.0601 0x0eb4  clr_optimization_v2.0.50727_32 - ok
10:06:18.0618 0x0eb4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:06:18.0620 0x0eb4  clr_optimization_v2.0.50727_64 - ok
10:06:18.0702 0x0eb4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:06:18.0704 0x0eb4  clr_optimization_v4.0.30319_32 - ok
10:06:18.0729 0x0eb4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:06:18.0732 0x0eb4  clr_optimization_v4.0.30319_64 - ok
10:06:18.0783 0x0eb4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:06:18.0784 0x0eb4  CmBatt - ok
10:06:18.0801 0x0eb4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:06:18.0802 0x0eb4  cmdide - ok
10:06:18.0870 0x0eb4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:06:18.0878 0x0eb4  CNG - ok
10:06:18.0895 0x0eb4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:06:18.0896 0x0eb4  Compbatt - ok
10:06:18.0945 0x0eb4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:06:18.0946 0x0eb4  CompositeBus - ok
10:06:18.0955 0x0eb4  COMSysApp - ok
10:06:18.0979 0x0eb4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:06:18.0980 0x0eb4  crcdisk - ok
10:06:19.0030 0x0eb4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:06:19.0033 0x0eb4  CryptSvc - ok
10:06:19.0096 0x0eb4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:06:19.0106 0x0eb4  DcomLaunch - ok
10:06:19.0167 0x0eb4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:06:19.0188 0x0eb4  defragsvc - ok
10:06:19.0238 0x0eb4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:06:19.0241 0x0eb4  DfsC - ok
10:06:19.0275 0x0eb4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:06:19.0283 0x0eb4  Dhcp - ok
10:06:19.0292 0x0eb4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:06:19.0294 0x0eb4  discache - ok
10:06:19.0354 0x0eb4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:06:19.0355 0x0eb4  Disk - ok
10:06:19.0414 0x0eb4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:06:19.0427 0x0eb4  Dnscache - ok
10:06:19.0485 0x0eb4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:06:19.0490 0x0eb4  dot3svc - ok
10:06:19.0562 0x0eb4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:06:19.0577 0x0eb4  DPS - ok
10:06:19.0622 0x0eb4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:06:19.0623 0x0eb4  drmkaud - ok
10:06:19.0681 0x0eb4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:06:19.0705 0x0eb4  DXGKrnl - ok
         
Code:
ATTFilter
10:06:19.0786 0x0eb4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:06:19.0790 0x0eb4  EapHost - ok
10:06:19.0942 0x0eb4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:06:20.0002 0x0eb4  ebdrv - ok
10:06:20.0064 0x0eb4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:06:20.0065 0x0eb4  EFS - ok
10:06:20.0149 0x0eb4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:06:20.0162 0x0eb4  ehRecvr - ok
10:06:20.0227 0x0eb4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:06:20.0229 0x0eb4  ehSched - ok
10:06:20.0258 0x0eb4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:06:20.0267 0x0eb4  elxstor - ok
10:06:20.0320 0x0eb4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:06:20.0321 0x0eb4  ErrDev - ok
10:06:20.0378 0x0eb4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:06:20.0385 0x0eb4  EventSystem - ok
10:06:20.0410 0x0eb4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:06:20.0414 0x0eb4  exfat - ok
10:06:20.0441 0x0eb4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:06:20.0445 0x0eb4  fastfat - ok
10:06:20.0513 0x0eb4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:06:20.0524 0x0eb4  Fax - ok
10:06:20.0541 0x0eb4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:06:20.0542 0x0eb4  fdc - ok
10:06:20.0561 0x0eb4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:06:20.0563 0x0eb4  fdPHost - ok
10:06:20.0577 0x0eb4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:06:20.0578 0x0eb4  FDResPub - ok
10:06:20.0639 0x0eb4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:06:20.0641 0x0eb4  FileInfo - ok
10:06:20.0655 0x0eb4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:06:20.0656 0x0eb4  Filetrace - ok
10:06:20.0671 0x0eb4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:06:20.0672 0x0eb4  flpydisk - ok
10:06:20.0726 0x0eb4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:06:20.0731 0x0eb4  FltMgr - ok
10:06:20.0805 0x0eb4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:06:20.0826 0x0eb4  FontCache - ok
10:06:20.0891 0x0eb4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:06:20.0892 0x0eb4  FontCache3.0.0.0 - ok
10:06:20.0910 0x0eb4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:06:20.0911 0x0eb4  FsDepends - ok
10:06:20.0964 0x0eb4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:06:20.0968 0x0eb4  Fs_Rec - ok
10:06:21.0041 0x0eb4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:06:21.0048 0x0eb4  fvevol - ok
10:06:21.0086 0x0eb4  [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5       C:\Windows\system32\DRIVERS\fwlanusb5.sys
10:06:21.0102 0x0eb4  fwlanusb5 - ok
10:06:21.0124 0x0eb4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:06:21.0125 0x0eb4  gagp30kx - ok
10:06:21.0179 0x0eb4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:06:21.0182 0x0eb4  GEARAspiWDM - ok
10:06:21.0259 0x0eb4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:06:21.0274 0x0eb4  gpsvc - ok
10:06:21.0293 0x0eb4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:06:21.0294 0x0eb4  hcw85cir - ok
10:06:21.0352 0x0eb4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:06:21.0359 0x0eb4  HdAudAddService - ok
10:06:21.0419 0x0eb4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:06:21.0431 0x0eb4  HDAudBus - ok
10:06:21.0450 0x0eb4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:06:21.0453 0x0eb4  HidBatt - ok
10:06:21.0482 0x0eb4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:06:21.0484 0x0eb4  HidBth - ok
10:06:21.0499 0x0eb4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:06:21.0500 0x0eb4  HidIr - ok
10:06:21.0553 0x0eb4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:06:21.0555 0x0eb4  hidserv - ok
10:06:21.0610 0x0eb4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:06:21.0611 0x0eb4  HidUsb - ok
10:06:21.0669 0x0eb4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:06:21.0672 0x0eb4  hkmsvc - ok
10:06:21.0727 0x0eb4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:06:21.0732 0x0eb4  HomeGroupListener - ok
10:06:21.0786 0x0eb4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:06:21.0790 0x0eb4  HomeGroupProvider - ok
10:06:21.0848 0x0eb4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:06:21.0850 0x0eb4  HpSAMD - ok
10:06:21.0919 0x0eb4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:06:21.0932 0x0eb4  HTTP - ok
10:06:21.0986 0x0eb4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:06:21.0987 0x0eb4  hwpolicy - ok
10:06:22.0043 0x0eb4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:06:22.0046 0x0eb4  i8042prt - ok
10:06:22.0123 0x0eb4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:06:22.0137 0x0eb4  iaStorV - ok
10:06:22.0225 0x0eb4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:06:22.0240 0x0eb4  idsvc - ok
10:06:22.0246 0x0eb4  IEEtwCollectorService - ok
10:06:22.0274 0x0eb4  IePluginServices - ok
10:06:22.0320 0x0eb4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:06:22.0321 0x0eb4  iirsp - ok
10:06:22.0390 0x0eb4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:06:22.0405 0x0eb4  IKEEXT - ok
10:06:22.0456 0x0eb4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:06:22.0458 0x0eb4  intelide - ok
10:06:22.0487 0x0eb4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:06:22.0490 0x0eb4  intelppm - ok
10:06:22.0535 0x0eb4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:06:22.0538 0x0eb4  IPBusEnum - ok
10:06:22.0601 0x0eb4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:06:22.0604 0x0eb4  IpFilterDriver - ok
10:06:22.0668 0x0eb4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:06:22.0683 0x0eb4  iphlpsvc - ok
10:06:22.0740 0x0eb4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:06:22.0744 0x0eb4  IPMIDRV - ok
10:06:22.0802 0x0eb4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:06:22.0805 0x0eb4  IPNAT - ok
10:06:22.0901 0x0eb4  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:06:22.0915 0x0eb4  iPod Service - ok
10:06:22.0947 0x0eb4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:06:22.0948 0x0eb4  IRENUM - ok
10:06:23.0118 0x0eb4  [ 433A1606FCC62A99E6848929198A78B1, 76DF83A5F85917BA244674A6234BECF3F9C6FE44C6F8A0B82F08616517C93922 ] iSafeKrnl       C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
10:06:23.0122 0x0eb4  iSafeKrnl - ok
10:06:23.0150 0x0eb4  [ AA0E848E069F99936966E03E2C01733F, 5B8F796231C3CF4D0C2D7FC5084F1D27F19D78B6EE9181BB8315D9F8C58B3A6E ] iSafeKrnlBoot   C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys
10:06:23.0151 0x0eb4  iSafeKrnlBoot - ok
10:06:23.0175 0x0eb4  [ 95178BB4E3AC2FDE16AFF7A3E4355498, 53544CC3B4E7F5F779BF8F2D77C84836AA66D678DB918456EE3EE277F109B044 ] iSafeKrnlKit    C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
10:06:23.0177 0x0eb4  iSafeKrnlKit - ok
10:06:23.0220 0x0eb4  [ 13CB0B41E703E9FBE6386D4549291F83, 313B671DFC4A0C006CA6289E5399C740DF6DAC12204E6FAEDBE4D5219CD12D09 ] iSafeKrnlMon    C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
10:06:23.0221 0x0eb4  iSafeKrnlMon - ok
10:06:23.0232 0x0eb4  [ 5260DF59CE11CEE7173CE864C122D9EE, DA8F0C1AE7EC5784B6E40BEB17F77A3FA401A20B94F42206F7AF4C518EF1A6DD ] iSafeKrnlR3     C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
10:06:23.0234 0x0eb4  iSafeKrnlR3 - ok
10:06:23.0251 0x0eb4  [ 8EE84CC87D67CE4DE7AF907CCA559F52, F9E93CA39F300A585A47BB9A2C916772947A0A8289A3A18AB1B2A7D9BE7615BF ] iSafeNetFilter  C:\Windows\system32\DRIVERS\iSafeNetFilter.sys
10:06:23.0253 0x0eb4  iSafeNetFilter - ok
10:06:23.0271 0x0eb4  [ 1EC45DC4F84777759EB6620325FCAD89, F354DDDC9B6E84F95016D1648FA4E16BC93600BFFDEB37EACE1B0DFA3DE645A3 ] iSafeService    C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
10:06:23.0274 0x0eb4  iSafeService - ok
10:06:23.0321 0x0eb4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:06:23.0321 0x0eb4  isapnp - ok
10:06:23.0388 0x0eb4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:06:23.0393 0x0eb4  iScsiPrt - ok
10:06:23.0409 0x0eb4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:06:23.0410 0x0eb4  kbdclass - ok
10:06:23.0465 0x0eb4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:06:23.0466 0x0eb4  kbdhid - ok
10:06:23.0494 0x0eb4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:06:23.0496 0x0eb4  KeyIso - ok
10:06:23.0553 0x0eb4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:06:23.0555 0x0eb4  KSecDD - ok
10:06:23.0619 0x0eb4  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:06:23.0623 0x0eb4  KSecPkg - ok
10:06:23.0670 0x0eb4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:06:23.0671 0x0eb4  ksthunk - ok
10:06:23.0734 0x0eb4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:06:23.0741 0x0eb4  KtmRm - ok
10:06:23.0797 0x0eb4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:06:23.0803 0x0eb4  LanmanServer - ok
10:06:23.0856 0x0eb4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:06:23.0859 0x0eb4  LanmanWorkstation - ok
10:06:23.0875 0x0eb4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:06:23.0876 0x0eb4  lltdio - ok
10:06:23.0930 0x0eb4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:06:23.0945 0x0eb4  lltdsvc - ok
10:06:23.0962 0x0eb4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:06:23.0964 0x0eb4  lmhosts - ok
10:06:23.0995 0x0eb4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:06:23.0997 0x0eb4  LSI_FC - ok
10:06:24.0028 0x0eb4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:06:24.0030 0x0eb4  LSI_SAS - ok
10:06:24.0060 0x0eb4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:06:24.0061 0x0eb4  LSI_SAS2 - ok
10:06:24.0074 0x0eb4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:06:24.0076 0x0eb4  LSI_SCSI - ok
10:06:24.0144 0x0eb4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:06:24.0146 0x0eb4  luafv - ok
10:06:24.0202 0x0eb4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:06:24.0205 0x0eb4  Mcx2Svc - ok
10:06:24.0221 0x0eb4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:06:24.0222 0x0eb4  megasas - ok
10:06:24.0242 0x0eb4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:06:24.0247 0x0eb4  MegaSR - ok
10:06:24.0301 0x0eb4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:06:24.0303 0x0eb4  MMCSS - ok
10:06:24.0326 0x0eb4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:06:24.0327 0x0eb4  Modem - ok
10:06:24.0346 0x0eb4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:06:24.0346 0x0eb4  monitor - ok
10:06:24.0361 0x0eb4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
10:06:24.0362 0x0eb4  mouclass - ok
10:06:24.0377 0x0eb4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:06:24.0378 0x0eb4  mouhid - ok
10:06:24.0424 0x0eb4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:06:24.0427 0x0eb4  mountmgr - ok
10:06:24.0529 0x0eb4  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:06:24.0531 0x0eb4  MozillaMaintenance - ok
10:06:24.0594 0x0eb4  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:06:24.0599 0x0eb4  MpFilter - ok
10:06:24.0652 0x0eb4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:06:24.0655 0x0eb4  mpio - ok
10:06:24.0671 0x0eb4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:06:24.0673 0x0eb4  mpsdrv - ok
10:06:24.0742 0x0eb4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:06:24.0757 0x0eb4  MpsSvc - ok
10:06:24.0829 0x0eb4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:06:24.0833 0x0eb4  MRxDAV - ok
10:06:24.0895 0x0eb4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:06:24.0900 0x0eb4  mrxsmb - ok
10:06:24.0919 0x0eb4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:06:24.0924 0x0eb4  mrxsmb10 - ok
10:06:24.0937 0x0eb4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:06:24.0939 0x0eb4  mrxsmb20 - ok
10:06:24.0989 0x0eb4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:06:24.0990 0x0eb4  msahci - ok
10:06:25.0049 0x0eb4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:06:25.0052 0x0eb4  msdsm - ok
10:06:25.0110 0x0eb4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:06:25.0114 0x0eb4  MSDTC - ok
10:06:25.0170 0x0eb4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:06:25.0171 0x0eb4  Msfs - ok
10:06:25.0183 0x0eb4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:06:25.0184 0x0eb4  mshidkmdf - ok
10:06:25.0233 0x0eb4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:06:25.0234 0x0eb4  msisadrv - ok
10:06:25.0297 0x0eb4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:06:25.0309 0x0eb4  MSiSCSI - ok
10:06:25.0316 0x0eb4  msiserver - ok
10:06:25.0335 0x0eb4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:06:25.0336 0x0eb4  MSKSSRV - ok
10:06:25.0407 0x0eb4  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:06:25.0409 0x0eb4  MsMpSvc - ok
10:06:25.0424 0x0eb4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:06:25.0424 0x0eb4  MSPCLOCK - ok
10:06:25.0435 0x0eb4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:06:25.0435 0x0eb4  MSPQM - ok
10:06:25.0495 0x0eb4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:06:25.0501 0x0eb4  MsRPC - ok
10:06:25.0555 0x0eb4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:06:25.0556 0x0eb4  mssmbios - ok
10:06:25.0571 0x0eb4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:06:25.0571 0x0eb4  MSTEE - ok
10:06:25.0634 0x0eb4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:06:25.0636 0x0eb4  MTConfig - ok
10:06:25.0666 0x0eb4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:06:25.0669 0x0eb4  Mup - ok
10:06:25.0695 0x0eb4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:06:25.0705 0x0eb4  napagent - ok
10:06:25.0722 0x0eb4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:06:25.0728 0x0eb4  NativeWifiP - ok
10:06:25.0804 0x0eb4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:06:25.0822 0x0eb4  NDIS - ok
10:06:25.0846 0x0eb4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:06:25.0847 0x0eb4  NdisCap - ok
10:06:25.0867 0x0eb4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:06:25.0868 0x0eb4  NdisTapi - ok
10:06:25.0918 0x0eb4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:06:25.0919 0x0eb4  Ndisuio - ok
10:06:25.0972 0x0eb4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:06:25.0975 0x0eb4  NdisWan - ok
10:06:26.0028 0x0eb4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:06:26.0030 0x0eb4  NDProxy - ok
10:06:26.0035 0x0eb4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:06:26.0037 0x0eb4  NetBIOS - ok
10:06:26.0086 0x0eb4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:06:26.0090 0x0eb4  NetBT - ok
10:06:26.0111 0x0eb4  [ 9E34BF0784E087F7366DBD2BDA01C8EB, 299B4D9DFFC409FDC8AB8678190164E286D16A93F8FEBCE1DA649D2F748A0D1D ] netfilter64     C:\Windows\system32\drivers\netfilter64.sys
10:06:26.0112 0x0eb4  netfilter64 - ok
10:06:26.0125 0x0eb4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:06:26.0127 0x0eb4  Netlogon - ok
10:06:26.0184 0x0eb4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:06:26.0191 0x0eb4  Netman - ok
10:06:26.0242 0x0eb4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0244 0x0eb4  NetMsmqActivator - ok
10:06:26.0250 0x0eb4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0253 0x0eb4  NetPipeActivator - ok
10:06:26.0275 0x0eb4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:06:26.0284 0x0eb4  netprofm - ok
10:06:26.0291 0x0eb4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0295 0x0eb4  NetTcpActivator - ok
10:06:26.0302 0x0eb4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:06:26.0304 0x0eb4  NetTcpPortSharing - ok
10:06:26.0320 0x0eb4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:06:26.0321 0x0eb4  nfrd960 - ok
10:06:26.0375 0x0eb4  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:06:26.0378 0x0eb4  NisDrv - ok
10:06:26.0431 0x0eb4  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:06:26.0437 0x0eb4  NisSrv - ok
10:06:26.0493 0x0eb4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:06:26.0499 0x0eb4  NlaSvc - ok
10:06:26.0507 0x0eb4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:06:26.0509 0x0eb4  Npfs - ok
10:06:26.0561 0x0eb4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:06:26.0564 0x0eb4  nsi - ok
10:06:26.0610 0x0eb4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:06:26.0611 0x0eb4  nsiproxy - ok
10:06:26.0721 0x0eb4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:06:26.0754 0x0eb4  Ntfs - ok
10:06:26.0786 0x0eb4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:06:26.0787 0x0eb4  Null - ok
10:06:26.0806 0x0eb4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:06:26.0810 0x0eb4  nvraid - ok
10:06:26.0869 0x0eb4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:06:26.0872 0x0eb4  nvstor - ok
10:06:26.0920 0x0eb4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:06:26.0922 0x0eb4  nv_agp - ok
10:06:26.0976 0x0eb4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:06:26.0977 0x0eb4  ohci1394 - ok
10:06:27.0046 0x0eb4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:06:27.0057 0x0eb4  p2pimsvc - ok
10:06:27.0079 0x0eb4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:06:27.0087 0x0eb4  p2psvc - ok
10:06:27.0136 0x0eb4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:06:27.0138 0x0eb4  Parport - ok
         
Code:
ATTFilter
10:06:27.0187 0x0eb4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:06:27.0189 0x0eb4  partmgr - ok
10:06:27.0204 0x0eb4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:06:27.0209 0x0eb4  PcaSvc - ok
10:06:27.0223 0x0eb4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:06:27.0227 0x0eb4  pci - ok
10:06:27.0283 0x0eb4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:06:27.0283 0x0eb4  pciide - ok
10:06:27.0311 0x0eb4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:06:27.0315 0x0eb4  pcmcia - ok
10:06:27.0333 0x0eb4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:06:27.0334 0x0eb4  pcw - ok
10:06:27.0365 0x0eb4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:06:27.0376 0x0eb4  PEAUTH - ok
10:06:27.0464 0x0eb4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:06:27.0465 0x0eb4  PerfHost - ok
10:06:27.0548 0x0eb4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:06:27.0576 0x0eb4  pla - ok
10:06:27.0651 0x0eb4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:06:27.0659 0x0eb4  PlugPlay - ok
10:06:27.0714 0x0eb4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:06:27.0720 0x0eb4  PNRPAutoReg - ok
10:06:27.0751 0x0eb4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:06:27.0762 0x0eb4  PNRPsvc - ok
10:06:27.0822 0x0eb4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:06:27.0831 0x0eb4  PolicyAgent - ok
10:06:27.0895 0x0eb4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:06:27.0899 0x0eb4  Power - ok
10:06:27.0946 0x0eb4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:06:27.0954 0x0eb4  PptpMiniport - ok
10:06:28.0011 0x0eb4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:06:28.0014 0x0eb4  Processor - ok
10:06:28.0069 0x0eb4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:06:28.0073 0x0eb4  ProfSvc - ok
10:06:28.0089 0x0eb4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:06:28.0091 0x0eb4  ProtectedStorage - ok
10:06:28.0144 0x0eb4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:06:28.0146 0x0eb4  Psched - ok
10:06:28.0205 0x0eb4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:06:28.0232 0x0eb4  ql2300 - ok
10:06:28.0254 0x0eb4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:06:28.0256 0x0eb4  ql40xx - ok
10:06:28.0310 0x0eb4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:06:28.0316 0x0eb4  QWAVE - ok
10:06:28.0330 0x0eb4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:06:28.0331 0x0eb4  QWAVEdrv - ok
10:06:28.0342 0x0eb4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:06:28.0342 0x0eb4  RasAcd - ok
10:06:28.0391 0x0eb4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:06:28.0392 0x0eb4  RasAgileVpn - ok
10:06:28.0403 0x0eb4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:06:28.0406 0x0eb4  RasAuto - ok
10:06:28.0461 0x0eb4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:06:28.0464 0x0eb4  Rasl2tp - ok
10:06:28.0482 0x0eb4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:06:28.0489 0x0eb4  RasMan - ok
10:06:28.0499 0x0eb4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:06:28.0501 0x0eb4  RasPppoe - ok
10:06:28.0509 0x0eb4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:06:28.0511 0x0eb4  RasSstp - ok
10:06:28.0581 0x0eb4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:06:28.0589 0x0eb4  rdbss - ok
10:06:28.0622 0x0eb4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:06:28.0623 0x0eb4  rdpbus - ok
10:06:28.0639 0x0eb4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:06:28.0640 0x0eb4  RDPCDD - ok
10:06:28.0665 0x0eb4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:06:28.0665 0x0eb4  RDPENCDD - ok
10:06:28.0683 0x0eb4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:06:28.0684 0x0eb4  RDPREFMP - ok
10:06:28.0765 0x0eb4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:06:28.0765 0x0eb4  RdpVideoMiniport - ok
10:06:28.0821 0x0eb4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:06:28.0824 0x0eb4  RDPWD - ok
10:06:28.0877 0x0eb4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:06:28.0881 0x0eb4  rdyboost - ok
10:06:28.0925 0x0eb4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:06:28.0927 0x0eb4  RemoteAccess - ok
10:06:28.0981 0x0eb4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:06:28.0985 0x0eb4  RemoteRegistry - ok
10:06:28.0994 0x0eb4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:06:28.0996 0x0eb4  RpcEptMapper - ok
10:06:29.0049 0x0eb4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:06:29.0050 0x0eb4  RpcLocator - ok
10:06:29.0111 0x0eb4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:06:29.0121 0x0eb4  RpcSs - ok
10:06:29.0171 0x0eb4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:06:29.0173 0x0eb4  rspndr - ok
10:06:29.0211 0x0eb4  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:06:29.0220 0x0eb4  RTL8167 - ok
10:06:29.0230 0x0eb4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:06:29.0231 0x0eb4  SamSs - ok
10:06:29.0277 0x0eb4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:06:29.0280 0x0eb4  sbp2port - ok
10:06:29.0334 0x0eb4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:06:29.0338 0x0eb4  SCardSvr - ok
10:06:29.0386 0x0eb4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:06:29.0387 0x0eb4  scfilter - ok
10:06:29.0484 0x0eb4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:06:29.0508 0x0eb4  Schedule - ok
10:06:29.0563 0x0eb4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:06:29.0565 0x0eb4  SCPolicySvc - ok
10:06:29.0618 0x0eb4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:06:29.0622 0x0eb4  SDRSVC - ok
10:06:29.0672 0x0eb4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:06:29.0673 0x0eb4  secdrv - ok
10:06:29.0687 0x0eb4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:06:29.0689 0x0eb4  seclogon - ok
10:06:29.0746 0x0eb4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:06:29.0748 0x0eb4  SENS - ok
10:06:29.0767 0x0eb4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:06:29.0769 0x0eb4  SensrSvc - ok
10:06:29.0782 0x0eb4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:06:29.0783 0x0eb4  Serenum - ok
10:06:29.0794 0x0eb4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:06:29.0796 0x0eb4  Serial - ok
10:06:29.0848 0x0eb4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:06:29.0849 0x0eb4  sermouse - ok
10:06:29.0916 0x0eb4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:06:29.0920 0x0eb4  SessionEnv - ok
10:06:29.0967 0x0eb4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:06:29.0968 0x0eb4  sffdisk - ok
10:06:30.0016 0x0eb4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:06:30.0017 0x0eb4  sffp_mmc - ok
10:06:30.0072 0x0eb4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:06:30.0073 0x0eb4  sffp_sd - ok
10:06:30.0124 0x0eb4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:06:30.0125 0x0eb4  sfloppy - ok
10:06:30.0200 0x0eb4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:06:30.0207 0x0eb4  SharedAccess - ok
10:06:30.0230 0x0eb4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:06:30.0238 0x0eb4  ShellHWDetection - ok
10:06:30.0250 0x0eb4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:06:30.0251 0x0eb4  SiSRaid2 - ok
10:06:30.0268 0x0eb4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:06:30.0270 0x0eb4  SiSRaid4 - ok
10:06:30.0288 0x0eb4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:06:30.0290 0x0eb4  Smb - ok
10:06:30.0344 0x0eb4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:06:30.0346 0x0eb4  SNMPTRAP - ok
10:06:30.0364 0x0eb4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:06:30.0367 0x0eb4  spldr - ok
10:06:30.0433 0x0eb4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:06:30.0444 0x0eb4  Spooler - ok
10:06:30.0589 0x0eb4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:06:30.0651 0x0eb4  sppsvc - ok
10:06:30.0683 0x0eb4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:06:30.0685 0x0eb4  sppuinotify - ok
10:06:30.0749 0x0eb4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:06:30.0758 0x0eb4  srv - ok
10:06:30.0822 0x0eb4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:06:30.0830 0x0eb4  srv2 - ok
10:06:30.0885 0x0eb4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:06:30.0888 0x0eb4  srvnet - ok
10:06:30.0904 0x0eb4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:06:30.0908 0x0eb4  SSDPSRV - ok
10:06:30.0914 0x0eb4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:06:30.0918 0x0eb4  SstpSvc - ok
10:06:30.0966 0x0eb4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:06:30.0967 0x0eb4  stexstor - ok
10:06:31.0036 0x0eb4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:06:31.0047 0x0eb4  stisvc - ok
10:06:31.0082 0x0eb4  [ 1A6636D0E7E38CEB2B6B2E00AC17A4AF, 6649E824E6C0CD3FAC84BB395A340170807068A290E6F2A1CE84CB803FD684C9 ] SupraSavingsService64 C:\Program Files (x86)\CB78F643-3729-434F-8C25-F28D15F025F3\SupraSavingsService64.exe
10:06:31.0085 0x0eb4  SupraSavingsService64 - ok
10:06:31.0131 0x0eb4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:06:31.0132 0x0eb4  swenum - ok
10:06:31.0200 0x0eb4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:06:31.0214 0x0eb4  swprv - ok
10:06:31.0304 0x0eb4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:06:31.0337 0x0eb4  SysMain - ok
         
Code:
ATTFilter
10:06:31.0358 0x0eb4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:06:31.0361 0x0eb4  TabletInputService - ok
10:06:31.0383 0x0eb4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:06:31.0389 0x0eb4  TapiSrv - ok
10:06:31.0404 0x0eb4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:06:31.0407 0x0eb4  TBS - ok
10:06:31.0525 0x0eb4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:06:31.0562 0x0eb4  Tcpip - ok
10:06:31.0632 0x0eb4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:06:31.0665 0x0eb4  TCPIP6 - ok
10:06:31.0724 0x0eb4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:06:31.0725 0x0eb4  tcpipreg - ok
10:06:31.0776 0x0eb4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:06:31.0777 0x0eb4  TDPIPE - ok
10:06:31.0800 0x0eb4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:06:31.0801 0x0eb4  TDTCP - ok
10:06:31.0851 0x0eb4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:06:31.0854 0x0eb4  tdx - ok
10:06:31.0917 0x0eb4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:06:31.0926 0x0eb4  TermDD - ok
10:06:32.0001 0x0eb4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:06:32.0023 0x0eb4  TermService - ok
10:06:32.0074 0x0eb4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:06:32.0077 0x0eb4  Themes - ok
10:06:32.0126 0x0eb4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:06:32.0129 0x0eb4  THREADORDER - ok
10:06:32.0140 0x0eb4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:06:32.0143 0x0eb4  TrkWks - ok
10:06:32.0215 0x0eb4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:06:32.0219 0x0eb4  TrustedInstaller - ok
10:06:32.0269 0x0eb4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:06:32.0273 0x0eb4  tssecsrv - ok
10:06:32.0325 0x0eb4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:06:32.0327 0x0eb4  TsUsbFlt - ok
10:06:32.0382 0x0eb4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:06:32.0386 0x0eb4  tunnel - ok
10:06:32.0435 0x0eb4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:06:32.0437 0x0eb4  uagp35 - ok
10:06:32.0462 0x0eb4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:06:32.0471 0x0eb4  udfs - ok
10:06:32.0535 0x0eb4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:06:32.0537 0x0eb4  UI0Detect - ok
10:06:32.0555 0x0eb4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:06:32.0556 0x0eb4  uliagpkx - ok
10:06:32.0610 0x0eb4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:06:32.0612 0x0eb4  umbus - ok
10:06:32.0631 0x0eb4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:06:32.0631 0x0eb4  UmPass - ok
10:06:32.0635 0x0eb4  Update EnterDigital - ok
10:06:32.0657 0x0eb4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:06:32.0665 0x0eb4  upnphost - ok
10:06:32.0710 0x0eb4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:06:32.0711 0x0eb4  USBAAPL64 - ok
10:06:32.0762 0x0eb4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:06:32.0764 0x0eb4  usbccgp - ok
10:06:32.0794 0x0eb4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:06:32.0796 0x0eb4  usbcir - ok
10:06:32.0814 0x0eb4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:06:32.0816 0x0eb4  usbehci - ok
10:06:32.0836 0x0eb4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:06:32.0842 0x0eb4  usbhub - ok
10:06:32.0852 0x0eb4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:06:32.0853 0x0eb4  usbohci - ok
10:06:32.0925 0x0eb4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:06:32.0927 0x0eb4  usbprint - ok
10:06:32.0981 0x0eb4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:06:32.0983 0x0eb4  USBSTOR - ok
10:06:32.0999 0x0eb4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:06:33.0000 0x0eb4  usbuhci - ok
10:06:33.0052 0x0eb4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:06:33.0054 0x0eb4  UxSms - ok
10:06:33.0067 0x0eb4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:06:33.0069 0x0eb4  VaultSvc - ok
10:06:33.0078 0x0eb4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:06:33.0079 0x0eb4  vdrvroot - ok
10:06:33.0136 0x0eb4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:06:33.0147 0x0eb4  vds - ok
10:06:33.0206 0x0eb4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:06:33.0207 0x0eb4  vga - ok
10:06:33.0221 0x0eb4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:06:33.0222 0x0eb4  VgaSave - ok
10:06:33.0276 0x0eb4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:06:33.0280 0x0eb4  vhdmp - ok
10:06:33.0330 0x0eb4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:06:33.0330 0x0eb4  viaide - ok
10:06:33.0342 0x0eb4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:06:33.0343 0x0eb4  volmgr - ok
10:06:33.0398 0x0eb4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:06:33.0405 0x0eb4  volmgrx - ok
10:06:33.0462 0x0eb4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:06:33.0467 0x0eb4  volsnap - ok
10:06:33.0517 0x0eb4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:06:33.0520 0x0eb4  vsmraid - ok
10:06:33.0623 0x0eb4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:06:33.0651 0x0eb4  VSS - ok
10:06:33.0664 0x0eb4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:06:33.0665 0x0eb4  vwifibus - ok
10:06:33.0681 0x0eb4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:06:33.0682 0x0eb4  vwififlt - ok
10:06:33.0746 0x0eb4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:06:33.0754 0x0eb4  W32Time - ok
10:06:33.0777 0x0eb4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:06:33.0778 0x0eb4  WacomPen - ok
10:06:33.0828 0x0eb4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:06:33.0830 0x0eb4  WANARP - ok
10:06:33.0836 0x0eb4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:06:33.0838 0x0eb4  Wanarpv6 - ok
10:06:33.0882 0x0eb4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:06:33.0909 0x0eb4  wbengine - ok
10:06:33.0924 0x0eb4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:06:33.0928 0x0eb4  WbioSrvc - ok
10:06:33.0980 0x0eb4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:06:33.0987 0x0eb4  wcncsvc - ok
10:06:33.0999 0x0eb4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:06:34.0001 0x0eb4  WcsPlugInService - ok
10:06:34.0045 0x0eb4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:06:34.0046 0x0eb4  Wd - ok
10:06:34.0135 0x0eb4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:06:34.0152 0x0eb4  Wdf01000 - ok
10:06:34.0169 0x0eb4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:06:34.0172 0x0eb4  WdiServiceHost - ok
10:06:34.0178 0x0eb4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:06:34.0181 0x0eb4  WdiSystemHost - ok
10:06:34.0238 0x0eb4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:06:34.0243 0x0eb4  WebClient - ok
10:06:34.0260 0x0eb4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:06:34.0265 0x0eb4  Wecsvc - ok
10:06:34.0281 0x0eb4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:06:34.0284 0x0eb4  wercplsupport - ok
10:06:34.0295 0x0eb4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:06:34.0298 0x0eb4  WerSvc - ok
10:06:34.0349 0x0eb4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:06:34.0350 0x0eb4  WfpLwf - ok
10:06:34.0367 0x0eb4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:06:34.0368 0x0eb4  WIMMount - ok
10:06:34.0397 0x0eb4  WinDefend - ok
10:06:34.0418 0x0eb4  WindowsMangerProtect - ok
10:06:34.0422 0x0eb4  WinHttpAutoProxySvc - ok
10:06:34.0499 0x0eb4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:06:34.0507 0x0eb4  Winmgmt - ok
10:06:34.0599 0x0eb4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
10:06:34.0635 0x0eb4  WinRM - ok
10:06:34.0670 0x0eb4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:06:34.0672 0x0eb4  WinUsb - ok
10:06:34.0748 0x0eb4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:06:34.0765 0x0eb4  Wlansvc - ok
10:06:34.0852 0x0eb4  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:06:34.0890 0x0eb4  wlidsvc - ok
10:06:34.0946 0x0eb4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:06:34.0947 0x0eb4  WmiAcpi - ok
10:06:35.0003 0x0eb4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:06:35.0007 0x0eb4  wmiApSrv - ok
10:06:35.0025 0x0eb4  WMPNetworkSvc - ok
10:06:35.0078 0x0eb4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:06:35.0079 0x0eb4  WPCSvc - ok
10:06:35.0135 0x0eb4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:06:35.0138 0x0eb4  WPDBusEnum - ok
10:06:35.0191 0x0eb4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:06:35.0192 0x0eb4  ws2ifsl - ok
10:06:35.0203 0x0eb4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:06:35.0207 0x0eb4  wscsvc - ok
10:06:35.0212 0x0eb4  WSearch - ok
10:06:35.0325 0x0eb4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:06:35.0369 0x0eb4  wuauserv - ok
10:06:35.0428 0x0eb4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:06:35.0429 0x0eb4  WudfPf - ok
10:06:35.0444 0x0eb4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:06:35.0448 0x0eb4  WUDFRd - ok
10:06:35.0501 0x0eb4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:06:35.0504 0x0eb4  wudfsvc - ok
10:06:35.0563 0x0eb4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:06:35.0568 0x0eb4  WwanSvc - ok
10:06:35.0585 0x0eb4  ================ Scan global ===============================
10:06:35.0598 0x0eb4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:06:35.0652 0x0eb4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:06:35.0664 0x0eb4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:06:35.0712 0x0eb4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:06:35.0766 0x0eb4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:06:35.0773 0x0eb4  [ Global ] - ok
10:06:35.0773 0x0eb4  ================ Scan MBR ==================================
10:06:35.0779 0x0eb4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:06:35.0998 0x0eb4  \Device\Harddisk0\DR0 - ok
10:06:35.0998 0x0eb4  ================ Scan VBR ==================================
10:06:36.0001 0x0eb4  [ 165AFBE9DB6734817E9C60ECB340A5CA ] \Device\Harddisk0\DR0\Partition1
10:06:36.0003 0x0eb4  \Device\Harddisk0\DR0\Partition1 - ok
10:06:36.0007 0x0eb4  [ F2393307D2C6853D77840921D21F94C8 ] \Device\Harddisk0\DR0\Partition2
10:06:36.0009 0x0eb4  \Device\Harddisk0\DR0\Partition2 - ok
10:06:36.0009 0x0eb4  ================ Scan generic autorun ======================
10:06:36.0166 0x0eb4  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
10:06:36.0188 0x0eb4  MSC - ok
10:06:36.0228 0x0eb4  [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
10:06:36.0243 0x0eb4  AVMWlanClient - ok
10:06:36.0315 0x0eb4  [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:06:36.0323 0x0eb4  SunJavaUpdateSched - ok
10:06:36.0429 0x0eb4  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:06:36.0432 0x0eb4  iTunesHelper - ok
10:06:36.0496 0x0eb4  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:06:36.0503 0x0eb4  QuickTime Task - ok
10:06:36.0597 0x0eb4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:06:36.0618 0x0eb4  Sidebar - ok
10:06:36.0668 0x0eb4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:06:36.0671 0x0eb4  mctadmin - ok
10:06:36.0713 0x0eb4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:06:36.0731 0x0eb4  Sidebar - ok
10:06:36.0740 0x0eb4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:06:36.0743 0x0eb4  mctadmin - ok
10:06:36.0748 0x0eb4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
10:06:36.0752 0x0eb4  Win FW state via NFP2: enabled
10:06:36.0753 0x0eb4  ============================================================
10:06:36.0753 0x0eb4  Scan finished
10:06:36.0753 0x0eb4  ============================================================
10:06:36.0764 0x1254  Detected object count: 0
10:06:36.0764 0x1254  Actual detected object count: 0
         
So,das war jetzt alles, hoffe ich... und alles Bömische Dörfer :/

Alt 01.02.2015, 15:38   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2015, 17:58   #9
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Code:
ATTFilter
ComboFix 15-01-29.01 - Sandra Weilnau 01.02.2015  17:42:36.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3839.1752 [GMT 1:00]
ausgeführt von:: c:\users\Sandra Weilnau\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-01-01 bis 2015-02-01  ))))))))))))))))))))))))))))))
.
.
2015-02-01 16:48 . 2015-02-01 16:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-02-01 16:46 . 2015-02-01 16:46	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A362C864-7E53-4881-B191-6EF7FA65D41E}\offreg.dll
2015-02-01 16:36 . 2015-02-01 16:36	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2015-02-01 11:34 . 2015-02-01 11:37	--------	d-----w-	C:\AdwCleaner
2015-02-01 10:36 . 2015-02-01 10:36	--------	d-----w-	c:\program files (x86)\GUMD135.tmp
2015-02-01 10:36 . 2015-02-01 10:36	6000640	----a-w-	c:\program files (x86)\GUTD136.tmp
2015-02-01 10:34 . 2015-02-01 10:34	--------	d-----w-	c:\users\Sandra Weilnau\AppData\Roaming\AVAST Software
2015-02-01 10:32 . 2015-02-01 10:32	--------	d-----w-	c:\windows\SysWow64\vbox
2015-02-01 10:32 . 2015-02-01 10:32	--------	d-----w-	c:\windows\system32\vbox
2015-02-01 10:31 . 2015-02-01 10:40	--------	d-----w-	c:\program files\Google
2015-02-01 10:28 . 2015-02-01 10:28	43152	----a-w-	c:\windows\avastSS.scr
2015-02-01 10:27 . 2015-02-01 10:27	--------	d-----w-	c:\program files\AVAST Software
2015-02-01 10:26 . 2015-02-01 10:27	--------	d-----w-	c:\programdata\AVAST Software
2015-02-01 08:37 . 2015-02-01 08:37	--------	d-----w-	c:\programdata\Malwarebytes
2015-02-01 08:37 . 2015-02-01 08:54	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-02-01 08:37 . 2015-02-01 08:37	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-01 08:36 . 2015-02-01 08:36	97496	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-02-01 08:28 . 2015-02-01 08:28	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-01-31 15:59 . 2015-01-31 16:01	--------	d-----w-	C:\FRST
2015-01-18 13:24 . 2015-01-18 13:25	--------	d-----w-	c:\program files (x86)\Safari
2015-01-18 13:22 . 2015-01-18 13:22	--------	d-----w-	c:\users\Sandra Weilnau\AppData\Local\Macromedia
2015-01-18 13:21 . 2015-01-18 13:21	--------	d-----w-	c:\users\Sandra Weilnau\AppData\Local\Mozilla
2015-01-18 13:20 . 2015-01-27 13:06	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2015-01-16 11:25 . 2015-02-01 11:37	--------	d-----w-	c:\windows\system32\log
2015-01-14 14:20 . 2014-12-19 01:46	141312	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2015-01-14 14:19 . 2014-12-19 03:06	210432	----a-w-	c:\windows\system32\profsvc.dll
2015-01-14 14:19 . 2014-12-06 04:17	303616	----a-w-	c:\windows\system32\nlasvc.dll
2015-01-14 14:19 . 2014-12-06 03:50	52224	----a-w-	c:\windows\SysWow64\nlaapi.dll
2015-01-14 14:19 . 2014-12-06 03:50	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2015-01-14 14:19 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-01-14 14:19 . 2014-12-12 05:35	5553592	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-01-14 14:19 . 2014-12-12 05:11	3971512	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-01-14 14:19 . 2014-12-12 05:11	3916728	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-01-14 14:19 . 2014-12-12 05:31	503808	----a-w-	c:\windows\system32\srcore.dll
2015-01-14 14:19 . 2014-12-12 05:31	50176	----a-w-	c:\windows\system32\srclient.dll
2015-01-14 14:19 . 2014-12-12 05:31	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-01-14 14:19 . 2014-12-12 05:07	43008	----a-w-	c:\windows\SysWow64\srclient.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-01 14:34 . 2014-11-13 14:33	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-01-26 09:22 . 2014-06-10 18:24	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-26 09:22 . 2014-06-10 18:24	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-14 16:21 . 2014-06-13 17:27	113365784	----a-w-	c:\windows\system32\MRT.exe
2014-12-31 11:14 . 2014-06-10 18:16	298120	------w-	c:\windows\system32\MpSigStub.exe
2014-12-13 05:09 . 2014-12-18 11:33	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 11:33	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-10 21:09	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-10 21:09	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-10 21:09	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-10 21:09	830976	----a-w-	c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-10 21:09	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-10 21:09	227328	----a-w-	c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-10 21:09	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-10 21:09	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-10 21:15	389296	----a-w-	c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-10 21:15	25059840	----a-w-	c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 21:15	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 21:15	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 21:15	66560	----a-w-	c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 21:15	580096	----a-w-	c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 21:15	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 21:15	2885120	----a-w-	c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 21:15	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 21:15	54784	----a-w-	c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 21:15	34304	----a-w-	c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 21:15	633856	----a-w-	c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 21:15	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 21:15	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 21:15	6039552	----a-w-	c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 21:15	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 21:15	490496	----a-w-	c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 21:15	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 21:15	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 21:15	199680	----a-w-	c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 21:15	92160	----a-w-	c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 21:15	501248	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 21:15	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 21:15	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 21:15	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 21:15	316928	----a-w-	c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 21:15	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 21:15	718848	----a-w-	c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 21:15	800768	----a-w-	c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 21:15	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 21:15	2125312	----a-w-	c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 21:15	14412800	----a-w-	c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 21:15	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 21:15	4299264	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 21:15	2358272	----a-w-	c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 21:15	2052096	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 21:15	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 21:15	1548288	----a-w-	c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 21:15	800768	----a-w-	c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 21:15	1888256	----a-w-	c:\windows\SysWow64\wininet.dll
2014-11-11 03:09 . 2014-12-10 21:03	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 06:14	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 06:14	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 21:03	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 06:14	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 06:14	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-10 21:03	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-10 20:58	2048	----a-w-	c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-10 20:58	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
         
Code:
ATTFilter
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\FRITZWLANMini.exe" [2012-08-21 933888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - aswHwid
*Deregistered* - aswStm
*Deregistered* - VBoxAswDrv
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-10 09:22]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.search.selectedEngine - Yahoo! (Avast)
FF - prefs.js: browser.startup.homepage - hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
         
Code:
ATTFilter
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-02-01  17:51:07
ComboFix-quarantined-files.txt  2015-02-01 16:51
.
Vor Suchlauf: 16 Verzeichnis(se), 87.992.991.744 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 87.831.400.448 Bytes frei
.
- - End Of File - - 91673C09C779AD67289C876999A82261
A36C5E4F47E84449FF07ED3517B43A31
         
Das ist der Log.....

Da ich ja nicht wirklich verstehe was das alles bedeutet.....
Hatte ich was drauf?
Und viel wichtiger - ist es jetzt weg?

Alt 01.02.2015, 19:45   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Ja, aber nur Adware.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2015, 21:14   #11
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.02.2015
Suchlauf-Zeit: 20:21:58
Logdatei: Malware.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.01.06
Rootkit Datenbank: v2015.01.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sandra Weilnau

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 345342
Verstrichene Zeit: 16 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.EnterDigital.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update EnterDigital, In Quarantäne, [b397041505853ff73007d2361aeb8779], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 3
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [5febfd1cdfabd2641bc44fee55ab2ad6], 
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [da701900aae01125d33e7203bf46b24e], 
PUP.Optional.QuickSideBar.A, C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ainbkicbloikcngphmjfpjdemblcojdd_0.localstorage, In Quarantäne, [50fa1ffa3c4e2016afb69513d72cce32], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 01/02/2015 um 20:48:13
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sandra Weilnau - SANDRAWEILNAU
# Gestartet von : C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Google Chrome v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [8272 octets] - [01/02/2015 12:34:50]
AdwCleaner[R1].txt - [775 octets] - [01/02/2015 20:48:13]
AdwCleaner[S0].txt - [7264 octets] - [01/02/2015 12:37:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [894 octets] ##########
         
Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 01/02/2015 um 20:50:16
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sandra Weilnau - SANDRAWEILNAU
# Gestartet von : C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Google Chrome v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [8272 octets] - [01/02/2015 12:34:50]
AdwCleaner[R1].txt - [973 octets] - [01/02/2015 20:48:13]
AdwCleaner[S0].txt - [7264 octets] - [01/02/2015 12:37:25]
AdwCleaner[S1].txt - [895 octets] - [01/02/2015 20:50:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [954 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sandra Weilnau on 01.02.2015 at 20:57:54,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update sizlsearch



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Sandra Weilnau\AppData\Roaming\mozilla\firefox\profiles\4qsoxp54.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.02.2015 at 21:03:21,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Sandra Weilnau (administrator) on SANDRAWEILNAU on 01-02-2015 21:07:17
Running from C:\Users\Sandra Weilnau\Downloads
Loaded Profiles: Sandra Weilnau (Available profiles: Sandra Weilnau)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-01] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default
FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com/?fr=hp-avast&type=avastbcl
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-338094041-3377201104-4203914905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sandra Weilnau\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\searchplugins\yahoo-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google Search) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Gmail) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-01]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\Sandra Weilnau\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-01] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-01] (Avast Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-01] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-01] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 21:07 - 2015-02-01 21:07 - 00012669 _____ () C:\Users\Sandra Weilnau\Downloads\FRST.txt
2015-02-01 21:06 - 2015-02-01 21:07 - 02131456 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64.exe
2015-02-01 21:03 - 2015-02-01 21:03 - 00000947 _____ () C:\Users\Sandra Weilnau\Desktop\JRT.txt
2015-02-01 20:57 - 2015-02-01 20:57 - 01707939 _____ (Thisisu) C:\Users\Sandra Weilnau\Downloads\JRT.exe
2015-02-01 20:57 - 2015-02-01 20:57 - 00000000 ____D () C:\Windows\ERUNT
2015-02-01 20:47 - 2015-02-01 20:47 - 02194432 _____ () C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe
2015-02-01 20:45 - 2015-02-01 20:45 - 00001715 _____ () C:\Malware.txt
2015-02-01 20:20 - 2015-02-01 20:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-01 20:20 - 2015-02-01 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-01 20:19 - 2015-02-01 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-01 20:19 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-01 20:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-01 20:18 - 2015-02-01 20:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sandra Weilnau\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-01 18:55 - 2015-02-01 18:55 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-55-04.001-aswFe.exe-4204.log
2015-02-01 18:54 - 2015-02-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-54-58.096-AvastVBoxSVC.exe-4300.log
2015-02-01 18:49 - 2015-02-01 18:49 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-49-30.015-aswFe.exe-4584.log
2015-02-01 18:49 - 2015-02-01 18:49 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-49-24.003-AvastVBoxSVC.exe-4696.log
2015-02-01 18:32 - 2015-02-01 18:32 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-01 18:31 - 2015-02-01 18:31 - 14107296 _____ (Microsoft Corporation) C:\Users\Sandra Weilnau\Downloads\mseinstall.exe
2015-02-01 18:26 - 2015-02-01 18:26 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-26-37.049-aswFe.exe-204.log
2015-02-01 18:23 - 2015-02-01 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-23-53.033-aswFe.exe-1664.log
2015-02-01 18:23 - 2015-02-01 18:23 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-23-49.090-AvastVBoxSVC.exe-4148.log
2015-02-01 18:17 - 2015-02-01 18:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-01 18:17 - 2015-02-01 18:17 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-01 18:17 - 2015-02-01 18:17 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-01 18:17 - 2015-02-01 18:17 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-01 18:17 - 2015-02-01 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-01 18:17 - 2015-02-01 11:28 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-01 18:17 - 2015-02-01 11:28 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-01 18:07 - 2015-02-01 18:08 - 132469808 _____ (AVAST Software) C:\Users\Sandra Weilnau\Downloads\avast_free_antivirus_setup_10.2208.712.exe
2015-02-01 17:51 - 2015-02-01 17:51 - 00017145 _____ () C:\ComboFix.txt
2015-02-01 17:40 - 2015-02-01 17:51 - 00000000 ____D () C:\Qoobox
2015-02-01 17:40 - 2015-02-01 17:50 - 00000000 ____D () C:\Windows\erdnt
2015-02-01 17:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-01 17:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-01 17:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-01 17:35 - 2015-02-01 17:35 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-35-39.072-AvastVBoxSVC.exe-2744.log
2015-02-01 17:31 - 2015-02-01 17:31 - 05611408 ____R (Swearware) C:\Users\Sandra Weilnau\Downloads\ComboFix.exe
2015-02-01 17:22 - 2015-02-01 17:22 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-22-30.078-AvastVBoxSVC.exe-3324.log
2015-02-01 15:18 - 2015-02-01 15:19 - 00000197 _____ () C:\Windows\system32\2015-02-01-14-18-53.031-AvastVBoxSVC.exe-2892.log
2015-02-01 12:41 - 2015-02-01 12:41 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-41-52.065-AvastVBoxSVC.exe-2632.log
2015-02-01 12:34 - 2015-02-01 20:50 - 00000000 ____D () C:\AdwCleaner
2015-02-01 12:06 - 2015-02-01 12:07 - 00000247 _____ () C:\Windows\system32\2015-02-01-11-06-58.083-aswFe.exe-4672.log
2015-02-01 11:57 - 2015-02-01 12:06 - 00000247 _____ () C:\Windows\system32\2015-02-01-10-57-18.036-aswFe.exe-2404.log
2015-02-01 11:57 - 2015-02-01 11:57 - 00000197 _____ () C:\Windows\system32\2015-02-01-10-57-11.057-AvastVBoxSVC.exe-3064.log
2015-02-01 11:36 - 2015-02-01 11:36 - 06000640 _____ () C:\Program Files (x86)\GUTD136.tmp
2015-02-01 11:36 - 2015-02-01 11:36 - 00000000 ____D () C:\Program Files (x86)\GUMD135.tmp
2015-02-01 11:34 - 2015-02-01 11:34 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\AVAST Software
2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-01 11:31 - 2015-02-01 11:40 - 00000000 ____D () C:\Program Files\Google
2015-02-01 11:28 - 2015-02-01 11:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-01 11:27 - 2015-02-01 11:27 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-01 11:26 - 2015-02-01 11:27 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-01 09:37 - 2015-02-01 20:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 09:37 - 2015-02-01 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 09:37 - 2015-02-01 09:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-01 09:36 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-01 09:28 - 2015-02-01 09:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-31 16:59 - 2015-02-01 21:07 - 00000000 ____D () C:\FRST
2015-01-27 10:13 - 2015-01-27 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-18 17:12 - 2015-02-01 20:51 - 00004698 _____ () C:\Windows\setupact.log
2015-01-18 17:12 - 2015-01-18 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 17:11 - 2015-02-01 20:51 - 00433512 _____ () C:\Windows\PFRO.log
2015-01-18 14:25 - 2015-01-18 14:25 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-01-18 14:24 - 2015-01-18 14:25 - 00000000 ____D () C:\Program Files (x86)\Safari
2015-01-18 14:22 - 2015-01-18 14:22 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Macromedia
2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Mozilla
2015-01-18 14:20 - 2015-01-27 14:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 14:20 - 2015-01-18 14:20 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-16 12:25 - 2015-02-01 12:37 - 00000000 ____D () C:\Windows\system32\log
2015-01-14 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:19 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:19 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:19 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:19 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 15:19 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 20:58 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-01 20:58 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-01 20:55 - 2014-06-10 18:16 - 01246539 _____ () C:\Windows\WindowsUpdate.log
2015-02-01 20:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-01 20:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-02-01 20:39 - 2014-06-10 19:52 - 00000000 ____D () C:\temp
2015-02-01 20:22 - 2014-11-02 14:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-01 18:32 - 2014-06-12 05:55 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-01 17:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-01 17:48 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-01 12:37 - 2014-06-10 18:44 - 00001013 _____ () C:\Users\Sandra Weilnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-01 12:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-01 11:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Google
2015-01-27 12:25 - 2014-09-02 08:53 - 00000242 _____ () C:\Users\Sandra Weilnau\BullseyeCoverageError.txt
2015-01-26 10:22 - 2014-11-02 14:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 10:22 - 2014-06-10 19:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 10:22 - 2014-06-10 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 20:20 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Apple Computer
2015-01-18 20:30 - 2014-06-11 04:10 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 20:30 - 2014-06-11 04:10 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 20:30 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-18 14:25 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Apple Computer
2015-01-18 13:58 - 2014-11-02 14:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-18 13:55 - 2014-11-02 14:31 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-14 17:26 - 2014-06-13 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:21 - 2014-06-13 18:27 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 19:54 - 2014-06-17 08:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\vlc
2015-01-09 11:15 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-08 20:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-02-01 11:36 - 2015-02-01 11:36 - 6000640 _____ () C:\Program Files (x86)\GUTD136.tmp

Some content of TEMP:
====================
C:\Users\Sandra Weilnau\AppData\Local\Temp\Quarantine.exe
C:\Users\Sandra Weilnau\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 09:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Ist das jetzt alles okay so?

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Sandra Weilnau at 2015-02-01 21:08:05
Running from C:\Users\Sandra Weilnau\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Unity Web Player (HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-01-2015 13:45:27 Windows Update
18-01-2015 14:24:06 Installed Safari
21-01-2015 21:35:17 Windows Update
26-01-2015 09:09:59 Windows Update
29-01-2015 10:36:51 Windows Update
01-02-2015 09:29:13 Revo Uninstaller's restore point - WinZipper
01-02-2015 09:32:28 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!)
01-02-2015 11:27:27 avast! antivirus system restore point
01-02-2015 11:49:37 Removed Java 8 Update 25
01-02-2015 11:50:38 Removed Java 8 Update 25 (64-bit)
01-02-2015 17:35:03 avast! antivirus system restore point
01-02-2015 18:16:01 avast! antivirus system restore point
01-02-2015 18:29:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-10 19:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03471EC2-D1EF-4912-A06D-6E3527413301} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {4F9168FA-DF64-4BDB-9DC2-F5CD7214BAD8} - System32\Tasks\{0BFD0BD1-B78A-48FB-BDB0-1D19DAEB6821} => pcalua.exe -a C:\Users\SANDRA~1\AppData\Local\Temp\{D132361B-7D51-4CA2-B31D-695926883B08}\InstallFlashPlayer.exe -d C:\Users\SANDRA~1\AppData\Local\Temp\IDC2.tmp -c -iv 6
Task: {582986BC-7704-4E3D-8A47-FEFDAF58E4B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {87EBAF50-877D-49CB-AB01-238381004950} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-01] (AVAST Software)
Task: {C6EF8342-447B-4602-9D82-E368285BE08E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE6C9AD6-19A0-4D00-AB3E-11F9E9E1A157} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F4CE997F-9700-4C42-BE97-8726373DF709} - System32\Tasks\{39E7ABE2-4635-4A33-A61A-5561D6505943} => pcalua.exe -a "C:\Users\Sandra Weilnau\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2015-02-01 11:28 - 2015-02-01 11:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-01 20:13 - 2015-02-01 20:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-27 10:13 - 2015-01-27 10:14 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-26 10:22 - 2015-01-26 10:22 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-338094041-3377201104-4203914905-500 - Administrator - Disabled)
Gast (S-1-5-21-338094041-3377201104-4203914905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-338094041-3377201104-4203914905-1002 - Limited - Enabled)
Sandra Weilnau (S-1-5-21-338094041-3377201104-4203914905-1000 - Administrator - Enabled) => C:\Users\Sandra Weilnau

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X2 260 Processor
Percentage of memory in use: 41%
Total physical RAM: 3839.18 MB
Available physical RAM: 2259.92 MB
Total Pagefile: 7676.54 MB
Available Pagefile: 5646.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:77.7 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.08 GB) (Free:0.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 02C0D7BF)
Partition 1: (Active) - (Size=84 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 02.02.2015, 09:24   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.02.2015, 19:00   #13
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Ich bin gerade an dem ESET online Scan....
Jetzt hab ich aber noch mal ne Frage )
Ich hatte die ganze Zeit nervige Werbeeinblendungen sobald ich etwas angeklickt habe :/ sind die dann jetzt auch weg? Ich passe schon auf was ich installiere(was man von meinem Mann nicht behaupten kann) aber gibt es da einen sicheren Schutz das nicht wieder Adware drauf kommt?

Der Scan läuft immer noch ist das normal? Vor allem mach ich mir Gedanken weil ja Firewall und Virusprogramm deaktiviert sind

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d3ece7fe3dc0904191326d719f690778
# engine=22260
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-02 05:42:14
# local_time=2015-02-02 06:42:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 84620 116147 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 90559 45879328 0 0
# scanned=749882
# found=287
# cleaned=0
# scan_time=25189
sh=69506F53296DEA6B18878EB4863E2AA3477D0766 ft=1 fh=c71c001173e98cd4 vn="Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=CC041C934F8C519E3A9B3E3971155E8D44BC92B8 ft=1 fh=c71c0011898cc47b vn="Variante von Win32/ELEX.BD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\update\update.exe.vir"
sh=C93FB945956D3241233F257ECD5BC0A0CD586235 ft=0 fh=0000000000000000 vn="JS/Trackware.Agent.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.js.vir"
sh=92B359D33855BF27D6F0C1F58510D7B493A1162B ft=1 fh=4d6af7cbc920e55f vn="Variante von Win32/LoadTubes.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Sandra Weilnau\AppData\Roaming\loadtbs\uninstall.exe.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=8B67C4946B050285FE89EFE36AB6DC2F7B3E2D2F ft=1 fh=d91722da20002316 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Anwendungsdaten\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Anwendungsdaten\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Application Data\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\All Users\WPM\wprotectmanager.exe"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Anwendungsdaten\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Anwendungsdaten\VOPackage\VOPackage.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\nsnC802.tmp"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Anwendungsdaten\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Roaming\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\AppData\Roaming\VOPackage\VOPackage.exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Downloads\setup (1).exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Downloads\setup (2).exe"
sh=835D4B2CD4AB8A53184D5505C30E06E2FEDD3A47 ft=1 fh=9564e183ef98f7cb vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Downloads\setup.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Documents and Settings\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
sh=F86C88388A82F65BC24C4AA5E9976721D5F474C8 ft=1 fh=7acced1143aee893 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3.exe"
sh=F2FC2EAF732B4C7EC6806D7471552E524E0A6356 ft=1 fh=80742489e7f51237 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe"
sh=AE6241AB1CD9CBAEC6EB20D72A1003D31E17662B ft=1 fh=9d51af4df9578bd3 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-5.exe"
sh=E329C3DE6775C68A8F25BE1B192C1EA171468AE4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\54246.crx"
sh=CA71ECAF757D9BDC073C66B8993FC25B6C8924A1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\54246.xpi"
sh=677D86005EBDFB5E1F760AD807409DB08536BCDB ft=1 fh=d3c83b4567ac8997 vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bg.exe"
sh=076A3B78D9902AD9C2EBA2B20E9528FEC07D2FA3 ft=1 fh=8030ef68282b4fbe vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll"
sh=03968227D47D277355EF6E7A63678E157969140F ft=1 fh=d8accb8698cd2780 vn="Variante von Win64/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll"
sh=EB969D370BAB52A1CC9198F899956E3BB2409007 ft=1 fh=15ca2823dedff24d vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe"
sh=CE5D01A83E89CA9F9906280F3148F30F773DFFF2 ft=1 fh=c4dccb6a2c703b00 vn="Variante von Win32/Toolbar.CrossRider.BP evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\Uninstall.exe"
sh=80984286766388010D80EF1854A03C840F95F493 ft=1 fh=c1190a78ba67e05f vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\MediaPlayerplus\utils.exe"
sh=5A2788927EE1E67F9E945D10D562C4957A07BE34 ft=1 fh=c71c0011bb6d120b vn="Variante von Win32/AdWare.AddLyrics.AJ Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQL.exe"
sh=A16E4B9EB735F8F3522050F628797D1957383A2B ft=1 fh=1f862fe921f9c131 vn="Variante von Win32/AdWare.AddLyrics.BA Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQL158.dll"
sh=FB727F8C00390F677464DC47FE8BD42D5200D83E ft=1 fh=9893a5de479c5863 vn="Variante von Win32/AdWare.AddLyrics.AK Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe"
sh=8F3CC22D25D4E8696CDB208D45EDD0CEB761FD3D ft=1 fh=ca1eee2075d2f7bd vn="Variante von Win32/AdWare.AddLyrics.AJ Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe"
sh=95F16225F5701E3807D773C3CDC198AE0551630C ft=1 fh=c387e1ea6439112d vn="Variante von Win32/AdWare.AddLyrics.AS Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Re-markit-soft\Uninstall.exe"
sh=1E9189AC027DC6EA73FDB2B282556BF632D10A27 ft=1 fh=de11dca32e2fbb75 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\BrowserConnection.dll"
sh=8FD65DAB9271AA17576B9056C33ECE43F8586B9E ft=1 fh=cced25fe859363ea vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\datamngr.dll"
sh=294E221F7F1ACFE8F242715F347AB94AB9DEED86 ft=1 fh=2e9cfed28213c0bb vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\datamngrUI.exe"
sh=7F585ACED3A1B8F61059A55121C0F465F12B31F2 ft=1 fh=43220a23f668b9bc vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\DnsBHO.dll"
sh=659059A6B630B488F3AA01AFEFE7841584A943DE ft=1 fh=f9cf2ec098d80d5a vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\IEBHO.dll"
sh=B81BAAC9D35824000ADB556418067A9220C40F01 ft=1 fh=23a12d968d390125 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\dtUser.exe"
sh=57E79F81354D497FF57273098E9DC5324E96483F ft=1 fh=3aca384b2c14dc8c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\searchcoreband.dll"
sh=A69E434131FDA85ECC56B0138F097B4F259B9DF2 ft=1 fh=752a3d16031b4239 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll"
sh=EB8F540A30EACBB6426FAE50C9E40878E55FB6A2 ft=1 fh=22c78b88903889b5 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\x64\datamngr.dll"
sh=E269A90BE7BACCC3005CE960ED30AB7EEA3B8A44 ft=1 fh=1bb9b179c6dcb9c3 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\Searchcore Toolbar\Datamngr\x64\IEBHO.dll"
sh=81FBC911F6F39943B5A508257ED317C6A388CA54 ft=1 fh=f881a71255879118 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe"
sh=6F4FD559E82ECD0E9BF238374A8AE7763D9AF88F ft=1 fh=0fe3e64a55eab364 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll"
sh=09975ED04166B761DC1CED0B15BAE6D37DCC0560 ft=1 fh=919d2464905062de vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe"
sh=CC7735B51ACFC778DAFCE7B9C25798C1149059CA ft=1 fh=bdcf262ba56c13e6 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe"
sh=C2BF9E02AAF8CD61356523AF0425BD4DEEE8A0E8 ft=1 fh=aed2a53e39c1b826 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe"
sh=E07AC00C609A9096EFEDCF5839D77AD91C96BD2D ft=1 fh=a44174895411af10 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll"
sh=6C0CFF21847BEBDC22C8ED1C8A24ED19724D7741 ft=1 fh=91d5fb4f6ab1ad55 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"
sh=19D4CD0E4DDB51C3B3A25676F68963807BE1710C ft=1 fh=5c3c9fe0db73a8b4 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll"
sh=3AE79DE1D9A3C56075DB1B53DF9D7880AE03A5F6 ft=1 fh=bd390a3911fc5a39 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"
sh=0F00EB8310C851AAD8AE9C7C17EF5F0D81617D3A ft=1 fh=1090c94a8e08b65e vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe"
sh=189FC4DEFBF3AF52775F7A922789A0CA6A8FF6F8 ft=1 fh=4ed2a41f68ba7620 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Program Files (x86)\SupTab\SupTab.dll"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\ProgramData\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\ProgramData\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Anwendungsdaten\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Anwendungsdaten\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Application Data\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\Application Data\WPM\wprotectmanager.exe"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\IePluginService\PluginService.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\All Users\WPM\wprotectmanager.exe"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Anwendungsdaten\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Anwendungsdaten\VOPackage\VOPackage.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Local\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=99A50219EDE0732C1DAA1EBC02FF704070FFDF68 ft=1 fh=325229d985367b78 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Roaming\SupTab\SupTab.dll"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\AppData\Roaming\VOPackage\VOPackage.exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Downloads\setup (1).exe"
sh=0804AE6FA22DAE1A3975796B28696E10A2D8D948 ft=1 fh=72374d9be8bd9987 vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Downloads\setup (2).exe"
sh=835D4B2CD4AB8A53184D5505C30E06E2FEDD3A47 ft=1 fh=9564e183ef98f7cb vn="Win32/OutBrowse.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Downloads\setup.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\nsnC802.tmp"
sh=68F39FDC5C97B7D3B93A4B793E3E9DAF1ED75344 ft=1 fh=c71c0011ed98cc6f vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\BExternal.dll"
sh=D128CBAF3DEF02BD11A92A43C36D540E47BF06E0 ft=1 fh=6abf192eb2d8af09 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\IECookieLow.dll"
sh=C88D76106C34D093167BD69B433CFF15F24CFE68 ft=1 fh=c9f8a6e51b4e4ea2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Babylon\Setup\Setup.exe"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js"
sh=DCCDC1E9A27E68EB341F10F85E8A27E8A5E9807B ft=1 fh=9ae7f7a1baf6162d vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\InstallShare\2_2952_installer.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
sh=7B890323ABFE8F3BD33BE0BC439076B5525D03B0 ft=1 fh=790f07a45776117f vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\BackupSetup.exe"
sh=6C4BEA15F2A864E8C0BB467B369C1607ADED4594 ft=1 fh=9c3c3228e1e883d9 vn="Variante von Win32/OutBrowse.BA evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\f.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb6C61.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsg47ED.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl44B1.exe"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsl6FFA.exe"
sh=8E06E50B0CBFA8E4CA1C53E149AF51D6CB70B048 ft=1 fh=abbd31e3610824c6 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsnC802.tmp"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\SearchProtectINT.exe"
sh=7D3C13ACA4D8F0F26AD9A458CF86DA235A58CDCE ft=1 fh=413c2d7f5aa203f9 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\android.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Cloud_Backup_Setup.exe"
sh=15F10570FE932F254CFF399754EE7D5B0827F072 ft=1 fh=d0e767fd935de36d vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Freesofttoday.exe"
sh=3F998335D30D6C7098C2F890F21EE732DAF71E08 ft=1 fh=643b85af0768dff0 vn="Variante von Win32/AdWare.NaviPromo.AV Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Installer.exe"
sh=537C8FAD67F52AF763BF552C0039EA5F2381BA45 ft=1 fh=10217ca882c74d14 vn="Variante von Win32/ELEX.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\lly_webssearches.exe"
sh=C4A64BDF413F6FD72759B432C73582AD1248C264 ft=1 fh=6b041bf7d2c6bf38 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\mediaplayerpluus.exe"
sh=7088C77393CC07A87589234E7D2620CBFEF905E9 ft=1 fh=4c2caff6a9ce4872 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\Re-markit_2040-2082.exe"
sh=B369BF1BF2076FD3F1239332F3632514CB1639C0 ft=1 fh=16b69662300ef2dd vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\setup.exe"
sh=53A4B406501E4D70BC52B359A453CC9A964E8E39 ft=1 fh=b0c7faf3ca6afb27 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\speedupmypc.exe"
sh=6AA2FDDB9BED95CFF584DA19ED73FCB46E8F9052 ft=1 fh=954dcd569e746f01 vn="Win32/VOPackage.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\1041b08e-1122-43ac-9ff0-d18f2d53e0f9\software\VOPackage.exe"
sh=DCB97CC5B1977BB49DF05C165C63BF54550916E9 ft=1 fh=61ca867c73ed6be8 vn="MSIL/Tuguu.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\android\android.exe"
sh=D2B37778483E088311075794B9F2CD6B40A00807 ft=1 fh=f2316c61e164bded vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\fullpackage_temp1397373551\tmp\wpm.exe"
sh=B2141692BDF56352A137D83E9EC73D05C423D2E5 ft=1 fh=e9e99cb68f1bf246 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\is-2UQMF.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temp\nsb1316\SpSetup.exe"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\monetizationLoader[1].js"
sh=0CE78CDB7AE8C457229124E383DA64FBDE7AE471 ft=1 fh=fd716b0c5f46d82e vn="Win32/OutBrowse.R evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\88PJJIVH\SearchProtectGeneric4Setup[1].exe"
sh=1FBCCE3ECEBD5955F90E91C6B6B74EE06783CD66 ft=1 fh=cdd42cd0b2145c18 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ISIU47M9\spstub[1].exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[1].js"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\monetizationLoader[2].js"
sh=B435168FB8644A80A51086AA6569C52F7254982F ft=1 fh=0cc609d5f2e988a2 vn="Win32/OutBrowse.V evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KSJAHVHZ\setup.exe"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old.001\Users\Sandra.SandraSascha-PC\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YT6AQZDE\monetizationLoader[1].js"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.95  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
avast! Antivirus                
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.296  
 Adobe Reader XI  
 Mozilla Firefox (35.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Sandra Weilnau (administrator) on SANDRAWEILNAU on 02-02-2015 18:58:27
Running from C:\Users\Sandra Weilnau\Downloads
Loaded Profiles: Sandra Weilnau (Available profiles: Sandra Weilnau)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-01] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-338094041-3377201104-4203914905-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-338094041-3377201104-4203914905-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-338094041-3377201104-4203914905-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default
FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com/?fr=hp-avast&type=avastbcl
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-338094041-3377201104-4203914905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sandra Weilnau\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla\Firefox\Profiles\4qsoxp54.default\searchplugins\yahoo-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google Search) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Gmail) - C:\Users\Sandra Weilnau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-01]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\Sandra Weilnau\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-01] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-01] (Avast Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-01] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-01] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 18:57 - 2015-02-02 18:57 - 02131456 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64(1).exe
2015-02-02 18:49 - 2015-02-02 18:49 - 00852573 _____ () C:\Users\Sandra Weilnau\Downloads\SecurityCheck.exe
2015-02-02 11:29 - 2015-02-02 11:29 - 02347384 _____ (ESET) C:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe
2015-02-01 21:08 - 2015-02-01 21:08 - 00011312 _____ () C:\Users\Sandra Weilnau\Downloads\Addition.txt
2015-02-01 21:07 - 2015-02-02 18:58 - 00012716 _____ () C:\Users\Sandra Weilnau\Downloads\FRST.txt
2015-02-01 21:06 - 2015-02-01 21:07 - 02131456 _____ (Farbar) C:\Users\Sandra Weilnau\Downloads\FRST64.exe
2015-02-01 21:03 - 2015-02-01 21:03 - 00000947 _____ () C:\Users\Sandra Weilnau\Desktop\JRT.txt
2015-02-01 20:57 - 2015-02-01 20:57 - 01707939 _____ (Thisisu) C:\Users\Sandra Weilnau\Downloads\JRT.exe
2015-02-01 20:57 - 2015-02-01 20:57 - 00000000 ____D () C:\Windows\ERUNT
2015-02-01 20:47 - 2015-02-01 20:47 - 02194432 _____ () C:\Users\Sandra Weilnau\Downloads\AdwCleaner_4.109.exe
2015-02-01 20:45 - 2015-02-01 20:45 - 00001715 _____ () C:\Malware.txt
2015-02-01 20:20 - 2015-02-01 20:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-01 20:20 - 2015-02-01 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-01 20:19 - 2015-02-01 20:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-01 20:19 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-01 20:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-01 20:18 - 2015-02-01 20:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sandra Weilnau\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-01 18:55 - 2015-02-01 18:55 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-55-04.001-aswFe.exe-4204.log
2015-02-01 18:54 - 2015-02-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-54-58.096-AvastVBoxSVC.exe-4300.log
2015-02-01 18:49 - 2015-02-01 18:49 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-49-30.015-aswFe.exe-4584.log
2015-02-01 18:49 - 2015-02-01 18:49 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-49-24.003-AvastVBoxSVC.exe-4696.log
2015-02-01 18:32 - 2015-02-01 18:32 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-01 18:32 - 2015-02-01 18:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-01 18:31 - 2015-02-01 18:31 - 14107296 _____ (Microsoft Corporation) C:\Users\Sandra Weilnau\Downloads\mseinstall.exe
2015-02-01 18:26 - 2015-02-01 18:26 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-26-37.049-aswFe.exe-204.log
2015-02-01 18:23 - 2015-02-01 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-01-17-23-53.033-aswFe.exe-1664.log
2015-02-01 18:23 - 2015-02-01 18:23 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-23-49.090-AvastVBoxSVC.exe-4148.log
2015-02-01 18:17 - 2015-02-02 11:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-01 18:17 - 2015-02-01 18:17 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-01 18:17 - 2015-02-01 18:17 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-01 18:17 - 2015-02-01 18:17 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-01 18:17 - 2015-02-01 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-01 18:17 - 2015-02-01 11:28 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-01 18:17 - 2015-02-01 11:28 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-01 18:17 - 2015-02-01 11:28 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-01 18:07 - 2015-02-01 18:08 - 132469808 _____ (AVAST Software) C:\Users\Sandra Weilnau\Downloads\avast_free_antivirus_setup_10.2208.712.exe
2015-02-01 17:51 - 2015-02-01 17:51 - 00017145 _____ () C:\ComboFix.txt
2015-02-01 17:40 - 2015-02-01 17:51 - 00000000 ____D () C:\Qoobox
2015-02-01 17:40 - 2015-02-01 17:50 - 00000000 ____D () C:\Windows\erdnt
2015-02-01 17:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-01 17:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-01 17:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-01 17:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-01 17:35 - 2015-02-01 17:35 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-35-39.072-AvastVBoxSVC.exe-2744.log
2015-02-01 17:31 - 2015-02-01 17:31 - 05611408 ____R (Swearware) C:\Users\Sandra Weilnau\Downloads\ComboFix.exe
2015-02-01 17:22 - 2015-02-01 17:22 - 00000197 _____ () C:\Windows\system32\2015-02-01-16-22-30.078-AvastVBoxSVC.exe-3324.log
2015-02-01 15:18 - 2015-02-01 15:19 - 00000197 _____ () C:\Windows\system32\2015-02-01-14-18-53.031-AvastVBoxSVC.exe-2892.log
2015-02-01 12:41 - 2015-02-01 12:41 - 00000197 _____ () C:\Windows\system32\2015-02-01-11-41-52.065-AvastVBoxSVC.exe-2632.log
2015-02-01 12:34 - 2015-02-01 20:50 - 00000000 ____D () C:\AdwCleaner
2015-02-01 12:06 - 2015-02-01 12:07 - 00000247 _____ () C:\Windows\system32\2015-02-01-11-06-58.083-aswFe.exe-4672.log
2015-02-01 11:57 - 2015-02-01 12:06 - 00000247 _____ () C:\Windows\system32\2015-02-01-10-57-18.036-aswFe.exe-2404.log
2015-02-01 11:57 - 2015-02-01 11:57 - 00000197 _____ () C:\Windows\system32\2015-02-01-10-57-11.057-AvastVBoxSVC.exe-3064.log
2015-02-01 11:36 - 2015-02-01 11:36 - 06000640 _____ () C:\Program Files (x86)\GUTD136.tmp
2015-02-01 11:36 - 2015-02-01 11:36 - 00000000 ____D () C:\Program Files (x86)\GUMD135.tmp
2015-02-01 11:34 - 2015-02-01 11:34 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\AVAST Software
2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-02-01 11:32 - 2015-02-01 11:32 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-01 11:31 - 2015-02-01 11:40 - 00000000 ____D () C:\Program Files\Google
2015-02-01 11:28 - 2015-02-01 11:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-01 11:27 - 2015-02-01 11:27 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-01 11:26 - 2015-02-01 11:27 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-01 09:37 - 2015-02-02 14:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 09:37 - 2015-02-01 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 09:37 - 2015-02-01 09:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-01 09:36 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-01 09:28 - 2015-02-01 09:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-31 16:59 - 2015-02-02 18:58 - 00000000 ____D () C:\FRST
2015-01-27 10:13 - 2015-01-27 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-18 17:12 - 2015-02-02 11:20 - 00004754 _____ () C:\Windows\setupact.log
2015-01-18 17:12 - 2015-01-18 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 17:11 - 2015-02-01 20:51 - 00433512 _____ () C:\Windows\PFRO.log
2015-01-18 14:25 - 2015-01-18 14:25 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-01-18 14:24 - 2015-01-18 14:25 - 00000000 ____D () C:\Program Files (x86)\Safari
2015-01-18 14:22 - 2015-01-18 14:22 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Macromedia
2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-02-01 12:45 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Mozilla
2015-01-18 14:21 - 2015-01-18 14:21 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Mozilla
2015-01-18 14:20 - 2015-01-27 14:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 14:20 - 2015-01-18 14:20 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-16 12:25 - 2015-02-01 12:37 - 00000000 ____D () C:\Windows\system32\log
2015-01-14 15:20 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:19 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:19 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:19 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:19 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:19 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:19 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 15:19 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 18:22 - 2014-11-02 14:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 17:28 - 2014-06-10 18:16 - 01283731 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 11:29 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 11:29 - 2009-07-14 05:45 - 00026560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 11:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-01 20:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-02-01 20:39 - 2014-06-10 19:52 - 00000000 ____D () C:\temp
2015-02-01 18:32 - 2014-06-12 05:55 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-01 17:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-01 17:48 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-01 12:37 - 2014-06-10 18:44 - 00001013 _____ () C:\Users\Sandra Weilnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-01 12:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-01 11:35 - 2014-06-12 08:18 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Google
2015-01-27 12:25 - 2014-09-02 08:53 - 00000242 _____ () C:\Users\Sandra Weilnau\BullseyeCoverageError.txt
2015-01-26 10:22 - 2014-11-02 14:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 10:22 - 2014-06-10 19:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 10:22 - 2014-06-10 19:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 20:20 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\Apple Computer
2015-01-18 20:30 - 2014-06-11 04:10 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 20:30 - 2014-06-11 04:10 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 20:30 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-18 14:25 - 2014-09-21 15:08 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Local\Apple Computer
2015-01-18 13:58 - 2014-11-02 14:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-18 13:55 - 2014-11-02 14:31 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-14 17:26 - 2014-06-13 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:21 - 2014-06-13 18:27 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 19:54 - 2014-06-17 08:51 - 00000000 ____D () C:\Users\Sandra Weilnau\AppData\Roaming\vlc
2015-01-09 11:15 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-08 20:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-02-01 11:36 - 2015-02-01 11:36 - 6000640 _____ () C:\Program Files (x86)\GUTD136.tmp

Some content of TEMP:
====================
C:\Users\Sandra Weilnau\AppData\Local\Temp\Quarantine.exe
C:\Users\Sandra Weilnau\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 09:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 02.02.2015, 19:03   #14
emilyundbell
 
Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Sandra Weilnau at 2015-02-02 18:59:18
Running from C:\Users\Sandra Weilnau\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Unity Web Player (HKU\S-1-5-21-338094041-3377201104-4203914905-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-01-2015 13:45:27 Windows Update
18-01-2015 14:24:06 Installed Safari
21-01-2015 21:35:17 Windows Update
26-01-2015 09:09:59 Windows Update
29-01-2015 10:36:51 Windows Update
01-02-2015 09:29:13 Revo Uninstaller's restore point - WinZipper
01-02-2015 09:32:28 Revo Uninstaller's restore point - YAC(Yet Another Cleaner!)
01-02-2015 11:27:27 avast! antivirus system restore point
01-02-2015 11:49:37 Removed Java 8 Update 25
01-02-2015 11:50:38 Removed Java 8 Update 25 (64-bit)
01-02-2015 17:35:03 avast! antivirus system restore point
01-02-2015 18:16:01 avast! antivirus system restore point
01-02-2015 18:29:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-10 19:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03471EC2-D1EF-4912-A06D-6E3527413301} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {4F9168FA-DF64-4BDB-9DC2-F5CD7214BAD8} - System32\Tasks\{0BFD0BD1-B78A-48FB-BDB0-1D19DAEB6821} => pcalua.exe -a C:\Users\SANDRA~1\AppData\Local\Temp\{D132361B-7D51-4CA2-B31D-695926883B08}\InstallFlashPlayer.exe -d C:\Users\SANDRA~1\AppData\Local\Temp\IDC2.tmp -c -iv 6
Task: {582986BC-7704-4E3D-8A47-FEFDAF58E4B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {87EBAF50-877D-49CB-AB01-238381004950} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-01] (AVAST Software)
Task: {C6EF8342-447B-4602-9D82-E368285BE08E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE6C9AD6-19A0-4D00-AB3E-11F9E9E1A157} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F4CE997F-9700-4C42-BE97-8726373DF709} - System32\Tasks\{39E7ABE2-4635-4A33-A61A-5561D6505943} => pcalua.exe -a "C:\Users\Sandra Weilnau\AppData\Roaming\sweet-page\UninstallManager.exe" -c -ptid=cor
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2015-02-01 11:28 - 2015-02-01 11:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-01 20:13 - 2015-02-01 20:13 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-02 11:21 - 2015-02-02 11:21 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-01 11:28 - 2015-02-01 11:28 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-27 10:13 - 2015-01-27 10:14 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-26 10:22 - 2015-01-26 10:22 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-338094041-3377201104-4203914905-500 - Administrator - Disabled)
Gast (S-1-5-21-338094041-3377201104-4203914905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-338094041-3377201104-4203914905-1002 - Limited - Enabled)
Sandra Weilnau (S-1-5-21-338094041-3377201104-4203914905-1000 - Administrator - Enabled) => C:\Users\Sandra Weilnau

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 06:45:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/02/2015 06:43:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 170650

Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 170650

Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 458347

Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 458347

Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/02/2015 11:29:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/02/2015 11:29:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/02/2015 06:17:09 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (02/02/2015 03:36:06 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (02/02/2015 11:20:21 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (02/02/2015 11:20:21 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================
Error: (02/02/2015 06:45:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (02/02/2015 06:43:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe

Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 170650

Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 170650

Error: (02/02/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 458347

Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 458347

Error: (02/02/2015 03:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/02/2015 11:29:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe

Error: (02/02/2015 11:29:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sandra Weilnau\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X2 260 Processor
Percentage of memory in use: 62%
Total physical RAM: 3839.18 MB
Available physical RAM: 1448.89 MB
Total Pagefile: 7676.54 MB
Available Pagefile: 5060.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:77.65 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.08 GB) (Free:0.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 02C0D7BF)
Partition 1: (Active) - (Size=84 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Bekomm ich eine kleine Erklärung dazu -WAS- sich da auf meinem Rechner getan hat?!
__________________

Alt 03.02.2015, 07:50   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner/Viren Infizierung per Post von der Telekom - Standard

Trojaner/Viren Infizierung per Post von der Telekom



Wir haben Adware entfernt. Ordner Windows.old komplett löschen.

Bestehen die Probleme mit der Werbung aktuell noch?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Trojaner/Viren Infizierung per Post von der Telekom
ahnung, brief, freue, heute, infizierung, langsam, neu, rechner, riesig, schön, suche, telekom, troja, trojaner, verseucht, viren, wirklich, würde




Ähnliche Themen: Trojaner/Viren Infizierung per Post von der Telekom


  1. Was macht syshost32 - Post von der Telekom
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (1)
  2. Gebrauchtes Notebook, mögliche Infizierung mit Viren?
    Plagegeister aller Art und deren Bekämpfung - 09.03.2015 (10)
  3. Deutsche Telekom Brief vom Abuse Team Virus/Trojaner infizierung
    Log-Analyse und Auswertung - 16.01.2015 (27)
  4. Post von Telekom Abuse wegen Spammail. Mailausgang gesperrt.
    Log-Analyse und Auswertung - 20.09.2014 (16)
  5. Avira erkennt Viren nach öffnen einer falschen Telekom-Email
    Log-Analyse und Auswertung - 18.06.2014 (11)
  6. Telekom - Abuse Team: Über meine e-mailadresse wurden Viren versandt
    Plagegeister aller Art und deren Bekämpfung - 09.02.2014 (15)
  7. Schreiben der Telekom , unser Anschluss sei infiziert und versende Trojaner/Viren , drohende Sperre ?
    Plagegeister aller Art und deren Bekämpfung - 16.01.2014 (15)
  8. post von der Telekom
    Plagegeister aller Art und deren Bekämpfung - 17.12.2013 (4)
  9. Post von der Telekom, infiziert mit dem ZBot/ZeuS
    Log-Analyse und Auswertung - 03.12.2013 (3)
  10. Telekom-Brief: Viren/Trojaner
    Log-Analyse und Auswertung - 03.11.2013 (17)
  11. GVU Trojaner Infizierung
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (14)
  12. Post von der Telekom (ZeuS/ZBot)
    Plagegeister aller Art und deren Bekämpfung - 26.11.2012 (4)
  13. Telekom Post: (Erneute) Sicherheitswarnung zu Ihrem Internet-Zugang
    Log-Analyse und Auswertung - 09.11.2012 (4)
  14. Telekom Brief (per Post) vom Abuse Team - PC 1
    Log-Analyse und Auswertung - 26.10.2012 (8)
  15. Post von der Telekom & TrojanFakeMS
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (3)
  16. Post von der Telekom Exploit Java, TrojanSpy usw
    Log-Analyse und Auswertung - 04.08.2012 (2)
  17. Viren Probleme - Hijack post vorhanden
    Log-Analyse und Auswertung - 07.06.2008 (1)

Zum Thema Trojaner/Viren Infizierung per Post von der Telekom - Hallo, ich bin neu hier und suche, wie alle Hilfe. Heute kam per Post in Brief der Telekom, das mind. 1 Rechner im Haus mit Trojaner oder Viren verseucht sei. - Trojaner/Viren Infizierung per Post von der Telekom...
Archiv
Du betrachtest: Trojaner/Viren Infizierung per Post von der Telekom auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.