| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: iexplore.exe virus und ständige browser AbstürzeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.08.2015, 17:29
| #1 |
| |  iexplore.exe virus und ständige browser Abstürze Hi, seit einiger Zeit öffnet sich im Taskmanager immer wieder eine iexplore.exe diese geht nicht zu schließen und die cpu auslastung liegt dann bei 100 %. Ich dachte dann ich hätte das Problem gelöst allerdings kehrte es nach einiger Zeit wieder und nun habe ich auch Probleme mit chrome, das sich immer wieder einfach beendet. Ein Scan mit Avast hat nichts ergeben. Vielleicht kann jemand helfen. Habe auch OTL logfiles. Danke |
|
07.08.2015, 17:34
| #2 |
| /// the machine /// TB-Ausbilder    | iexplore.exe virus und ständige browser Abstürze hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.08.2015, 17:58
| #3 |
| | iexplore.exe virus und ständige browser AbstürzeCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-08-2015 durchgeführt von ****** (Administrator) auf ******-PC (07-08-2015 18:42:56) Gestartet von C:\Users\******\Downloads Geladene Profile: ****** (Verfügbare Profile: ******) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 10 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (SecurityUtility) C:\ProgramData\SecurityUtility\SecurityUtility.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe (SecurityUtility) C:\ProgramData\SecurityUtility\SecurityUtility.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Internet Web ) C:\Users\******\Desktop\windows7-homepremium-sp1-64.exe (Portmon/EE) C:\Users\******\AppData\Local\Temp\is628679143\2610EDB8_stp\June3_3899_cornl_istartsurf.exe (TermCoach) C:\Program Files (x86)\TermCoach_1.10.0.21\Service\tcsvc.exe (Malwarebytes Corporation) C:\Users\******\AppData\Local\Temp\E592A50D-87A9-437F-9F9B-31AA642D3A9Bmp\mbamdor.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe konnte nicht auf den Prozess zugreifen -> WUDFHost.exe (OldTimer Tools) C:\Users\******\Downloads\OTL.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (The Chromium Authors) C:\Users\******\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) C:\Users\******\AppData\Local\Chromium\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-01] (AVAST Software) HKU\S-1-5-21-324559553-332125348-1769396688-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-324559553-332125348-1769396688-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-06-08] (Lavasoft) HKU\S-1-5-21-324559553-332125348-1769396688-1000\...\Run: [GoogleChromeAutoLaunch_E6424B5EE7B77C439194E33868CE1FC6] => C:\Users\******\AppData\Local\Chromium\Application\chrome.exe [664576 2015-07-21] (The Chromium Authors) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-01] (AVAST Software) GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} HKU\S-1-5-21-324559553-332125348-1769396688-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzzzzyEtA0C0BtB0EzzzzyC0EtC0CyEtN0D0Tzu0StCtAtCyEtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyD0ByEyD0FyEtCyCtGyB0A0AtCtGyEyEzztAtGtC0AyC0CtGyDtDzztDyCzy0AzztCyCzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDtDtD0D0CyBtAtG0FyEtBzztGyE0EtD0CtG0B0EyD0DtGyBzztC0Dzyzy0DyE0EtCyByD2QtN0A0LzutB%26cr%3D425699616%26a%3Dwncy_ir_15_32%26os%3DWindows%2B7%2BHome%2BPremium HKU\S-1-5-21-324559553-332125348-1769396688-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-324559553-332125348-1769396688-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 HKU\S-1-5-21-324559553-332125348-1769396688-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-324559553-332125348-1769396688-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzzzzyEtA0C0BtB0EzzzzyC0EtC0CyEtN0D0Tzu0StCtAtCyEtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyD0ByEyD0FyEtCyCtGyB0A0AtCtGyEyEzztAtGtC0AyC0CtGyDtDzztDyCzy0AzztCyCzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDtDtD0D0CyBtAtG0FyEtBzztGyE0EtD0CtG0B0EyD0DtGyBzztC0Dzyzy0DyE0EtCyByD2QtN0A0LzutB%26cr%3D425699616%26a%3Dwncy_ir_15_32%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-324559553-332125348-1769396688-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-324559553-332125348-1769396688-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-324559553-332125348-1769396688-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438958203&z=b01818dd09fdd3e6d1da3f0gbzbc0b7tfw6b3g7o6t&from=cornl&uid=WDCXWD2500BEVT-22ZCT0_WD-WXM0A998567885678&q={searchTerms} SearchScopes: HKU\S-1-5-21-324559553-332125348-1769396688-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = SearchScopes: HKU\S-1-5-21-324559553-332125348-1769396688-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzzzzyEtA0C0BtB0EzzzzyC0EtC0CyEtN0D0Tzu0StCtAtCyEtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyD0ByEyD0FyEtCyCtGyB0A0AtCtGyEyEzztAtGtC0AyC0CtGyDtDzztDyCzy0AzztCyCzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDtDtD0D0CyBtAtG0FyEtBzztGyE0EtD0CtG0B0EyD0DtGyBzztC0Dzyzy0DyE0EtCyByD2QtN0A0LzutB%26cr%3D425699616%26a%3Dwncy_ir_15_32%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} BHO: No Name -> {72CD6B70-BBD3-B912-5E2E-2CD8C739E00C} -> Keine Datei BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-01] (AVAST Software) BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] () BHO-x32: No Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Keine Datei BHO-x32: No Name -> {72CD6B70-BBD3-B912-5E2E-2CD8C739E00C} -> Keine Datei BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-01] (AVAST Software) BHO-x32: No Name -> {E6D66045-F951-4DBF-962E-993B4FB6A9E0} -> C:\Users\******\AppData\LocalLow\Browser-Security\safe_url.dll [2015-06-22] () Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-07-31] (Lavasoft Limited) Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-07-31] (Lavasoft Limited) Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-07-31] (Lavasoft Limited) Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-07-31] (Lavasoft Limited) Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-07-31] (Lavasoft Limited) Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-07-31] (Lavasoft Limited) Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-07-31] (Lavasoft Limited) Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-07-31] (Lavasoft Limited) Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-07-31] (Lavasoft Limited) Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-07-31] (Lavasoft Limited) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{2291EA67-6808-4371-8E08-3E396B1892FC}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{BD655A75-7962-442D-9A30-989A6D75879B}: [DhcpNameServer] 172.20.10.1 FireFox: ======== FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-01] Chrome: ======= CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-28] CHR Extension: (Adblock Plus) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-30] CHR Extension: (Adblock for Youtube™) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-07-02] CHR Extension: (Google Search) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-28] CHR Extension: (Bustatech theme) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnohflgafpephcmdnnghnhappjbdfbko [2015-07-01] CHR Extension: (Google Play) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-07-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-30] CHR Extension: (Chrome Web Store Payments) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-28] CHR Extension: (Deezer) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-07-16] CHR Extension: (Gmail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28] CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-01] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-05-24] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-01] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-01] (AVAST Software) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-31] (Realsil Microelectronics Inc.) [Datei ist nicht signiert] R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-06-08] (Lavasoft Limited) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-06-08] () R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 tcsvc_1.10.0.21; C:\Program Files (x86)\TermCoach_1.10.0.21\Service\tcsvc.exe [300120 2015-07-28] (TermCoach) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579904 2015-04-30] (WiseCleaner.com) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-01] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-01] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-01] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-01] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-08-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-01] (AVAST Software) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-08-01] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-01] (AVAST Software) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-01] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R1 tcfd_vt_1_10_0_21; C:\Windows\System32\drivers\tcfd_vt_1_10_0_21.sys [61312 2015-07-28] (TermCoach) R2 WiseFs; C:\Windows\WiseFs64.sys [13264 2015-06-29] (WiseCleaner.com) S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-07-01] (wisecleaner.com) R1 WiseUnlock; C:\Windows\WiseUnlock64.sys [12240 2015-05-19] (WiseCleaner.com) S3 andnetadb; System32\Drivers\lgandnetadb.sys [X] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X] S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X] S3 avchv; system32\DRIVERS\avchv.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X] S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-07 18:42 - 2015-08-07 18:43 - 00021624 _____ C:\Users\******\Downloads\FRST.txt 2015-08-07 18:41 - 2015-08-07 18:43 - 00000000 ____D C:\FRST 2015-08-07 18:41 - 2015-08-07 18:41 - 02170368 _____ (Farbar) C:\Users\******\Downloads\FRST64.exe 2015-08-07 18:36 - 2015-08-07 18:39 - 2682257408 _____ C:\Users\******\Downloads\windows7-homepremium-sp1-64.exe 2015-08-07 18:07 - 2015-08-07 18:07 - 00002014 _____ C:\Users\******\Desktop\Chromium.lnk 2015-08-07 18:06 - 2015-08-07 18:06 - 00000000 ____D C:\Users\******\AppData\Local\Chromium 2015-08-07 18:04 - 2015-08-07 18:04 - 00003226 _____ C:\Windows\System32\Tasks\UpdateTask 2015-08-07 18:04 - 2015-08-07 18:04 - 00000278 _____ C:\Windows\Tasks\UpdateTask.job 2015-08-07 18:03 - 2015-08-07 18:03 - 00003058 _____ C:\Windows\System32\Tasks\Registry Optimizer_UPDATES 2015-08-07 18:03 - 2015-08-07 18:03 - 00002902 _____ C:\Windows\System32\Tasks\Registry Optimizer_DEFAULT 2015-08-07 18:03 - 2015-08-07 18:03 - 00000308 _____ C:\Windows\Tasks\Registry Optimizer_UPDATES.job 2015-08-07 18:03 - 2015-08-07 18:03 - 00000300 _____ C:\Windows\Tasks\Registry Optimizer_DEFAULT.job 2015-08-07 18:02 - 2015-08-07 18:04 - 00000000 ____D C:\Users\******\AppData\Local\{B8698E35-9CC1-E28D-F159-C765D5313BFD} 2015-08-07 18:02 - 2015-08-07 18:02 - 00003136 _____ C:\Windows\System32\Tasks\Registry Optimizer 2015-08-07 18:01 - 2015-08-07 18:02 - 00000000 ____D C:\Program Files (x86)\WinZip Registry Optimizer 2015-08-07 18:01 - 2015-08-07 18:01 - 00001086 _____ C:\Users\Public\Desktop\WinZip Registry Optimizer.lnk 2015-08-07 18:01 - 2015-08-07 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer 2015-08-07 18:00 - 2015-08-07 18:00 - 00001193 _____ C:\Users\******\Desktop\Die Installation von Windows 7 ISO fortsetzen.lnk 2015-08-07 17:59 - 2015-08-07 18:35 - 00048746 _____ C:\Users\******\Desktop\Extras.Txt 2015-08-07 17:55 - 2015-08-07 18:37 - 00208196 _____ C:\Users\******\Desktop\OTL.Txt 2015-08-07 17:55 - 2015-08-07 17:55 - 00048698 _____ C:\Users\******\Downloads\Extras.Txt 2015-08-07 17:54 - 2015-08-07 17:54 - 00208032 _____ C:\Users\******\Downloads\OTL.Txt 2015-08-07 17:29 - 2015-08-07 17:29 - 00602112 _____ (OldTimer Tools) C:\Users\******\Downloads\OTL.exe 2015-08-07 17:00 - 2015-08-07 17:00 - 00027239 _____ C:\Users\******\Documents\trojanprotokolllog.xml 2015-08-07 16:47 - 2015-08-07 16:47 - 2682257408 _____ C:\Users\******\Downloads\windows7-homepremium-sp1-64 [1].exe 2015-08-07 16:36 - 2015-08-07 16:36 - 00003116 _____ C:\Windows\System32\Tasks\WinZip Malware Protector_startup 2015-08-07 16:36 - 2015-08-07 16:36 - 00000000 ____D C:\Users\******\AppData\Roaming\istartsurf 2015-08-07 16:35 - 2015-08-07 18:02 - 00000000 ____D C:\Users\******\AppData\Roaming\Nico Mak Computing 2015-08-07 16:35 - 2015-08-07 16:36 - 00000000 ____D C:\Program Files (x86)\TermCoach_1.10.0.21 2015-08-07 16:35 - 2015-08-07 16:35 - 00001149 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk 2015-08-07 16:35 - 2015-08-07 16:35 - 00000000 ____D C:\ProgramData\Nico Mak Computing 2015-08-07 16:35 - 2015-08-07 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector 2015-08-07 16:35 - 2015-08-07 16:35 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector 2015-08-07 16:35 - 2015-03-17 11:03 - 00020480 _____ C:\Windows\system32\wsusnative64.exe 2015-08-07 16:32 - 2015-08-07 16:31 - 00894960 ____N (Internet Web ) C:\Users\******\Desktop\windows7-homepremium-sp1-64.exe 2015-08-07 16:32 - 2015-08-07 16:31 - 00854200 ____N C:\Users\******\Desktop\windows7-homepremium-sp1-64.zip 2015-08-07 16:31 - 2015-08-07 16:32 - 00854499 _____ C:\Users\******\Downloads\windows7-homepremium-sp1-64.zip 2015-08-07 02:18 - 2015-08-07 16:13 - 00070183 _____ C:\Windows\WindowsUpdate.log 2015-08-07 02:16 - 2015-08-07 02:16 - 00063568 _____ C:\Users\******\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-07 02:15 - 2015-08-07 16:09 - 00001019 _____ C:\Windows\setupact.log 2015-08-07 02:15 - 2015-08-07 02:15 - 00292456 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-07 02:15 - 2015-08-07 02:15 - 00000368 _____ C:\Windows\PFRO.log 2015-08-07 02:15 - 2015-08-07 02:15 - 00000000 _____ C:\Windows\setuperr.log 2015-08-01 20:33 - 2015-08-01 20:33 - 00013815 _____ C:\Users\******\Downloads\Malwarebytes Anti-Malware Premium 2.1.4.1018 full key license.torrent 2015-08-01 20:01 - 2015-08-01 20:01 - 01061244 _____ C:\Users\******\Downloads\Malwarebytes Anti-Malware Premium Keys.txt 2015-08-01 19:25 - 2015-08-01 19:28 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-01 19:25 - 2015-08-01 19:25 - 00001062 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-01 19:25 - 2015-08-01 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-01 19:25 - 2015-08-01 19:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-01 19:25 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-01 19:25 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-08-01 19:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-08-01 19:20 - 2015-08-01 19:21 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\******\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-01 19:03 - 2015-08-01 19:03 - 00001922 _____ C:\Users\Public\Desktop\Avast Premier.lnk 2015-08-01 19:02 - 2015-08-01 19:02 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-08-01 19:01 - 2015-08-01 19:01 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2015-08-01 19:01 - 2015-08-01 19:01 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-08-01 17:03 - 2015-08-01 18:54 - 00000000 ____D C:\Users\******\Desktop\Uninstall Utility 2015-08-01 17:03 - 2015-08-01 18:54 - 00000000 ____D C:\Users\******\Desktop\SecureLine VPN License 2015-08-01 17:03 - 2015-08-01 18:54 - 00000000 ____D C:\Users\******\Desktop\Antivirus License 2015-08-01 16:30 - 2015-08-01 16:30 - 00000000 ____D C:\Users\******\AppData\Roaming\AVAST Software 2015-08-01 16:28 - 2015-08-01 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-08-01 16:28 - 2015-08-01 17:44 - 00001982 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk 2015-08-01 16:27 - 2015-08-07 02:17 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-01 16:27 - 2015-08-01 19:02 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-08-01 16:27 - 2015-08-01 19:02 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-08-01 16:27 - 2015-08-01 19:02 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-08-01 16:27 - 2015-08-01 19:02 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-08-01 16:27 - 2015-08-01 19:02 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-08-01 16:27 - 2015-08-01 19:02 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-08-01 16:27 - 2015-08-01 19:02 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-08-01 16:27 - 2015-08-01 19:01 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2015-08-01 16:27 - 2015-08-01 19:01 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2015-08-01 16:25 - 2015-08-01 16:25 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys 2015-08-01 16:23 - 2015-08-01 16:23 - 00000000 ____D C:\Program Files\AVAST Software 2015-08-01 16:21 - 2015-08-01 16:21 - 00000000 ____D C:\Users\******\Downloads\Uninstall Utility 2015-08-01 16:21 - 2015-08-01 16:21 - 00000000 ____D C:\Users\******\Downloads\SecureLine VPN License 2015-08-01 16:21 - 2015-08-01 16:21 - 00000000 ____D C:\Users\******\Downloads\Antivirus License5 2015-08-01 16:21 - 2015-03-10 23:08 - 00000188 _____ C:\Users\******\Downloads\Support!.url 2015-08-01 16:21 - 2015-03-10 23:06 - 00000195 _____ C:\Users\******\Downloads\Get Reward!.url 2015-08-01 12:02 - 2015-08-01 12:05 - 00000000 ____D C:\Users\******\Desktop\Alles vom Jealbrake 2015-08-01 10:53 - 2015-08-01 10:53 - 03460198 _____ (Lichonos Vladimir ) C:\Users\******\Downloads\xwdock2.03-installer.exe 2015-08-01 10:53 - 2015-08-01 10:53 - 00000000 ____D C:\Users\******\AppData\Roaming\XWindows Dock 2015-08-01 10:53 - 2015-08-01 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XWindows Dock 2015-08-01 10:53 - 2015-08-01 10:53 - 00000000 ____D C:\Program Files (x86)\XWindows Dock 2015-08-01 09:24 - 2015-08-07 02:09 - 00000000 ____D C:\Users\******\Desktop\Neuer Ordner 2015-08-01 05:03 - 2015-08-01 05:04 - 39842216 _____ C:\Users\******\Downloads\Firefox-Setup-35.0.exe 2015-08-01 04:06 - 2015-08-01 08:57 - 00000000 ___HD C:\Users\******\Desktop\Automatisch zu iTunes hinzufügen 2015-08-01 01:44 - 2015-08-01 01:44 - 00368640 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\ReWire.dll 2015-08-01 01:44 - 2015-08-01 01:44 - 00233472 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\REX Shared Library.dll 2015-08-01 01:44 - 2015-08-01 01:44 - 00000000 ____D C:\ProgramData\Propellerhead Software 2015-08-01 01:43 - 2015-08-01 01:44 - 00000000 ____D C:\Users\******\AppData\Roaming\Propellerhead Software 2015-08-01 01:42 - 2015-08-01 01:42 - 00001071 _____ C:\Users\Public\Desktop\Reason Demo.lnk 2015-08-01 01:42 - 2015-08-01 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead 2015-08-01 01:41 - 2015-08-01 01:41 - 00000000 ____D C:\Users\******\Downloads\ReasonDemo_win 2015-08-01 01:41 - 2015-08-01 01:41 - 00000000 ____D C:\Program Files (x86)\Propellerhead 2015-08-01 00:46 - 2015-08-01 01:40 - 148810702 _____ C:\Users\******\Downloads\ReasonDemo_win.zip 2015-08-01 00:46 - 2015-08-01 00:47 - 00478263 _____ C:\Users\******\Downloads\com.tak.blip_39 (1).apk 2015-08-01 00:40 - 2015-08-01 00:40 - 00478263 _____ C:\Users\******\Downloads\com.tak.blip_39.apk 2015-08-01 00:30 - 2015-08-01 00:32 - 03496448 _____ (VirtualS) C:\Users\******\Downloads\vblsetupSW35.exe 2015-07-31 22:58 - 2015-06-29 15:30 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-31 22:58 - 2015-06-29 15:27 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-31 22:57 - 2015-07-02 22:31 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-31 22:57 - 2015-07-02 21:15 - 14384640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-31 22:57 - 2015-07-02 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-07-31 22:57 - 2015-07-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-07-31 17:34 - 2015-07-31 17:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-07-31 16:47 - 2015-07-31 16:47 - 00000305 ____H C:\Users\******\Desktop\.iTunes Preferences.plist 2015-07-31 16:23 - 2015-07-31 16:23 - 15415296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 13771264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-31 16:23 - 2015-07-31 16:23 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-31 16:23 - 2015-07-31 16:23 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2015-07-31 16:23 - 2015-07-31 16:23 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2015-07-31 16:23 - 2015-07-31 16:23 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-07-31 16:23 - 2015-07-31 16:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-07-31 16:23 - 2015-07-31 16:23 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-07-31 16:23 - 2015-07-31 16:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-07-31 16:23 - 2015-07-31 16:23 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2015-07-31 16:23 - 2015-07-31 16:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-07-31 16:23 - 2015-07-31 16:23 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-07-31 07:50 - 2015-07-31 07:50 - 00000000 ____D C:\Users\******\AppData\Roaming\iThmb Converter 2015-07-31 07:39 - 2015-07-31 07:39 - 00001046 _____ C:\Users\Public\Desktop\iThmb Converter.lnk 2015-07-31 07:39 - 2015-07-31 07:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iThmb Converter 2015-07-31 07:38 - 2015-07-31 07:39 - 00000000 ____D C:\Program Files (x86)\iThmb Converter 2015-07-31 07:37 - 2015-07-31 07:38 - 10518693 _____ (Dec Software ) C:\Users\******\Downloads\iThmbConverterSetup.exe 2015-07-31 05:29 - 2015-07-31 05:29 - 01198368 ___RH C:\Users\******\Desktop\PhoneClean - CHIP-Installer (1).exe 2015-07-31 05:25 - 2015-07-31 05:25 - 01198368 _____ C:\Users\******\Downloads\PhoneClean - CHIP-Installer.exe 2015-07-31 03:48 - 2015-07-31 04:14 - 00002896 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini 2015-07-31 03:48 - 2015-07-31 04:14 - 00002896 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini 2015-07-31 03:48 - 2015-07-31 03:48 - 00000000 ____D C:\Users\******\AppData\Local\Lavasoft 2015-07-31 03:47 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll 2015-07-31 03:47 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll 2015-07-31 03:46 - 2015-07-31 03:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2015-07-31 03:45 - 2015-08-01 16:35 - 00000000 ____D C:\Users\******\AppData\Roaming\Lavasoft 2015-07-31 03:45 - 2015-08-01 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2015-07-31 03:39 - 2015-08-01 16:35 - 00000000 ____D C:\ProgramData\Lavasoft 2015-07-31 03:36 - 2015-07-31 03:38 - 02009904 _____ C:\Users\******\Downloads\Adaware_Installer_11.7.exe 2015-07-31 01:29 - 2015-07-31 01:30 - 00304857 _____ C:\Users\******\Downloads\HijackThis_205.zip 2015-07-31 00:08 - 2015-07-31 00:08 - 00000000 ____D C:\Program Files\Common Files\AV 2015-07-30 23:19 - 2015-07-31 02:55 - 00000000 ____D C:\ProgramData\Emsisoft 2015-07-30 22:33 - 2015-07-30 22:33 - 00000000 ____D C:\Windows\SysWOW64\sda 2015-07-30 22:32 - 2015-07-30 22:32 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-07-30 22:32 - 2011-03-31 11:13 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll 2015-07-30 22:32 - 2011-03-31 11:12 - 00337512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys 2015-07-30 22:31 - 2015-07-30 22:31 - 00003164 _____ C:\Windows\System32\Tasks\{5E203837-81D9-4BEE-8E85-99B0859CC359} 2015-07-30 22:30 - 2011-03-31 20:30 - 11702904 _____ C:\Users\******\Documents\REDMCC-00248446-0042.EXE 2015-07-30 22:29 - 2015-07-30 22:29 - 11637545 _____ C:\Users\******\Downloads\REDMCC-00248446-0042.zip 2015-07-30 21:54 - 2011-03-31 10:19 - 00077936 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys 2015-07-30 21:49 - 2011-07-05 00:37 - 167023224 _____ C:\Users\******\Documents\A2DVID-00252645-0042.EXE 2015-07-30 21:48 - 2011-03-31 19:28 - 01801336 _____ C:\Users\******\Documents\AHDETH-00248443-0042.EXE 2015-07-30 21:47 - 2015-07-30 21:48 - 58180051 _____ C:\Users\******\Downloads\A2DOTH-00247185-0042.zip 2015-07-30 21:45 - 2015-07-30 21:45 - 01755503 _____ C:\Users\******\Downloads\AHDETH-00248443-0042.zip 2015-07-30 21:07 - 2015-07-30 21:09 - 15365072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\******\Downloads\Samsung_USB-Driver_for_Mobile_Phones-1.5.27.0.exe 2015-07-30 13:00 - 2015-07-30 13:00 - 15384576 _____ C:\Windows\system32\config\SYSTEM.sav.LOG 2015-07-30 12:57 - 2015-07-30 13:00 - 69038080 _____ C:\Windows\system32\config\SOFTWARE.sav.LOG 2015-07-30 12:56 - 2015-07-30 12:56 - 00057344 _____ C:\Windows\system32\config\SAM.sav.LOG 2015-07-30 12:56 - 2015-07-30 12:56 - 00020480 _____ C:\Windows\system32\config\SECURITY.sav.LOG 2015-07-30 12:54 - 2015-07-30 13:01 - 00001660 _____ C:\Windows\system32\ASOROSet.bin 2015-07-30 12:54 - 2015-07-30 12:54 - 00000000 ____D C:\Windows\system32\config\RCCBakup 2015-07-30 12:43 - 2015-07-30 12:43 - 00000000 ____D C:\ProgramData\SaveCode 2015-07-30 12:35 - 2015-07-31 08:43 - 00000000 ____D C:\Users\******\Downloads\licencekeyforwinthruster 2015-07-30 12:34 - 2015-07-30 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-07-30 12:34 - 2015-07-30 12:34 - 00000000 ____D C:\Program Files\7-Zip 2015-07-30 12:33 - 2015-07-30 12:34 - 01331823 _____ (Igor Pavlov) C:\Users\******\Downloads\7z1505-x64.exe 2015-07-29 22:50 - 2015-08-01 17:48 - 00000000 ____D C:\Users\******\Documents\Anti-Malware 2015-07-29 22:46 - 2015-07-30 13:09 - 00000000 ____D C:\Users\******\AppData\Roaming\Solvusoft 2015-07-29 22:46 - 2014-09-30 16:07 - 00019120 _____ (WinZip Computing, S.L.(WinZip Computing)) C:\Windows\system32\roboot64.exe 2015-07-29 22:40 - 2015-07-29 22:40 - 00000000 ____D C:\Users\******\Documents\Windows7_PID_KEY_CHECKER_v.1.0.1 2015-07-29 22:38 - 2009-08-23 16:52 - 00000000 ____D C:\Users\******\Downloads\Windows7.PID.KEY.CHECKER.v.1.0.1 2015-07-29 22:36 - 2015-07-29 22:36 - 00788409 _____ C:\Users\******\Downloads\Windows7_PID_KEY_CHECKER_v.1.0.1.rar 2015-07-29 22:26 - 2015-07-29 22:45 - 232169488 _____ (Emsisoft GmbH ) C:\Users\******\Downloads\EmsisoftAntiMalwareSetup_solvusoft.exe 2015-07-28 23:43 - 2015-07-28 23:43 - 00061312 _____ (TermCoach) C:\Windows\system32\Drivers\tcfd_vt_1_10_0_21.sys 2015-07-28 23:43 - 2015-07-28 23:43 - 00057728 _____ (TermCoach) C:\Windows\system32\Drivers\tcfd_vw_1_10_0_21.sys 2015-07-28 21:03 - 2015-07-28 21:03 - 00505924 _____ C:\Users\******\Downloads\icons (5).psd 2015-07-28 20:54 - 2015-07-28 20:54 - 00505924 _____ C:\Users\******\Downloads\icons (4).psd 2015-07-28 20:38 - 2015-07-28 20:38 - 00000000 ____D C:\Users\******\AppData\Local\CEF 2015-07-28 20:36 - 2015-07-28 20:36 - 00505924 _____ C:\Users\******\Downloads\icons (3).psd 2015-07-28 20:36 - 2015-07-28 20:36 - 00505924 _____ C:\Users\******\Downloads\icons (2).psd 2015-07-28 20:36 - 2015-07-28 20:36 - 00505924 _____ C:\Users\******\Downloads\icons (1).psd 2015-07-28 19:32 - 2015-07-28 19:32 - 00000000 ____D C:\Users\******\Downloads\wz402c 2015-07-28 19:28 - 2015-07-28 19:28 - 00815068 _____ C:\Users\******\Downloads\supernova_icons_by_sinisa91g-d5m89i7.rar 2015-07-28 19:27 - 2015-07-28 19:27 - 00870188 _____ C:\Users\******\Downloads\mmii_flat_icons_vol_1_by_stalker018-d67vr1s (1).zip 2015-07-28 19:26 - 2015-07-28 19:26 - 00870188 _____ C:\Users\******\Downloads\mmii_flat_icons_vol_1_by_stalker018-d67vr1s.zip 2015-07-28 19:20 - 2015-07-28 19:20 - 00505924 _____ C:\Users\******\Downloads\icons.psd 2015-07-28 18:56 - 2015-07-29 15:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-28 18:56 - 2015-07-28 18:56 - 00000000 ____D C:\ProgramData\McAfee 2015-07-28 18:55 - 2015-07-28 18:55 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-07-28 18:55 - 2015-07-28 18:55 - 00002007 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-07-28 18:54 - 2015-07-28 21:47 - 00000000 ____D C:\ProgramData\Adobe 2015-07-28 18:51 - 2015-07-28 20:38 - 00000000 ____D C:\Users\******\AppData\Local\Adobe 2015-07-28 18:16 - 2015-07-31 07:17 - 00000000 ____D C:\Users\******\AppData\Local\Apple Inc 2015-07-28 17:39 - 2015-07-28 17:41 - 71807792 _____ (Apple Inc.) C:\Users\******\Downloads\iCloudSetup.exe 2015-07-28 14:25 - 2015-07-28 14:26 - 35254622 _____ C:\Users\******\Downloads\AllIcons.zip 2015-07-28 13:33 - 2015-07-28 13:34 - 05767806 _____ C:\Users\******\Downloads\osxicontemplate_v1.0.zip 2015-07-28 09:59 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150728-095931.backup 2015-07-28 05:40 - 2015-07-28 05:40 - 06139872 _____ C:\Users\******\Downloads\org.zooper.zwpro_2.60_paid-www.apkhere.com.apk 2015-07-28 02:26 - 2015-07-28 02:26 - 11573771 _____ C:\Users\******\Downloads\BeautifulWidgets Pro v5.7.2 apkmania.com.rar 2015-07-28 02:24 - 2015-07-28 02:25 - 21684688 _____ C:\Users\******\Downloads\3D icon Pack theme v1.1 apakrchive.com.zip 2015-07-28 01:30 - 2015-07-28 01:31 - 01061189 _____ C:\Users\******\Downloads\WinZip PRO Keys.txt 2015-07-28 01:12 - 2015-07-28 01:12 - 00717007 _____ C:\Users\******\Downloads\Lightning Launcher_12.3.1 (r2100).apk 2015-07-27 23:50 - 2015-07-27 23:50 - 00123911 _____ C:\Users\******\Downloads\SD_Maid_Pro_-_Unlocker_3.1.0.2__WapDic.Com.apk 2015-07-27 23:40 - 2015-07-27 23:41 - 07841447 _____ C:\Users\******\Downloads\com.keramidas.TitaniumBackupPro_quickdownload_309.apk 2015-07-27 21:18 - 2015-07-27 21:18 - 00001753 _____ C:\Users\******\Desktop\iTunes.lnk 2015-07-27 21:18 - 2015-07-27 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-07-27 21:17 - 2015-07-27 21:18 - 00000000 ____D C:\Program Files\iTunes 2015-07-27 21:17 - 2015-07-27 21:17 - 00000000 ____D C:\Program Files\iPod 2015-07-27 21:17 - 2015-07-27 21:17 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-07-27 20:57 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2015-07-27 20:56 - 2015-07-27 21:17 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-07-27 18:31 - 2015-07-27 18:31 - 01302408 _____ C:\Users\******\Downloads\Superuser-3.1.3__46___-efghi-signed_Final.rar 2015-07-27 18:23 - 2015-07-27 18:27 - 96246158 _____ C:\Users\******\Downloads\gapps-L-4-21-15.zip 2015-07-27 16:16 - 2015-07-27 16:16 - 00000000 ____D C:\9dec20b501b81c9dc37aa91f47d5 2015-07-27 16:00 - 2015-07-27 16:01 - 00000000 ____D C:\Users\******\Downloads\ia64 2015-07-27 16:00 - 2015-07-27 16:01 - 00000000 ____D C:\Users\******\Downloads\i386 2015-07-27 16:00 - 2015-07-27 16:01 - 00000000 ____D C:\Users\******\Downloads\amd64 2015-07-27 15:56 - 2015-07-27 15:57 - 04491672 _____ C:\Users\******\Downloads\20454397_e6970b8fe6fbd5a30515a2c08724d81c8666e972.cab 2015-07-27 11:07 - 2015-07-27 11:07 - 06254100 _____ C:\Users\******\Downloads\CF-Root-SGS2_XW_XEU_KE7-v4.0-CWM4.zip 2015-07-26 20:07 - 2015-07-26 20:07 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys 2015-07-26 18:57 - 2015-07-26 19:10 - 10318768 _____ (Connectify) C:\Users\******\Downloads\Connectify201505Installer.exe 2015-07-26 18:47 - 2015-07-26 18:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2015-07-26 18:47 - 2015-07-26 18:47 - 00000000 ____D C:\ProgramData\Mobile Partner 2015-07-26 18:47 - 2012-08-20 02:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2015-07-26 18:21 - 2015-07-28 01:48 - 00000000 ____D C:\ProgramData\DatacardService 2015-07-26 17:50 - 2015-07-26 17:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf 2015-07-25 07:56 - 2015-07-25 07:56 - 00000000 ____D C:\Program Files\SAMSUNG 2015-07-21 19:00 - 2015-07-21 19:00 - 58328843 _____ C:\Users\******\Downloads\3443 - Rune Factory - A Fantasy Harvest Moon (EU)(M5)(XenoPhobia).7z 2015-07-21 18:52 - 2015-07-21 19:02 - 00000000 ____D C:\Users\******\Documents\nds spiele 2015-07-20 19:53 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-07-20 19:53 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-20 19:53 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-07-20 19:53 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-07-20 19:53 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-07-20 19:53 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-20 19:53 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-07-20 19:53 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-07-20 19:53 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-20 19:53 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-19 21:30 - 2015-07-19 21:30 - 00017674 _____ C:\Users\******\Downloads\vorlage_muster_einladung_zum_vorstellungsgespräch.odt 2015-07-19 04:03 - 2015-07-19 04:03 - 00000000 ____D C:\Users\******\AppData\Roaming\OpenOffice 2015-07-19 03:58 - 2015-07-19 03:58 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2015-07-19 03:57 - 2015-07-19 03:57 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2015-07-18 13:38 - 2015-07-18 13:38 - 00000000 ____D C:\Users\******\Documents\ANNO 1404 Venedig 2015-07-17 19:23 - 2015-07-17 19:23 - 03198534 _____ C:\Users\******\Downloads\KDZ_FW_UPD_EN_(1).zip 2015-07-17 18:12 - 2015-07-17 18:29 - 957356473 _____ C:\Users\******\Downloads\D32510f_00.kdz 2015-07-17 18:10 - 2015-07-17 18:11 - 00002329 _____ C:\Users\******\Downloads\KDZFileTools.rar 2015-07-17 15:37 - 2015-07-17 15:37 - 00000000 ____D C:\ProgramData\LGMOBILEAX 2015-07-17 15:30 - 2013-02-22 12:36 - 00000000 ____D C:\Users\******\test-version-upTest_EX 2015-07-17 15:18 - 2015-07-17 15:18 - 00000000 ____D C:\Program Files (x86)\RegTweaker 2015-07-17 15:07 - 2015-07-17 15:08 - 02992555 _____ C:\Users\******\Downloads\regtweaker (2).exe 2015-07-17 15:03 - 2015-07-17 15:06 - 08883105 _____ ( ) C:\Users\******\Downloads\DLLEscort_Setup (1).exe 2015-07-17 14:43 - 2015-08-01 08:52 - 00000000 ____D C:\Users\******\Documents\LG PC Suite 2015-07-17 14:43 - 2015-07-31 07:24 - 00000000 ____D C:\Users\******\.android 2015-07-17 14:19 - 2015-07-17 14:19 - 00003000 _____ C:\Windows\System32\Tasks\{CD6D1CF5-88CE-4E5D-8799-7631E35E4584} 2015-07-17 14:03 - 2015-07-17 14:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf 2015-07-17 12:28 - 2012-03-02 07:02 - 01919968 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll 2015-07-17 12:27 - 2015-07-17 12:28 - 11003832 _____ (Acresso Software Inc. ) C:\Users\******\Downloads\LGUnitedMobileDriver_S4981MAN37AP22_ML_WHQL_Ver_3.7.2.exe 2015-07-17 12:26 - 2015-07-17 15:08 - 00000000 ____D C:\ProgramData\dllescort 2015-07-17 12:23 - 2015-07-17 12:23 - 02992555 _____ C:\Users\******\Downloads\regtweaker (1).exe 2015-07-17 12:15 - 2015-07-26 13:51 - 00000000 ____D C:\Users\******\AppData\Roaming\LG Electronics 2015-07-17 11:54 - 2015-07-17 12:26 - 00000000 ____D C:\Program Files (x86)\DLLEscort 2015-07-17 11:54 - 2015-07-17 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL Escort 2014 2015-07-17 11:52 - 2015-07-26 13:51 - 00000000 ____D C:\Users\******\AppData\Local\LG Electronics 2015-07-17 11:49 - 2015-07-17 11:50 - 08883105 _____ ( ) C:\Users\******\Downloads\DLLEscort_Setup.exe 2015-07-17 11:47 - 2015-07-26 13:53 - 00000000 ____D C:\Program Files (x86)\LG Electronics 2015-07-17 11:38 - 2015-07-17 11:42 - 235018224 _____ (LG Electronics) C:\Users\******\Downloads\LGPCSuite_Setup.exe 2015-07-16 17:38 - 2015-07-16 17:38 - 00000413 _____ C:\Users\******\Downloads\listen-dsl.pls 2015-07-16 16:13 - 2015-07-16 16:14 - 23385888 _____ (hxxp://www.fireebok.com/ ) C:\Users\******\Downloads\CleanMyPhone.exe 2015-07-16 12:17 - 2015-07-16 18:24 - 00000000 ____D C:\Users\******\AppData\Local\Prompt Downloader 2015-07-16 12:04 - 2015-07-16 12:04 - 00000000 ____D C:\Users\******\AppData\Roaming\Iconion.com 2015-07-15 06:09 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-15 06:09 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-07-15 06:09 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-07-15 06:09 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-07-15 06:09 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-07-15 06:09 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-07-15 06:09 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-07-15 06:09 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-07-15 06:09 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-07-15 06:09 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-07-15 06:09 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-07-15 06:09 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-07-15 06:09 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-15 06:09 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-07-15 06:09 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-07-15 06:09 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-07-15 06:09 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-07-15 06:09 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-07-15 06:09 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-15 06:09 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-15 06:09 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-15 06:08 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2015-07-15 06:08 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2015-07-15 06:07 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-15 06:07 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-15 06:07 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-15 06:03 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-15 06:03 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-15 06:02 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-07-15 06:02 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-15 06:02 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-15 06:02 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-07-15 06:02 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-07-15 06:02 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-15 06:02 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-15 06:02 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-15 06:02 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-07-15 06:02 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-15 06:02 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2015-07-15 06:02 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2015-07-14 14:51 - 2015-07-14 14:53 - 00000000 ____D C:\Users\******\Documents\RCT3 2015-07-14 14:51 - 2015-07-14 14:51 - 00000000 ____D C:\Users\******\AppData\Roaming\Atari 2015-07-14 14:47 - 2015-07-14 14:48 - 00000000 ____D C:\Users\******\Downloads\rct3zip 2015-07-14 14:43 - 2015-07-14 14:43 - 00000000 ____D C:\Users\******\Downloads\coat of arms 2015-07-14 14:30 - 2015-07-14 14:30 - 03671534 _____ C:\Users\******\Downloads\download (1).zip 2015-07-14 14:28 - 2015-07-14 14:28 - 00000000 ____D C:\Users\******\AppData\Roaming\Leadertech 2015-07-14 14:25 - 2015-07-14 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari 2015-07-14 14:23 - 2015-07-14 14:44 - 00000000 ____D C:\Users\******\Downloads\rct3 2015-07-14 14:18 - 2015-07-14 14:18 - 00000000 ____D C:\Program Files (x86)\Atari 2015-07-14 10:41 - 2015-07-14 10:41 - 00000000 ____D C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2015-07-14 10:41 - 2015-07-14 10:41 - 00000000 ____D C:\Users\******\AppData\Local\AMD 2015-07-14 10:40 - 2015-07-14 10:40 - 00000000 ____D C:\Users\******\AppData\Roaming\ATI 2015-07-14 10:40 - 2015-07-14 10:40 - 00000000 ____D C:\Users\******\AppData\Local\ATI 2015-07-14 10:40 - 2015-07-14 10:40 - 00000000 ____D C:\ProgramData\ATI 2015-07-14 10:39 - 2015-07-14 10:39 - 00000000 ____D C:\ProgramData\AMD 2015-07-14 10:38 - 2015-07-14 10:38 - 00000000 _____ C:\Windows\ativpsrm.bin 2015-07-14 10:36 - 2015-07-14 10:36 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2015-07-14 10:36 - 2015-07-14 10:36 - 00000000 ____D C:\Program Files (x86)\AMD APP 2015-07-14 10:35 - 2015-07-14 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2015-07-14 10:31 - 2015-07-14 10:31 - 00000000 ____D C:\Program Files\ATI Technologies 2015-07-14 10:31 - 2010-02-18 09:18 - 00046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys 2015-07-14 10:29 - 2015-07-14 10:29 - 00000000 ____D C:\Program Files\ATI 2015-07-14 10:28 - 2015-07-14 10:35 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2015-07-14 10:27 - 2011-06-29 15:16 - 04330496 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2015-07-14 10:27 - 2011-06-29 15:16 - 04017152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2015-07-14 10:27 - 2011-06-29 15:16 - 01828864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll 2015-07-14 10:27 - 2011-06-29 15:16 - 01127552 _____ C:\Windows\SysWOW64\atiumdva.cap 2015-07-14 10:27 - 2011-06-29 15:16 - 00058880 _____ (AMD) C:\Windows\system32\coinst.dll 2015-07-14 10:27 - 2011-06-29 15:16 - 00040960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2015-07-14 10:27 - 2011-06-29 15:16 - 00031744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2015-07-14 10:27 - 2011-06-29 15:15 - 01113088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll 2015-07-14 10:26 - 2011-06-29 15:16 - 00114704 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys 2015-07-14 10:26 - 2011-06-29 15:15 - 23336960 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 17940992 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 09359872 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2015-07-14 10:26 - 2011-06-29 15:15 - 08489472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 06847488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 05486592 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumd64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 05008384 _____ (ATI Technologies Inc. ) C:\Windows\system32\atidxx64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 04219904 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 03810816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 01127552 _____ C:\Windows\system32\atiumd6a.cap 2015-07-14 10:26 - 2011-06-29 15:15 - 00811008 _____ (ATI Technologies Inc. ) C:\Windows\system32\aticfx64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00688128 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00485376 _____ (AMD) C:\Windows\system32\atieclxx.exe 2015-07-14 10:26 - 2011-06-29 15:15 - 00462848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00423424 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdl64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00366592 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00356352 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe 2015-07-14 10:26 - 2011-06-29 15:15 - 00309760 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2015-07-14 10:26 - 2011-06-29 15:15 - 00262144 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00233765 _____ C:\Windows\system32\atiicdxx.dat 2015-07-14 10:26 - 2011-06-29 15:15 - 00204288 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2015-07-14 10:26 - 2011-06-29 15:15 - 00166624 _____ C:\Windows\system32\atiapfxx.blb 2015-07-14 10:26 - 2011-06-29 15:15 - 00151552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2015-07-14 10:26 - 2011-06-29 15:15 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe 2015-07-14 10:26 - 2011-06-29 15:15 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00052736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00052736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe 2015-07-14 10:26 - 2011-06-29 15:15 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00039936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00032768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00032635 _____ C:\Windows\atiogl.xml 2015-07-14 10:26 - 2011-06-29 15:15 - 00029184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00016384 _____ (AMD) C:\Windows\system32\atimuixx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2015-07-14 10:26 - 2011-06-29 15:15 - 00003929 _____ C:\Windows\SysWOW64\atipblag.dat 2015-07-14 10:26 - 2011-06-29 15:15 - 00003929 _____ C:\Windows\system32\atipblag.dat 2015-07-14 10:14 - 2015-07-14 10:19 - 166827332 _____ C:\Users\******\Downloads\A2DVID-00252645-0042.zip 2015-07-13 18:55 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2015-07-13 18:55 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2015-07-13 18:55 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2015-07-13 18:55 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2015-07-13 18:55 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2015-07-13 18:55 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-07-13 18:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2015-07-13 18:55 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2015-07-13 18:55 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2015-07-13 18:55 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2015-07-13 18:55 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2015-07-13 18:55 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2015-07-13 18:55 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2015-07-13 18:55 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2015-07-13 18:55 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2015-07-13 18:55 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2015-07-13 18:55 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2015-07-13 18:55 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2015-07-13 18:55 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2015-07-13 18:55 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2015-07-13 18:55 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2015-07-13 18:55 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2015-07-13 18:53 - 2015-07-13 18:55 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-07-13 18:53 - 2015-07-13 18:54 - 00000000 ___HD C:\Windows\msdownld.tmp 2015-07-13 18:53 - 2015-07-13 18:53 - 00292184 _____ (Microsoft Corporation) C:\Users\******\Downloads\dxwebsetup.exe 2015-07-13 18:44 - 2015-07-13 18:44 - 01198368 _____ C:\Users\******\Downloads\DirectX - CHIP-Installer.exe 2015-07-13 11:23 - 2015-07-13 11:23 - 00000000 ____D C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-07-13 11:22 - 2015-07-13 11:22 - 00001960 _____ C:\Users\Public\Desktop\ANNO 1503 GOLD spielen.lnk 2015-07-13 11:04 - 2015-07-13 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANNO 1503 GOLD 2015-07-13 11:04 - 2015-07-13 11:21 - 00000000 ____D C:\Program Files (x86)\ANNO 1503 GOLD 2015-07-13 11:04 - 2015-07-13 11:04 - 00001263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk 2015-07-13 11:04 - 2015-07-13 11:04 - 00001251 _____ C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk 2015-07-13 11:03 - 2015-07-28 18:54 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-07-13 11:03 - 2015-07-13 11:03 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2015-07-13 11:03 - 2015-07-13 11:03 - 00000000 ____D C:\Users\******\Documents\My eBooks 2015-07-13 11:03 - 2015-07-13 11:03 - 00000000 ____D C:\Users\******\AppData\Roaming\InterTrust 2015-07-13 11:03 - 1998-11-17 11:44 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe 2015-07-13 10:51 - 2015-07-13 18:35 - 00000000 ____D C:\Users\******\AppData\Roaming\Ubisoft 2015-07-13 10:48 - 2015-07-13 10:48 - 00000000 ____D C:\ProgramData\Solidshield 2015-07-13 10:47 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2015-07-13 10:47 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2015-07-13 10:47 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2015-07-13 10:47 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2015-07-13 10:47 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2015-07-13 10:47 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2015-07-13 10:46 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2015-07-13 10:46 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2015-07-13 10:46 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2015-07-13 10:46 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2015-07-13 10:46 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2015-07-13 10:46 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2015-07-13 10:46 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2015-07-13 10:46 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2015-07-13 10:46 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2015-07-13 10:46 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2015-07-13 10:46 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2015-07-13 10:46 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2015-07-13 10:46 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2015-07-13 10:46 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2015-07-13 10:46 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2015-07-13 10:46 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2015-07-13 10:46 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-07-13 10:46 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2015-07-13 10:46 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2015-07-13 10:46 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2015-07-13 10:46 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2015-07-13 10:46 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2015-07-13 10:46 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2015-07-13 10:46 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2015-07-13 10:46 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2015-07-13 10:46 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2015-07-13 10:46 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2015-07-13 10:46 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2015-07-13 10:46 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2015-07-13 10:46 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2015-07-13 10:46 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2015-07-13 10:46 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2015-07-13 10:46 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2015-07-13 10:46 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2015-07-13 10:46 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2015-07-13 10:46 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2015-07-13 10:46 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2015-07-13 10:46 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2015-07-13 10:46 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2015-07-13 10:46 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2015-07-13 10:46 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2015-07-13 10:46 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2015-07-13 10:46 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2015-07-13 10:46 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2015-07-13 10:46 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2015-07-13 10:46 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2015-07-13 10:46 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2015-07-13 10:46 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2015-07-13 10:46 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2015-07-13 10:46 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2015-07-13 10:46 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2015-07-13 10:46 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2015-07-13 10:46 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2015-07-13 10:46 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2015-07-13 10:46 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2015-07-13 10:46 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2015-07-13 10:46 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2015-07-13 10:46 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2015-07-13 10:46 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2015-07-13 10:46 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2015-07-13 10:46 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2015-07-13 10:46 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2015-07-13 10:46 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2015-07-13 10:46 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2015-07-13 10:46 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2015-07-13 10:46 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2015-07-13 10:46 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2015-07-13 10:46 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2015-07-13 10:46 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2015-07-13 10:46 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2015-07-13 10:46 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2015-07-13 10:46 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2015-07-13 10:46 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2015-07-13 10:46 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2015-07-13 10:46 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2015-07-13 10:46 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2015-07-13 10:46 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2015-07-13 10:46 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2015-07-13 10:46 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2015-07-13 10:46 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2015-07-13 10:46 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2015-07-13 10:46 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2015-07-13 10:46 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2015-07-13 10:46 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2015-07-13 10:46 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2015-07-13 10:46 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2015-07-13 10:45 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2015-07-13 10:45 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2015-07-13 10:45 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2015-07-13 10:45 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2015-07-13 10:45 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2015-07-13 10:45 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2015-07-13 10:45 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2015-07-13 10:45 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2015-07-13 10:45 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2015-07-13 10:45 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2015-07-13 10:45 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2015-07-13 10:45 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2015-07-13 10:45 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2015-07-13 10:45 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2015-07-13 10:45 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2015-07-13 10:45 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2015-07-13 10:45 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2015-07-13 10:45 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2015-07-13 10:45 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2015-07-13 10:45 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2015-07-13 10:45 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2015-07-13 10:45 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2015-07-13 10:45 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2015-07-13 10:45 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2015-07-13 10:45 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2015-07-13 10:45 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2015-07-13 10:45 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2015-07-13 10:45 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2015-07-13 10:45 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2015-07-13 10:45 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2015-07-13 10:45 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2015-07-13 10:45 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2015-07-13 10:45 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2015-07-13 10:45 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2015-07-13 10:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2015-07-13 10:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2015-07-13 10:35 - 2015-07-13 10:35 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2015-07-10 14:02 - 2015-07-10 14:03 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2015-07-10 14:02 - 2015-07-10 14:02 - 00001532 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2015-07-10 14:02 - 2015-07-10 14:02 - 00001241 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-07-10 14:02 - 2015-07-10 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-07-10 14:02 - 2015-07-10 14:02 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack 2015-07-10 14:01 - 2015-07-10 14:07 - 00000000 ____D C:\Users\******\AppData\Roaming\DVDVideoSoft 2015-07-10 13:59 - 2015-07-10 14:00 - 36468360 _____ (DVDVideoSoft Ltd. ) C:\Users\******\Downloads\FreeYouTubeToMP3Converter.exe 2015-07-10 09:54 - 2015-08-05 20:20 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-07-10 09:54 - 2015-07-10 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-07-10 09:52 - 2015-08-07 18:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-10 09:52 - 2015-07-15 21:09 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-09 19:08 - 2015-07-09 19:19 - 115974290 _____ C:\Users\******\Downloads\CoGounBiJo-Gos20tC.zip 2015-07-08 18:09 - 2015-07-08 18:12 - 00000000 ____D C:\Program Files (x86)\Freeciv-2.1.5-gtk2 2015-07-08 09:15 - 2015-07-08 09:15 - 00000000 ____D C:\Users\******\AppData\Roaming\dvdcss ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-07 18:24 - 2015-06-28 20:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-07 16:18 - 2009-07-14 06:45 - 00028256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-07 16:18 - 2009-07-14 06:45 - 00028256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-07 16:11 - 2015-06-29 06:25 - 00000000 ____D C:\Users\******\AppData\Roaming\Wise Care 365 2015-08-07 16:10 - 2015-06-30 18:52 - 00000324 _____ C:\Windows\Tasks\WOIPR1.job 2015-08-07 16:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-07 16:00 - 2015-06-29 13:18 - 00000000 ____D C:\Users\******\AppData\Roaming\vlc 2015-08-07 15:22 - 2011-04-12 09:43 - 00699342 _____ C:\Windows\system32\perfh007.dat 2015-08-07 15:22 - 2011-04-12 09:43 - 00149450 _____ C:\Windows\system32\perfc007.dat 2015-08-07 15:22 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-07 11:59 - 2015-06-29 06:52 - 00000406 _____ C:\Windows\Tasks\Wise Turbo Checker.job 2015-08-01 18:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-08-01 16:20 - 2015-07-01 06:27 - 00000000 ____D C:\ProgramData\AVAST Software 2015-08-01 11:50 - 2015-06-28 18:48 - 00000000 ____D C:\Users\****** 2015-07-31 21:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-07-31 17:13 - 2015-06-28 19:34 - 00000000 ____D C:\Windows\Panther 2015-07-31 16:41 - 2015-06-28 18:48 - 00001409 _____ C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-07-31 16:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-31 08:43 - 2015-07-03 15:56 - 00000000 ____D C:\Users\******\Documents\samsung 2015-07-31 08:43 - 2015-06-29 14:33 - 00000000 ____D C:\Users\******\Downloads\Treiber 2015-07-31 07:19 - 2015-06-29 14:49 - 00000000 ____D C:\Users\******\AppData\Roaming\Apple Computer 2015-07-31 07:19 - 2015-06-29 14:45 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-07-31 06:51 - 2015-06-29 14:49 - 00000000 ____D C:\Users\******\AppData\Local\Apple Computer 2015-07-31 04:27 - 2015-07-01 18:12 - 00000367 _____ C:\Windows\wininit.ini 2015-07-31 04:27 - 2015-06-29 08:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-07-31 01:33 - 2015-06-28 18:48 - 00000000 ____D C:\Users\******\AppData\Local\VirtualStore 2015-07-30 23:20 - 2015-06-30 18:52 - 00000000 ____D C:\ProgramData\Service7597 2015-07-30 23:20 - 2015-06-30 18:51 - 00000000 ____D C:\ProgramData\SecurityUtility 2015-07-30 22:32 - 2015-07-03 11:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-30 22:31 - 2015-06-28 18:50 - 00000021 _____ C:\Windows\Model.txt 2015-07-30 13:08 - 2015-07-07 17:15 - 00000000 ____D C:\ProgramData\WinZip 2015-07-28 20:37 - 2015-06-28 20:04 - 00000000 ____D C:\Users\******\AppData\Roaming\Adobe 2015-07-28 12:54 - 2015-06-30 21:32 - 01592836 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-07-26 16:07 - 2015-06-29 11:13 - 00000416 _____ C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job 2015-07-25 03:13 - 2015-07-03 15:57 - 00000000 ____D C:\Users\******\AppData\Roaming\Samsung 2015-07-25 03:13 - 2015-07-03 11:29 - 00000000 ____D C:\ProgramData\Samsung 2015-07-25 03:13 - 2015-07-03 11:29 - 00000000 ____D C:\Program Files (x86)\Samsung 2015-07-16 15:41 - 2015-07-04 13:21 - 00001238 __RHC C:\Users\Public\Desktop\PhoneClean.lnk 2015-07-16 15:41 - 2015-07-04 13:21 - 00000000 ____D C:\Program Files (x86)\iMobie 2015-07-15 19:02 - 2015-06-29 07:51 - 00000000 ____D C:\Windows\system32\MRT 2015-07-15 15:25 - 2015-06-28 20:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-15 15:25 - 2015-06-28 20:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-15 15:25 - 2015-06-28 20:02 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-14 10:28 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-07-13 10:48 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-07-10 09:53 - 2015-06-28 19:43 - 00000000 ____D C:\Program Files (x86)\Google 2015-07-10 09:52 - 2015-06-28 19:42 - 00000000 ____D C:\Users\******\AppData\Local\Deployment 2015-07-08 13:45 - 2015-07-01 02:05 - 00000000 ____D C:\Users\******\AppData\Roaming\20A85981-1435709117-11E1-AC90-139F1064CFB1 2015-07-08 13:29 - 2015-07-07 17:13 - 00000000 ____D C:\Users\******\AppData\Roaming\DesktopIconAmazon 2015-07-08 11:05 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-06-30 19:53 - 2015-06-30 19:53 - 0000046 _____ () C:\Users\******\AppData\Roaming\WB.CFG 2015-07-01 05:36 - 2015-07-01 05:36 - 0007597 _____ () C:\Users\******\AppData\Local\Resmon.ResmonCfg Einige Dateien in TEMP: ==================== C:\Users\******\AppData\Local\Temp\ICReinstall_windows7-homepremium-sp1-64.exe ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-07-31 21:16 ==================== Ende von log ============================ |
|
07.08.2015, 17:59
| #4 |
| | iexplore.exe virus und ständige browser AbstürzeCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-08-2015
durchgeführt von ***** (2015-08-07 18:45:35)
Gestartet von C:\Users\*****\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-324559553-332125348-1769396688-500 - Administrator - Disabled)
Gast (S-1-5-21-324559553-332125348-1769396688-501 - Limited - Disabled)
***** (S-1-5-21-324559553-332125348-1769396688-1000 - Administrator - Enabled) => C:\Users\*****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
Ad-Aware Web Companion (x32 Version: 2.0.1025.2130 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 1503 GOLD (HKLM-x32\...\{DB833EF9-A198-49BE-970A-BD46F30BFBB4}) (Version: 1.05.00 - )
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9D86D954-38AF-2A73-7AF9-920D05B6784F}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.0.5.0 - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5642 - CDBurnerXP)
Chromium (HKU\S-1-5-21-324559553-332125348-1769396688-1000\...\Chromium) (Version: 46.0.2461.0 - Chromium)
DLLEscort version 2014 (HKLM-x32\...\{2F13CA65-0FFB-4760-824B-D459836AACFE}_is1) (Version: 2014 - )
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf) <==== ACHTUNG
iThmb Converter Version 1.105.0.715 (HKLM-x32\...\{AC7FF208-CE56-455E-96CB-1D96A0AF33EF}_is1) (Version: 1.105.0.715 - Dec Software)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
LavasoftTcpService (x32 Version: 2.3.4.7 - Lavasoft) Hidden
lytinsub (HKLM-x32\...\{0b76895c-84f4-452c-6d3e-ffcd4107fc75}) (Version: 1.0.0 - impesup) <==== ACHTUNG
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PhoneClean 3.7.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.7.0 - iMobie Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Reason Demo 4.0.1 (HKLM-x32\...\Reason4Demo_is1) (Version: 4.0.1 - Propellerhead Software AB)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SaveCode (HKLM-x32\...\{30DD71E7-51D2-473B-A8AE-EC4D84432C6A}) (Version: 1.0.0.0 - " ")
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
TermCoach 1.10.0.21 (HKLM-x32\...\TermCoach_1.10.0.21) (Version: 1.10.0.21 - TermCoach)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Companion (HKLM-x32\...\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}_WebCompanion) (Version: 2.0.1025.2130 - Lavasoft)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.15248 - WinZip International LLC)
WinZip Registry Optimizer (HKLM-x32\...\WinZip Registry Optimizer_is1) (Version: 1.0 - WinZip International LLC)
Wise Auto Shutdown 1.46 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.46 - WiseCleaner.com, Inc.)
Wise Care 365 3.73 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.)
Wise Data Recovery 3.71 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.71 - WiseCleaner.com, Inc.)
Wise Folder Hider 3.18 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.18 - WiseCleaner.com, Inc.)
Wise Force Deleter 1.21 (HKLM-x32\...\Wise Force Deleter_is1) (Version: 1.21 - WiseCleaner.com, Inc.)
Wise JetSearch 2.03 (HKLM-x32\...\Wise JetSearch_is1) (Version: 2.03 - WiseCleaner.com, Inc.)
Wise Memory Optimizer 3.35 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.35 - WiseCleaner.com, Inc.)
Wise Program Uninstaller 1.71 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 1.71 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 8.62 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.62 - WiseCleaner.com, Inc.)
XWindows Dock (HKLM-x32\...\XWindows Dock_is1) (Version: 2.0.3.0 - Lichonos Vladimir)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-324559553-332125348-1769396688-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\*****\AppData\Roaming\lytinsub\presciad.dll () <==== ACHTUNG
==================== Wiederherstellungspunkte =========================
31-07-2015 17:19:34 AA11
31-07-2015 17:28:39 AA11
01-08-2015 15:09:40 Windows Update
01-08-2015 16:22:59 avast! antivirus system restore point
01-08-2015 16:24:38 AA11
01-08-2015 17:13:02 Gerätetreiber-Paketinstallation: TAP-Windows Provider V9 Netzwerkadapter
01-08-2015 17:40:09 avast! antivirus system restore point
01-08-2015 17:43:59 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
01-08-2015 17:54:57 avast! antivirus system restore point
01-08-2015 18:58:03 avast! antivirus system restore point
01-08-2015 19:02:57 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
06-08-2015 22:55:42 Windows Update
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-28 09:59 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
Da befinden sich 1000 zusätzliche Einträge.
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {012E7A27-9327-4476-98A2-F59AF5C3D8D4} - System32\Tasks\{3C9B7E66-9980-48A4-B2EC-F9F7E6798517} => pcalua.exe -a C:\Users\*****\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=exp
Task: {2BB22A47-F479-4EFD-B81A-70B8278DBBA9} - System32\Tasks\{CD6D1CF5-88CE-4E5D-8799-7631E35E4584} => C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe
Task: {30DE04B6-0418-4FA8-9721-BB55CEC345D2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-01] (AVAST Software)
Task: {413B9EB0-6116-4E12-8DD4-5C2A5434B15E} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {49A88DB2-DACE-4953-B7E3-081B692C8C4A} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2014-09-30] (WinZip Computing, S.L. (WinZip Computing))
Task: {4BCB814C-B3C0-498E-806A-E10A406ECB3B} - System32\Tasks\Registry Optimizer => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2014-09-30] (WinZip Computing, S.L. (WinZip Computing))
Task: {5D986C36-B1E4-4873-A435-BF9FB1811FC7} - System32\Tasks\UpdateTask => C:\Users\*****\AppData\Local\{B8698~1\UNINST~1.EXE [2015-08-07] ()
Task: {67E633D5-B0D2-4E65-93C5-AF74F3DB8B70} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [2015-07-01] (WiseCleaner.com)
Task: {6BDF067E-6D51-4487-9981-8B7800CCE3AC} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2015-05-20] (Nico Mak Computing)
Task: {80121EC2-6089-49F7-A649-FC6FA48B02CC} - System32\Tasks\WFDSkipUAC => C:\Program Files (x86)\Wise\Wise Force Deleter\WiseDeleter.exe [2015-06-18] (WiseCleaner.com)
Task: {976FD617-5402-48A0-8F98-BB4D1457397D} - System32\Tasks\{5985ED17-998E-4282-AF16-FFD5C0B25071} => pcalua.exe -a C:\Users\*****\AppData\Local\Temp\Temp3_Download_Gerix_Wifi_Cracker_For_Windows_7.zip\Download_Gerix_Wifi_Cracker_For_Windows_7_downloader.exe
Task: {A44B711C-CB03-43CA-BCB8-46A591B139FB} - System32\Tasks\{AE814ABB-156C-4A8E-BA15-DB2BFD4DA0DC} => Chrome.exe
Task: {A90E7B8E-F2C4-4F68-8C44-4F65137B5B8A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {A9A300A7-361B-45DE-B0B9-452FC958C734} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe [2014-09-30] (WinZip Computing, S.L. (WinZip Computing))
Task: {AA0AC9E4-1F5C-4FB7-91D9-9DA454B0A12C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {C343B46B-E592-41A3-9CEB-3BDC0DBC0BB6} - System32\Tasks\{5E203837-81D9-4BEE-8E85-99B0859CC359} => pcalua.exe -a C:\Users\*****\Documents\REDMCC-00248446-0042.EXE -d C:\Users\*****\Documents
Task: {C43E94CE-DBD7-44A9-B7BF-74FBBE467F4E} - System32\Tasks\{2CE92B50-C829-449C-960F-2C38D0A01683} => C:\Users\*****\Downloads\AHDWLL-00247204-0042.EXE
Task: {CD2DF155-68FF-4F7B-B18A-17FF728B1C53} - System32\Tasks\{1495B589-5586-4FC2-ADB2-2BCDE2BAF46A} => Chrome.exe
Task: {D09A0AA4-3E58-44F0-A994-2C3F9CDB14CE} - System32\Tasks\WOIPR1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe [2015-06-28] (SecurityUtility) <==== ACHTUNG
Task: {E27B8A46-F42A-457D-BDE0-BB0413BAE2B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E6461960-72DF-4F36-A64E-030D66378822} - System32\Tasks\{19D55343-F8FA-40EE-B76D-695EFFD59894} => pcalua.exe -a C:\Users\*****\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=exp
Task: {EB4AAC81-B6A9-4B44-9D06-691B91B051D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-10] (Google Inc.)
Task: {F18F59D0-D3C3-4559-8DEC-E3A5F84194A1} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2015-04-30] (WiseCleaner.COM)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\Windows\Tasks\UpdateTask.job => 0x01060100787D9573E64D244DA697E969FEDBAFD54600E4000000000044440000200000000014730F000000000313040000200001000000000000000000000000000000000000350043003A005C00550073006500720073005C004D006F006E0069007100750065005C0041007000700044006100740061005C004C006F00630061006C005C007B00420038003600390038007E0031005C0055004E0049004E00530054007E0031002E00450058004500000007002F0043006800650063006B000000000008004D006F006E00690071007500650000000000000008000313040000000000010030000000D0070700090000000000000000000400A00500003C0000000000000001000000010000000000000000000000
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
Task: C:\Windows\Tasks\WOIPR1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-05-24 23:18 - 2011-05-24 23:18 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-14 14:21 - 2011-03-14 14:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-06-23 14:57 - 2015-07-01 02:08 - 00160768 _____ () C:\Users\*****\AppData\Roaming\lytinsub\presciad.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00078656 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00184680 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00046920 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00033136 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-06-08 14:12 - 2015-06-08 14:12 - 00123736 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-06-08 14:13 - 2015-06-08 14:13 - 00073544 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-06-08 14:11 - 2015-06-08 14:11 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-07-13 11:03 - 2001-04-16 15:39 - 00037808 _____ () C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
2015-06-30 19:14 - 2015-06-22 08:34 - 02510848 _____ () C:\Users\*****\AppData\LocalLow\Browser-Security\safe_url.dll
2015-08-01 19:01 - 2015-08-01 19:01 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-01 19:01 - 2015-08-01 19:01 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-05 20:20 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-05 20:20 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2015-08-07 18:06 - 2015-07-21 08:55 - 01875968 _____ () C:\Users\*****\AppData\Local\Chromium\Application\46.0.2461.0\libglesv2.dll
2015-08-07 18:06 - 2015-07-21 08:55 - 00075264 _____ () C:\Users\*****\AppData\Local\Chromium\Application\46.0.2461.0\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7868 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-324559553-332125348-1769396688-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{E5EF54FE-3F77-4287-B8B3-D71BA8D3C663}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{A04932EB-F233-4DC1-8F3C-08F4472A7604}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{9CF34840-E619-4168-B05D-0BA9A412807E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75B3CD24-5F79-4D1A-9BFF-06D781E0F57E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E88982B4-8A79-4FF1-8520-FE9FEE4B845B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{15F7D649-33A8-4373-8A1E-C7111789D314}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0B9059C7-6C9A-4B1A-A682-F1D07B5090C9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{38E917F7-6171-4013-B1CB-41917FD6A721}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{17F1F4A7-713A-45F2-9B62-3B1708DCF338}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{3A6D181C-8A63-4D79-8B00-BFE385AF4943}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{14A1CA69-843A-499E-816E-B92E5C189A4A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{6805D162-7D37-4478-A609-939950C27971}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{23764714-E9B7-4B6A-B127-22A53DAEB154}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{234DF956-4D59-4941-915A-5E99FE479F95}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{2759DBF1-FAD2-46E4-A8E3-3E07DBD6BDDD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{3C75DC34-0398-4337-9FAD-1FF0C76A0A4B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{F07FA928-06D8-4892-A74F-9EFE73FA4B05}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9A0B690F-A3FE-45EC-9FBB-24A4A367C2B2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{09AA2F54-C987-4747-96B1-C556DF374B7A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3C0ECF4D-448B-4DE5-BF79-2DCB55A28A6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6E6A2764-AECA-4B79-85E4-60FD057D3A5F}] => (Allow) C:\Users\*****\AppData\Local\Chromium\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/07/2015 06:39:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ICReinstall_windows7-homepremium-sp1-64.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ec
Startzeit: 01d0d12a39626d4c
Endzeit: 219
Anwendungspfad: C:\Users\*****\AppData\Local\Temp\ICReinstall_windows7-homepremium-sp1-64.exe
Berichts-ID: a7e0c7e7-3d22-11e5-9cf3-78843cb2e886
Error: (08/07/2015 04:10:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 03:58:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 03:17:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 09:42:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 44.0.2403.130, Zeitstempel: 0x55baf129
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18912, Zeitstempel: 0x55944dae
Ausnahmecode: 0xc0020043
Fehleroffset: 0x0005cfd9
ID des fehlerhaften Prozesses: 0x134c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (08/07/2015 02:16:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 02:15:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1728) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\*****\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (08/07/2015 02:13:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 44.0.2403.130, Zeitstempel: 0x55baf129
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18912, Zeitstempel: 0x55944dae
Ausnahmecode: 0xc0020043
Fehleroffset: 0x0005cfd9
ID des fehlerhaften Prozesses: 0x1928
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (08/07/2015 02:12:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 44.0.2403.130, Zeitstempel: 0x55baf129
Name des fehlerhaften Moduls: chrome.exe, Version: 44.0.2403.130, Zeitstempel: 0x55baf129
Ausnahmecode: 0x80000003
Fehleroffset: 0x0001113e
ID des fehlerhaften Prozesses: 0x16a4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (08/07/2015 02:11:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 44.0.2403.130, Zeitstempel: 0x55baf129
Name des fehlerhaften Moduls: chrome.exe, Version: 44.0.2403.130, Zeitstempel: 0x55baf129
Ausnahmecode: 0x4000001f
Fehleroffset: 0x0001113e
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Systemfehler:
=============
Error: (08/07/2015 04:09:53 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (08/07/2015 04:05:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/07/2015 03:57:43 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (08/07/2015 03:49:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/07/2015 03:16:09 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (08/07/2015 03:16:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.08.2015 um 14:30:00 unerwartet heruntergefahren.
Error: (08/07/2015 02:29:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/07/2015 05:21:18 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (08/07/2015 02:15:13 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (08/07/2015 02:14:19 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Microsoft Office:
=========================
Error: (08/07/2015 06:39:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ICReinstall_windows7-homepremium-sp1-64.exe0.0.0.01ec01d0d12a39626d4c219C:\Users\*****\AppData\Local\Temp\ICReinstall_windows7-homepremium-sp1-64.exea7e0c7e7-3d22-11e5-9cf3-78843cb2e886
Error: (08/07/2015 04:10:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 03:58:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 03:17:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 09:42:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.13055baf129RPCRT4.dll6.1.7601.1891255944daec00200430005cfd9134c01d0d0a65ed19bafC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\syswow64\RPCRT4.dlle6ab75fa-3cd7-11e5-9a4f-78843cb2e886
Error: (08/07/2015 02:16:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 02:15:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1728WebCacheLocal: C:\Users\*****\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)
Error: (08/07/2015 02:13:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.13055baf129RPCRT4.dll6.1.7601.1891255944daec00200430005cfd9192801d0d0a5d7bfe6daC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\syswow64\RPCRT4.dll2c1fb06e-3c99-11e5-ba59-78843cb2e886
Error: (08/07/2015 02:12:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.13055baf129chrome.exe44.0.2403.13055baf129800000030001113e16a401d0d0a59d262a8bC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exefb490772-3c98-11e5-ba59-78843cb2e886
Error: (08/07/2015 02:11:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.13055baf129chrome.exe44.0.2403.13055baf1294000001f0001113e173801d0d0a573b44805C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.execdaacf53-3c98-11e5-ba59-78843cb2e886
==================== Speicherinformationen ===========================
Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 64%
Total physical RAM: 3690.9 MB
Available physical RAM: 1292.76 MB
Total Virtual: 7380 MB
Available Virtual: 4445.67 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:220.78 GB) (Free:140.96 GB) NTFS
Drive e: (INTENSO) (Removable) (Total:7.46 GB) (Free:4.16 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2904F801)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 24B0576A)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
==================== Ende von log ============================
|
|
08.08.2015, 09:48
| #5 |
| /// the machine /// TB-Ausbilder | iexplore.exe virus und ständige browser Abstürze Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.08.2015, 13:00
| #6 |
| | iexplore.exe virus und ständige browser Abstürze Hi danke schonmal für die Hilfe, ist es normal das rootkid an einer datei ewig hängt? Egal wie oft ich es versuche, es bleibt irgendwann immer hängen... Code:
ATTFilter 13:52:12.0024 0x0ee0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:53:21.0343 0x0ee0 ============================================================
13:53:21.0343 0x0ee0 Current date / time: 2015/08/08 13:53:21.0343
13:53:21.0343 0x0ee0 SystemInfo:
13:53:21.0343 0x0ee0
13:53:21.0343 0x0ee0 OS Version: 6.1.7601 ServicePack: 1.0
13:53:21.0343 0x0ee0 Product type: Workstation
13:53:21.0343 0x0ee0 ComputerName: ********-PC
13:53:21.0343 0x0ee0 UserName: ********
13:53:21.0343 0x0ee0 Windows directory: C:\Windows
13:53:21.0343 0x0ee0 System windows directory: C:\Windows
13:53:21.0343 0x0ee0 Running under WOW64
13:53:21.0343 0x0ee0 Processor architecture: Intel x64
13:53:21.0343 0x0ee0 Number of processors: 2
13:53:21.0343 0x0ee0 Page size: 0x1000
13:53:21.0343 0x0ee0 Boot type: Normal boot
13:53:21.0343 0x0ee0 ============================================================
13:53:23.0828 0x0ee0 KLMD registered as C:\Windows\system32\drivers\56484361.sys
13:53:25.0028 0x0ee0 System UUID: {A7D5B621-53B4-0033-2735-A7A3529AF997}
13:53:27.0592 0x0ee0 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:53:27.0602 0x0ee0 ============================================================
13:53:27.0602 0x0ee0 \Device\Harddisk0\DR0:
13:53:27.0602 0x0ee0 MBR partitions:
13:53:27.0602 0x0ee0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
13:53:27.0602 0x0ee0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x1B990244
13:53:27.0602 0x0ee0 ============================================================
13:53:27.0632 0x0ee0 C: <-> \Device\Harddisk0\DR0\Partition2
13:53:27.0642 0x0ee0 ============================================================
13:53:27.0652 0x0ee0 Initialize success
13:53:27.0652 0x0ee0 ============================================================
13:55:29.0277 0x01f4 ============================================================
13:55:29.0277 0x01f4 Scan started
13:55:29.0277 0x01f4 Mode: Manual; SigCheck; TDLFS;
13:55:29.0277 0x01f4 ============================================================
13:55:29.0277 0x01f4 KSN ping started
13:55:36.0637 0x01f4 KSN ping finished: true
13:55:37.0557 0x01f4 ================ Scan system memory ========================
13:55:37.0557 0x01f4 System memory - ok
13:55:37.0557 0x01f4 ================ Scan services =============================
13:55:37.0757 0x01f4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:55:38.0037 0x01f4 1394ohci - ok
13:55:38.0097 0x01f4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:55:38.0137 0x01f4 ACPI - ok
13:55:38.0167 0x01f4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:55:38.0247 0x01f4 AcpiPmi - ok
13:55:38.0367 0x01f4 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:55:38.0407 0x01f4 AdobeARMservice - ok
13:55:38.0527 0x01f4 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:55:38.0567 0x01f4 AdobeFlashPlayerUpdateSvc - ok
13:55:38.0637 0x01f4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:55:38.0687 0x01f4 adp94xx - ok
13:55:38.0737 0x01f4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:55:38.0787 0x01f4 adpahci - ok
13:55:38.0817 0x01f4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:55:38.0857 0x01f4 adpu320 - ok
13:55:38.0897 0x01f4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:55:39.0097 0x01f4 AeLookupSvc - ok
13:55:39.0159 0x01f4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
13:55:39.0261 0x01f4 AFD - ok
13:55:39.0311 0x01f4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:55:39.0341 0x01f4 agp440 - ok
13:55:39.0376 0x01f4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:55:39.0453 0x01f4 ALG - ok
13:55:39.0473 0x01f4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:55:39.0503 0x01f4 aliide - ok
13:55:39.0583 0x01f4 [ 514089CB4A7DF38DC4DD936ADE4114D3, 22941C8FE50C5BEFDDCF4C5A0AB7633DD692D432145738752EA446042B89CFA9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:55:39.0693 0x01f4 AMD External Events Utility - ok
13:55:39.0773 0x01f4 AMD FUEL Service - ok
13:55:39.0793 0x01f4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:55:39.0823 0x01f4 amdide - ok
13:55:39.0873 0x01f4 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
13:55:39.0943 0x01f4 amdiox64 - ok
13:55:39.0973 0x01f4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:55:40.0043 0x01f4 AmdK8 - ok
13:55:40.0615 0x01f4 [ 9A4B92150A5E259A7159D914CC3A60D7, 86347094D75B2530B24F00B3ACF9D1F8C330938472D67AC38462742E98762484 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:55:41.0195 0x01f4 amdkmdag - ok
13:55:41.0265 0x01f4 [ 9DEB889D152F9C9DBA98BE8986084535, 0125ACA28B1043748DBF555D1935E271A398ACEB07E5C79932E7DC0D1A7028A1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:55:41.0345 0x01f4 amdkmdap - ok
13:55:41.0395 0x01f4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:55:41.0435 0x01f4 AmdPPM - ok
13:55:41.0485 0x01f4 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:55:41.0515 0x01f4 amdsata - ok
13:55:41.0545 0x01f4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:55:41.0585 0x01f4 amdsbs - ok
13:55:41.0605 0x01f4 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:55:41.0635 0x01f4 amdxata - ok
13:55:41.0655 0x01f4 andnetadb - ok
13:55:41.0675 0x01f4 AndNetDiag - ok
13:55:41.0695 0x01f4 ANDNetModem - ok
13:55:41.0705 0x01f4 andnetndis - ok
13:55:41.0745 0x01f4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
13:55:41.0805 0x01f4 AppID - ok
13:55:41.0835 0x01f4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:55:41.0885 0x01f4 AppIDSvc - ok
13:55:41.0935 0x01f4 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
13:55:42.0005 0x01f4 Appinfo - ok
13:55:42.0075 0x01f4 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:55:42.0105 0x01f4 Apple Mobile Device Service - ok
13:55:42.0145 0x01f4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
13:55:42.0175 0x01f4 arc - ok
13:55:42.0185 0x01f4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:55:42.0228 0x01f4 arcsas - ok
13:55:42.0317 0x01f4 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:55:42.0387 0x01f4 aspnet_state - ok
13:55:42.0467 0x01f4 [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
13:55:42.0497 0x01f4 aswHwid - ok
13:55:42.0567 0x01f4 [ BAAE273BC5F03796D3201E2C91FAF3E0, 83BECDA4D973392D25BFA706E277A67C9E8896ECF14B430B96FFD299D9AA42B8 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
13:55:42.0597 0x01f4 aswKbd - ok
13:55:42.0617 0x01f4 [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:55:42.0647 0x01f4 aswMonFlt - ok
13:55:42.0727 0x01f4 [ 6EBBD0E2CF55056DA75B539F6BA8F70E, 26CCDDD1E968196C14408F395FB6F1C10B5E56B70A61BF91D104F1140A63D1D9 ] aswNdisFlt C:\Windows\system32\DRIVERS\aswNdisFlt.sys
13:55:42.0777 0x01f4 aswNdisFlt - ok
13:55:42.0837 0x01f4 [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
13:55:42.0867 0x01f4 aswRdr - ok
13:55:42.0897 0x01f4 [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
13:55:42.0927 0x01f4 aswRvrt - ok
13:55:43.0007 0x01f4 [ 5B6A864A2CE292992040CEBAFC8F746A, 3AC0D60B3530AA55266C6547686E4488FE3C5CDD19223ECAF6E5C5A4109EF0C1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:55:43.0097 0x01f4 aswSnx - ok
13:55:43.0167 0x01f4 [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:55:43.0217 0x01f4 aswSP - ok
13:55:43.0257 0x01f4 [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm C:\Windows\system32\drivers\aswStm.sys
13:55:43.0297 0x01f4 aswStm - ok
13:55:43.0357 0x01f4 [ E4ABC023E251D2BB6B98C9FCAF5CF16D, 2A94320A3EF16E641B693BF6EABABB57C891B914B00F73ACD7ADB8CA5089EC40 ] aswTap C:\Windows\system32\DRIVERS\aswTap.sys
13:55:43.0387 0x01f4 aswTap - ok
13:55:43.0417 0x01f4 [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
13:55:43.0467 0x01f4 aswVmm - ok
13:55:43.0507 0x01f4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:55:43.0607 0x01f4 AsyncMac - ok
13:55:43.0627 0x01f4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:55:43.0657 0x01f4 atapi - ok
13:55:43.0857 0x01f4 [ E8E1AE3CAA4C7286D40715336D8A11D4, 5269BB1C8E69787618F75AA5EC64F7B8298B9DB70A88FFB0C2C9411401BD9FFB ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:55:44.0087 0x01f4 athr - ok
13:55:44.0157 0x01f4 [ CBD14F698DEF12EE3557604B726CB8EB, 45EDD88B18F2DE9024851BFDE9DC0CA943692DD306CB3A0822F4A5C0C3D7CDD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:55:44.0187 0x01f4 AtiHDAudioService - ok
13:55:44.0267 0x01f4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:55:44.0359 0x01f4 AudioEndpointBuilder - ok
13:55:44.0419 0x01f4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:55:44.0489 0x01f4 AudioSrv - ok
13:55:44.0741 0x01f4 [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:55:44.0771 0x01f4 avast! Antivirus - ok
13:55:44.0831 0x01f4 [ AF09E0E7239052DDE959F2662C42D94A, 6E4EC06AAACD15502909CB1021362ED686589EEDB490CD7B9DF15C6001ECB2F0 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
13:55:44.0861 0x01f4 avast! Firewall - ok
13:55:44.0871 0x01f4 avchv - ok
13:55:44.0931 0x01f4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:55:45.0051 0x01f4 AxInstSV - ok
13:55:45.0111 0x01f4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:55:45.0181 0x01f4 b06bdrv - ok
13:55:45.0241 0x01f4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:55:45.0321 0x01f4 b57nd60a - ok
13:55:45.0391 0x01f4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:55:45.0441 0x01f4 BDESVC - ok
13:55:45.0471 0x01f4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:55:45.0561 0x01f4 Beep - ok
13:55:45.0631 0x01f4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:55:45.0741 0x01f4 BFE - ok
13:55:45.0821 0x01f4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:55:46.0081 0x01f4 BITS - ok
13:55:46.0131 0x01f4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:55:46.0181 0x01f4 blbdrive - ok
13:55:46.0261 0x01f4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:55:46.0311 0x01f4 Bonjour Service - ok
13:55:46.0351 0x01f4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:55:46.0411 0x01f4 bowser - ok
13:55:46.0441 0x01f4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:55:46.0511 0x01f4 BrFiltLo - ok
13:55:46.0531 0x01f4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:55:46.0591 0x01f4 BrFiltUp - ok
13:55:46.0621 0x01f4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:55:46.0671 0x01f4 Browser - ok
13:55:46.0711 0x01f4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:55:46.0771 0x01f4 Brserid - ok
13:55:46.0781 0x01f4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:55:46.0831 0x01f4 BrSerWdm - ok
13:55:46.0841 0x01f4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:55:46.0881 0x01f4 BrUsbMdm - ok
13:55:46.0891 0x01f4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:55:46.0941 0x01f4 BrUsbSer - ok
13:55:46.0951 0x01f4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:55:47.0011 0x01f4 BTHMODEM - ok
13:55:47.0081 0x01f4 [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:55:47.0161 0x01f4 BTHPORT - ok
13:55:47.0201 0x01f4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:55:47.0291 0x01f4 bthserv - ok
13:55:47.0331 0x01f4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:55:47.0381 0x01f4 BTHUSB - ok
13:55:47.0431 0x01f4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:55:47.0521 0x01f4 cdfs - ok
13:55:47.0551 0x01f4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:55:47.0611 0x01f4 cdrom - ok
13:55:47.0671 0x01f4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:55:47.0752 0x01f4 CertPropSvc - ok
13:55:47.0792 0x01f4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
13:55:47.0842 0x01f4 circlass - ok
13:55:47.0902 0x01f4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
13:55:47.0952 0x01f4 CLFS - ok
13:55:48.0022 0x01f4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:55:48.0052 0x01f4 clr_optimization_v2.0.50727_32 - ok
13:55:48.0122 0x01f4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:55:48.0152 0x01f4 clr_optimization_v2.0.50727_64 - ok
13:55:48.0262 0x01f4 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:55:48.0352 0x01f4 clr_optimization_v4.0.30319_32 - ok
13:55:48.0372 0x01f4 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:55:48.0442 0x01f4 clr_optimization_v4.0.30319_64 - ok
13:55:48.0502 0x01f4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:55:48.0562 0x01f4 CmBatt - ok
13:55:48.0572 0x01f4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:55:48.0602 0x01f4 cmdide - ok
13:55:48.0662 0x01f4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
13:55:48.0732 0x01f4 CNG - ok
13:55:48.0752 0x01f4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:55:48.0782 0x01f4 Compbatt - ok
13:55:48.0812 0x01f4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:55:48.0862 0x01f4 CompositeBus - ok
13:55:48.0882 0x01f4 COMSysApp - ok
13:55:48.0912 0x01f4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:55:48.0942 0x01f4 crcdisk - ok
13:55:48.0992 0x01f4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:55:49.0072 0x01f4 CryptSvc - ok
13:55:49.0142 0x01f4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:55:49.0262 0x01f4 DcomLaunch - ok
13:55:49.0312 0x01f4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:55:49.0418 0x01f4 defragsvc - ok
13:55:49.0454 0x01f4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:55:49.0544 0x01f4 DfsC - ok
13:55:49.0594 0x01f4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:55:49.0684 0x01f4 Dhcp - ok
13:55:49.0704 0x01f4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:55:49.0804 0x01f4 discache - ok
13:55:49.0844 0x01f4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
13:55:49.0874 0x01f4 Disk - ok
13:55:49.0914 0x01f4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:55:50.0004 0x01f4 Dnscache - ok
13:55:50.0044 0x01f4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:55:50.0154 0x01f4 dot3svc - ok
13:55:50.0174 0x01f4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:55:50.0274 0x01f4 DPS - ok
13:55:50.0327 0x01f4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:55:50.0378 0x01f4 drmkaud - ok
13:55:50.0468 0x01f4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:55:50.0568 0x01f4 DXGKrnl - ok
13:55:50.0608 0x01f4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:55:50.0708 0x01f4 EapHost - ok
13:55:50.0938 0x01f4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:55:51.0188 0x01f4 ebdrv - ok
13:55:51.0228 0x01f4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
13:55:51.0298 0x01f4 EFS - ok
13:55:51.0398 0x01f4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:55:51.0518 0x01f4 ehRecvr - ok
13:55:51.0538 0x01f4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:55:51.0598 0x01f4 ehSched - ok
13:55:51.0668 0x01f4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:55:51.0718 0x01f4 elxstor - ok
13:55:51.0728 0x01f4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:55:51.0768 0x01f4 ErrDev - ok
13:55:51.0838 0x01f4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:55:51.0958 0x01f4 EventSystem - ok
13:55:51.0978 0x01f4 ew_usbenumfilter - ok
13:55:52.0018 0x01f4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:55:52.0112 0x01f4 exfat - ok
13:55:52.0132 0x01f4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:55:52.0232 0x01f4 fastfat - ok
13:55:52.0312 0x01f4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:55:52.0452 0x01f4 Fax - ok
13:55:52.0462 0x01f4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
13:55:52.0522 0x01f4 fdc - ok
13:55:52.0552 0x01f4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:55:52.0652 0x01f4 fdPHost - ok
13:55:52.0662 0x01f4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:55:52.0752 0x01f4 FDResPub - ok
13:55:52.0792 0x01f4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:55:52.0822 0x01f4 FileInfo - ok
13:55:52.0842 0x01f4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:55:52.0932 0x01f4 Filetrace - ok
13:55:52.0952 0x01f4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:55:52.0992 0x01f4 flpydisk - ok
13:55:53.0032 0x01f4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:55:53.0072 0x01f4 FltMgr - ok
13:55:53.0172 0x01f4 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
13:55:53.0332 0x01f4 FontCache - ok
13:55:53.0402 0x01f4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:55:53.0422 0x01f4 FontCache3.0.0.0 - ok
13:55:53.0452 0x01f4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:55:53.0482 0x01f4 FsDepends - ok
13:55:53.0532 0x01f4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:55:53.0562 0x01f4 Fs_Rec - ok
13:55:53.0632 0x01f4 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:55:53.0682 0x01f4 fvevol - ok
13:55:53.0712 0x01f4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:55:53.0742 0x01f4 gagp30kx - ok
13:55:53.0802 0x01f4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:55:53.0832 0x01f4 GEARAspiWDM - ok
13:55:53.0902 0x01f4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:55:54.0052 0x01f4 gpsvc - ok
13:55:54.0212 0x01f4 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:55:54.0242 0x01f4 gupdate - ok
13:55:54.0252 0x01f4 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:55:54.0292 0x01f4 gupdatem - ok
13:55:54.0312 0x01f4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:55:54.0372 0x01f4 hcw85cir - ok
13:55:54.0432 0x01f4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:55:54.0522 0x01f4 HdAudAddService - ok
13:55:54.0564 0x01f4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:55:54.0613 0x01f4 HDAudBus - ok
13:55:54.0625 0x01f4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:55:54.0661 0x01f4 HidBatt - ok
13:55:54.0666 0x01f4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:55:54.0736 0x01f4 HidBth - ok
13:55:54.0746 0x01f4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
13:55:54.0806 0x01f4 HidIr - ok
13:55:54.0846 0x01f4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:55:54.0946 0x01f4 hidserv - ok
13:55:54.0976 0x01f4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:55:55.0026 0x01f4 HidUsb - ok
13:55:55.0056 0x01f4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:55:55.0146 0x01f4 hkmsvc - ok
13:55:55.0166 0x01f4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:55:55.0246 0x01f4 HomeGroupListener - ok
13:55:55.0276 0x01f4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:55:55.0346 0x01f4 HomeGroupProvider - ok
13:55:55.0406 0x01f4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:55:55.0436 0x01f4 HpSAMD - ok
13:55:55.0526 0x01f4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:55:55.0656 0x01f4 HTTP - ok
13:55:55.0676 0x01f4 huawei_enumerator - ok
13:55:55.0736 0x01f4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:55:55.0766 0x01f4 hwpolicy - ok
13:55:55.0796 0x01f4 hwusb_cdcacm - ok
13:55:55.0806 0x01f4 hwusb_wwanecm - ok
13:55:55.0846 0x01f4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:55:55.0886 0x01f4 i8042prt - ok
13:55:55.0936 0x01f4 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:55:56.0006 0x01f4 iaStorV - ok
13:55:56.0196 0x01f4 [ 3A0FF117B4ADC5ABE4D968E26A337158, 95F4EB09158DD9B4927F71F83BE3A10DDD99C131C28D9683A7CCBB8C30769AB8 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:55:56.0386 0x01f4 IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
13:55:58.0877 0x01f4 Detect skipped due to KSN trusted
13:55:58.0877 0x01f4 IconMan_R - ok
13:55:59.0027 0x01f4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:55:59.0117 0x01f4 idsvc - ok
13:55:59.0167 0x01f4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:55:59.0207 0x01f4 iirsp - ok
13:55:59.0277 0x01f4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:55:59.0397 0x01f4 IKEEXT - ok
13:55:59.0407 0x01f4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:55:59.0437 0x01f4 intelide - ok
13:55:59.0467 0x01f4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
13:55:59.0507 0x01f4 intelppm - ok
13:55:59.0547 0x01f4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:55:59.0637 0x01f4 IPBusEnum - ok
13:55:59.0657 0x01f4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:55:59.0754 0x01f4 IpFilterDriver - ok
13:55:59.0809 0x01f4 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:55:59.0939 0x01f4 iphlpsvc - ok
13:55:59.0949 0x01f4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:55:59.0989 0x01f4 IPMIDRV - ok
13:56:00.0019 0x01f4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:56:00.0099 0x01f4 IPNAT - ok
13:56:00.0189 0x01f4 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:56:00.0279 0x01f4 iPod Service - ok
13:56:00.0309 0x01f4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:56:00.0369 0x01f4 IRENUM - ok
13:56:00.0389 0x01f4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:56:00.0420 0x01f4 isapnp - ok
13:56:00.0441 0x01f4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:56:00.0501 0x01f4 iScsiPrt - ok
13:56:00.0541 0x01f4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:56:00.0571 0x01f4 kbdclass - ok
13:56:00.0591 0x01f4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:56:00.0651 0x01f4 kbdhid - ok
13:56:00.0674 0x01f4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
13:56:00.0713 0x01f4 KeyIso - ok
13:56:00.0753 0x01f4 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:56:00.0783 0x01f4 KSecDD - ok
13:56:00.0813 0x01f4 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:56:00.0853 0x01f4 KSecPkg - ok
13:56:00.0873 0x01f4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:56:00.0973 0x01f4 ksthunk - ok
13:56:01.0023 0x01f4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:56:01.0143 0x01f4 KtmRm - ok
13:56:01.0203 0x01f4 [ 173666119D217E3739205C169E2BF0E5, 19F6E5B4496DB4151A6C68F58C42E73361D24F6D56FF9F375015515BF36B0309 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
13:56:01.0233 0x01f4 L1C - ok
13:56:01.0283 0x01f4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:56:01.0393 0x01f4 LanmanServer - ok
13:56:01.0463 0x01f4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:56:01.0563 0x01f4 LanmanWorkstation - ok
13:56:01.0603 0x01f4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:56:01.0713 0x01f4 lltdio - ok
13:56:01.0763 0x01f4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:56:01.0893 0x01f4 lltdsvc - ok
13:56:01.0913 0x01f4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:56:01.0993 0x01f4 lmhosts - ok
13:56:02.0053 0x01f4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:56:02.0093 0x01f4 LSI_FC - ok
13:56:02.0103 0x01f4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:56:02.0133 0x01f4 LSI_SAS - ok
13:56:02.0153 0x01f4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:56:02.0183 0x01f4 LSI_SAS2 - ok
13:56:02.0203 0x01f4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:56:02.0243 0x01f4 LSI_SCSI - ok
13:56:02.0273 0x01f4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:56:02.0373 0x01f4 luafv - ok
13:56:02.0433 0x01f4 [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
13:56:02.0463 0x01f4 mbamchameleon - ok
13:56:02.0533 0x01f4 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:56:02.0563 0x01f4 MBAMProtector - ok
13:56:02.0733 0x01f4 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:56:02.0853 0x01f4 MBAMScheduler - ok
13:56:02.0943 0x01f4 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:56:03.0033 0x01f4 MBAMService - ok
13:56:03.0073 0x01f4 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:56:03.0103 0x01f4 MBAMSwissArmy - ok
13:56:03.0143 0x01f4 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:56:03.0173 0x01f4 MBAMWebAccessControl - ok
13:56:03.0213 0x01f4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:56:03.0263 0x01f4 Mcx2Svc - ok
13:56:03.0283 0x01f4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
13:56:03.0323 0x01f4 megasas - ok
13:56:03.0373 0x01f4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:56:03.0423 0x01f4 MegaSR - ok
13:56:03.0463 0x01f4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:56:03.0553 0x01f4 MMCSS - ok
13:56:03.0573 0x01f4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:56:03.0663 0x01f4 Modem - ok
13:56:03.0703 0x01f4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:56:03.0753 0x01f4 monitor - ok
13:56:03.0783 0x01f4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:56:03.0813 0x01f4 mouclass - ok
13:56:03.0823 0x01f4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:56:03.0863 0x01f4 mouhid - ok
13:56:03.0903 0x01f4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:56:03.0933 0x01f4 mountmgr - ok
13:56:03.0973 0x01f4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:56:04.0003 0x01f4 mpio - ok
13:56:04.0023 0x01f4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:56:04.0103 0x01f4 mpsdrv - ok
13:56:04.0183 0x01f4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:56:04.0333 0x01f4 MpsSvc - ok
13:56:04.0403 0x01f4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:56:04.0483 0x01f4 MRxDAV - ok
13:56:04.0503 0x01f4 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:56:04.0573 0x01f4 mrxsmb - ok
13:56:04.0613 0x01f4 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:56:04.0683 0x01f4 mrxsmb10 - ok
13:56:04.0703 0x01f4 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:56:04.0753 0x01f4 mrxsmb20 - ok
13:56:04.0783 0x01f4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:56:04.0813 0x01f4 msahci - ok
13:56:04.0847 0x01f4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:56:04.0885 0x01f4 msdsm - ok
13:56:04.0917 0x01f4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:56:04.0977 0x01f4 MSDTC - ok
13:56:05.0007 0x01f4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:56:05.0087 0x01f4 Msfs - ok
13:56:05.0107 0x01f4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:56:05.0197 0x01f4 mshidkmdf - ok
13:56:05.0207 0x01f4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:56:05.0237 0x01f4 msisadrv - ok
13:56:05.0277 0x01f4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:56:05.0367 0x01f4 MSiSCSI - ok
13:56:05.0377 0x01f4 msiserver - ok
13:56:05.0407 0x01f4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:56:05.0497 0x01f4 MSKSSRV - ok
13:56:05.0517 0x01f4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:56:05.0607 0x01f4 MSPCLOCK - ok
13:56:05.0617 0x01f4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:56:05.0707 0x01f4 MSPQM - ok
13:56:05.0757 0x01f4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:56:05.0807 0x01f4 MsRPC - ok
13:56:05.0827 0x01f4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:56:05.0867 0x01f4 mssmbios - ok
13:56:05.0887 0x01f4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:56:05.0967 0x01f4 MSTEE - ok
13:56:05.0977 0x01f4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:56:06.0007 0x01f4 MTConfig - ok
13:56:06.0027 0x01f4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:56:06.0067 0x01f4 Mup - ok
13:56:06.0117 0x01f4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:56:06.0237 0x01f4 napagent - ok
13:56:06.0307 0x01f4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:56:06.0377 0x01f4 NativeWifiP - ok
13:56:06.0457 0x01f4 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
13:56:06.0537 0x01f4 NDIS - ok
13:56:06.0647 0x01f4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:56:06.0727 0x01f4 NdisCap - ok
13:56:06.0767 0x01f4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:56:06.0867 0x01f4 NdisTapi - ok
13:56:06.0907 0x01f4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:56:06.0997 0x01f4 Ndisuio - ok
13:56:07.0017 0x01f4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:56:07.0107 0x01f4 NdisWan - ok
13:56:07.0137 0x01f4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:56:07.0237 0x01f4 NDProxy - ok
13:56:07.0297 0x01f4 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
13:56:07.0347 0x01f4 Netaapl - ok
13:56:07.0377 0x01f4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:56:07.0457 0x01f4 NetBIOS - ok
13:56:07.0487 0x01f4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:56:07.0587 0x01f4 NetBT - ok
13:56:07.0617 0x01f4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
13:56:07.0657 0x01f4 Netlogon - ok
13:56:07.0727 0x01f4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:56:07.0857 0x01f4 Netman - ok
13:56:07.0907 0x01f4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:56:07.0967 0x01f4 NetMsmqActivator - ok
13:56:07.0977 0x01f4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:56:08.0017 0x01f4 NetPipeActivator - ok
13:56:08.0057 0x01f4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:56:08.0177 0x01f4 netprofm - ok
13:56:08.0187 0x01f4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:56:08.0227 0x01f4 NetTcpActivator - ok
13:56:08.0237 0x01f4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:56:08.0287 0x01f4 NetTcpPortSharing - ok
13:56:08.0327 0x01f4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:56:08.0357 0x01f4 nfrd960 - ok
13:56:08.0397 0x01f4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:56:08.0497 0x01f4 NlaSvc - ok
13:56:08.0517 0x01f4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:56:08.0597 0x01f4 Npfs - ok
13:56:08.0627 0x01f4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:56:08.0727 0x01f4 nsi - ok
13:56:08.0757 0x01f4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:56:08.0847 0x01f4 nsiproxy - ok
13:56:08.0987 0x01f4 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:56:09.0117 0x01f4 Ntfs - ok
13:56:09.0137 0x01f4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:56:09.0227 0x01f4 Null - ok
13:56:09.0247 0x01f4 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:56:09.0287 0x01f4 nvraid - ok
13:56:09.0307 0x01f4 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:56:09.0347 0x01f4 nvstor - ok
13:56:09.0377 0x01f4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:56:09.0407 0x01f4 nv_agp - ok
13:56:09.0447 0x01f4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:56:09.0477 0x01f4 ohci1394 - ok
13:56:09.0537 0x01f4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:56:09.0627 0x01f4 p2pimsvc - ok
13:56:09.0667 0x01f4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:56:09.0727 0x01f4 p2psvc - ok
13:56:09.0747 0x01f4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
13:56:09.0797 0x01f4 Parport - ok
13:56:09.0837 0x01f4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:56:09.0867 0x01f4 partmgr - ok
13:56:09.0917 0x01f4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:56:09.0987 0x01f4 PcaSvc - ok
13:56:09.0997 0x01f4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:56:10.0054 0x01f4 pci - ok
13:56:10.0081 0x01f4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:56:10.0109 0x01f4 pciide - ok
13:56:10.0139 0x01f4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:56:10.0179 0x01f4 pcmcia - ok
13:56:10.0189 0x01f4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:56:10.0219 0x01f4 pcw - ok
13:56:10.0289 0x01f4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:56:10.0369 0x01f4 PEAUTH - ok
13:56:10.0479 0x01f4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:56:10.0529 0x01f4 PerfHost - ok
13:56:10.0659 0x01f4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:56:10.0809 0x01f4 pla - ok
13:56:10.0889 0x01f4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:56:10.0969 0x01f4 PlugPlay - ok
13:56:10.0999 0x01f4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:56:11.0039 0x01f4 PNRPAutoReg - ok
13:56:11.0069 0x01f4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:56:11.0129 0x01f4 PNRPsvc - ok
13:56:11.0189 0x01f4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:56:11.0319 0x01f4 PolicyAgent - ok
13:56:11.0369 0x01f4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:56:11.0489 0x01f4 Power - ok
13:56:11.0539 0x01f4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:56:11.0619 0x01f4 PptpMiniport - ok
13:56:11.0639 0x01f4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
13:56:11.0699 0x01f4 Processor - ok
13:56:11.0739 0x01f4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
13:56:11.0799 0x01f4 ProfSvc - ok
13:56:11.0819 0x01f4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:56:11.0859 0x01f4 ProtectedStorage - ok
13:56:11.0889 0x01f4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:56:11.0979 0x01f4 Psched - ok
13:56:12.0099 0x01f4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:56:12.0209 0x01f4 ql2300 - ok
13:56:12.0249 0x01f4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:56:12.0279 0x01f4 ql40xx - ok
13:56:12.0319 0x01f4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:56:12.0389 0x01f4 QWAVE - ok
13:56:12.0399 0x01f4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:56:12.0469 0x01f4 QWAVEdrv - ok
13:56:12.0479 0x01f4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:56:12.0559 0x01f4 RasAcd - ok
13:56:12.0599 0x01f4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:56:12.0699 0x01f4 RasAgileVpn - ok
13:56:12.0729 0x01f4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:56:12.0829 0x01f4 RasAuto - ok
13:56:12.0839 0x01f4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:56:12.0929 0x01f4 Rasl2tp - ok
13:56:12.0969 0x01f4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:56:13.0089 0x01f4 RasMan - ok
13:56:13.0109 0x01f4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:56:13.0209 0x01f4 RasPppoe - ok
13:56:13.0229 0x01f4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:56:13.0339 0x01f4 RasSstp - ok
13:56:13.0389 0x01f4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:56:13.0509 0x01f4 rdbss - ok
13:56:13.0539 0x01f4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:56:13.0589 0x01f4 rdpbus - ok
13:56:13.0609 0x01f4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:56:13.0689 0x01f4 RDPCDD - ok
13:56:13.0719 0x01f4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:56:13.0799 0x01f4 RDPENCDD - ok
13:56:13.0820 0x01f4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:56:13.0910 0x01f4 RDPREFMP - ok
13:56:13.0970 0x01f4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:56:14.0050 0x01f4 RDPWD - ok
13:56:14.0090 0x01f4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:56:14.0150 0x01f4 rdyboost - ok
13:56:14.0180 0x01f4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:56:14.0280 0x01f4 RemoteAccess - ok
13:56:14.0330 0x01f4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:56:14.0430 0x01f4 RemoteRegistry - ok
13:56:14.0450 0x01f4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:56:14.0540 0x01f4 RpcEptMapper - ok
13:56:14.0570 0x01f4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:56:14.0610 0x01f4 RpcLocator - ok
13:56:14.0640 0x01f4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:56:14.0760 0x01f4 RpcSs - ok
13:56:14.0840 0x01f4 [ 9D21618E7A3B2C75CF1A2ECBBE723730, BE9BDAA4EC1265A557F25AB368BE05ED72873C4AE45B6CC9111C0D12DB887F59 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
13:56:14.0890 0x01f4 RSPCIESTOR - ok
13:56:14.0940 0x01f4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:56:15.0040 0x01f4 rspndr - ok
13:56:15.0060 0x01f4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
13:56:15.0100 0x01f4 SamSs - ok
13:56:15.0120 0x01f4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:56:15.0160 0x01f4 sbp2port - ok
13:56:15.0192 0x01f4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:56:15.0312 0x01f4 SCardSvr - ok
13:56:15.0322 0x01f4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:56:15.0412 0x01f4 scfilter - ok
13:56:15.0492 0x01f4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
13:56:15.0662 0x01f4 Schedule - ok
13:56:15.0702 0x01f4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:56:15.0792 0x01f4 SCPolicySvc - ok
13:56:15.0822 0x01f4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:56:15.0912 0x01f4 SDRSVC - ok
13:56:15.0962 0x01f4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:56:16.0042 0x01f4 secdrv - ok
13:56:16.0062 0x01f4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:56:16.0152 0x01f4 seclogon - ok
13:56:16.0162 0x01f4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:56:16.0262 0x01f4 SENS - ok
13:56:16.0292 0x01f4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:56:16.0352 0x01f4 SensrSvc - ok
13:56:16.0372 0x01f4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:56:16.0412 0x01f4 Serenum - ok
13:56:16.0442 0x01f4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
13:56:16.0482 0x01f4 Serial - ok
13:56:16.0492 0x01f4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:56:16.0552 0x01f4 sermouse - ok
13:56:16.0582 0x01f4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:56:16.0672 0x01f4 SessionEnv - ok
13:56:16.0722 0x01f4 [ 70F9C476B62DE4F2823E918A6C181ADE, E1A641418A6CB4FA38BB29B86934838B28D8909B8066E5089D85BF72FD61F4C4 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
13:56:16.0772 0x01f4 SFEP - ok
13:56:16.0782 0x01f4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:56:16.0822 0x01f4 sffdisk - ok
13:56:16.0832 0x01f4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:56:16.0872 0x01f4 sffp_mmc - ok
13:56:16.0882 0x01f4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:56:16.0922 0x01f4 sffp_sd - ok
13:56:16.0932 0x01f4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:56:16.0972 0x01f4 sfloppy - ok
13:56:17.0032 0x01f4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:56:17.0142 0x01f4 SharedAccess - ok
13:56:17.0192 0x01f4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:56:17.0302 0x01f4 ShellHWDetection - ok
13:56:17.0372 0x01f4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:56:17.0412 0x01f4 SiSRaid2 - ok
13:56:17.0432 0x01f4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:56:17.0462 0x01f4 SiSRaid4 - ok
13:56:17.0482 0x01f4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:56:17.0582 0x01f4 Smb - ok
13:56:17.0622 0x01f4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:56:17.0672 0x01f4 SNMPTRAP - ok
13:56:17.0692 0x01f4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:56:17.0722 0x01f4 spldr - ok
13:56:17.0772 0x01f4 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
13:56:17.0892 0x01f4 Spooler - ok
13:56:18.0112 0x01f4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:56:18.0382 0x01f4 sppsvc - ok
13:56:18.0402 0x01f4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:56:18.0542 0x01f4 sppuinotify - ok
13:56:18.0582 0x01f4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:56:18.0652 0x01f4 srv - ok
13:56:18.0702 0x01f4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:56:18.0762 0x01f4 srv2 - ok
13:56:18.0802 0x01f4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:56:18.0862 0x01f4 srvnet - ok
13:56:18.0892 0x01f4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:56:19.0002 0x01f4 SSDPSRV - ok
13:56:19.0022 0x01f4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:56:19.0112 0x01f4 SstpSvc - ok
13:56:19.0232 0x01f4 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
13:56:19.0312 0x01f4 ss_conn_service - ok
13:56:19.0352 0x01f4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:56:19.0382 0x01f4 stexstor - ok
13:56:19.0452 0x01f4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:56:19.0532 0x01f4 stisvc - ok
13:56:19.0562 0x01f4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:56:19.0592 0x01f4 swenum - ok
13:56:19.0642 0x01f4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:56:19.0772 0x01f4 swprv - ok
13:56:19.0902 0x01f4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:56:20.0062 0x01f4 SysMain - ok
13:56:20.0082 0x01f4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:56:20.0142 0x01f4 TabletInputService - ok
13:56:20.0162 0x01f4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:56:20.0262 0x01f4 TapiSrv - ok
13:56:20.0299 0x01f4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:56:20.0396 0x01f4 TBS - ok
13:56:20.0560 0x01f4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:56:20.0690 0x01f4 Tcpip - ok
13:56:20.0830 0x01f4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:56:20.0960 0x01f4 TCPIP6 - ok
13:56:21.0060 0x01f4 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:56:21.0150 0x01f4 tcpipreg - ok
13:56:21.0180 0x01f4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:56:21.0250 0x01f4 TDPIPE - ok
13:56:21.0280 0x01f4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:56:21.0330 0x01f4 TDTCP - ok
13:56:21.0370 0x01f4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:56:21.0460 0x01f4 tdx - ok
13:56:21.0470 0x01f4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:56:21.0510 0x01f4 TermDD - ok
13:56:21.0570 0x01f4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
13:56:21.0660 0x01f4 TermService - ok
13:56:21.0700 0x01f4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:56:21.0760 0x01f4 Themes - ok
13:56:21.0790 0x01f4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:56:21.0870 0x01f4 THREADORDER - ok
13:56:21.0890 0x01f4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:56:22.0000 0x01f4 TrkWks - ok
13:56:22.0070 0x01f4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:56:22.0160 0x01f4 TrustedInstaller - ok
13:56:22.0200 0x01f4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:56:22.0230 0x01f4 tssecsrv - ok
13:56:22.0255 0x01f4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:56:22.0305 0x01f4 TsUsbFlt - ok
13:56:22.0325 0x01f4 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:56:22.0375 0x01f4 TsUsbGD - ok
13:56:22.0434 0x01f4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:56:22.0524 0x01f4 tunnel - ok
13:56:22.0534 0x01f4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:56:22.0574 0x01f4 uagp35 - ok
13:56:22.0604 0x01f4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:56:22.0714 0x01f4 udfs - ok
13:56:22.0764 0x01f4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:56:22.0834 0x01f4 UI0Detect - ok
13:56:22.0874 0x01f4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:56:22.0904 0x01f4 uliagpkx - ok
13:56:22.0944 0x01f4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:56:22.0994 0x01f4 umbus - ok
13:56:23.0014 0x01f4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
13:56:23.0064 0x01f4 UmPass - ok
13:56:23.0104 0x01f4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:56:23.0224 0x01f4 upnphost - ok
13:56:23.0264 0x01f4 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:56:23.0324 0x01f4 USBAAPL64 - ok
13:56:23.0384 0x01f4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:56:23.0434 0x01f4 usbccgp - ok
13:56:23.0474 0x01f4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:56:23.0544 0x01f4 usbcir - ok
13:56:23.0594 0x01f4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:56:23.0644 0x01f4 usbehci - ok
13:56:23.0684 0x01f4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:56:23.0744 0x01f4 usbhub - ok
13:56:23.0774 0x01f4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:56:23.0814 0x01f4 usbohci - ok
13:56:23.0844 0x01f4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:56:23.0884 0x01f4 usbprint - ok
13:56:23.0904 0x01f4 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:56:23.0944 0x01f4 USBSTOR - ok
13:56:23.0954 0x01f4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:56:24.0004 0x01f4 usbuhci - ok
13:56:24.0054 0x01f4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:56:24.0104 0x01f4 usbvideo - ok
13:56:24.0134 0x01f4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:56:24.0234 0x01f4 UxSms - ok
13:56:24.0264 0x01f4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
13:56:24.0304 0x01f4 VaultSvc - ok
13:56:24.0334 0x01f4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:56:24.0364 0x01f4 vdrvroot - ok
13:56:24.0424 0x01f4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:56:24.0554 0x01f4 vds - ok
13:56:24.0584 0x01f4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:56:24.0634 0x01f4 vga - ok
13:56:24.0644 0x01f4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:56:24.0734 0x01f4 VgaSave - ok
13:56:24.0764 0x01f4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:56:24.0804 0x01f4 vhdmp - ok
13:56:24.0814 0x01f4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:56:24.0844 0x01f4 viaide - ok
13:56:24.0854 0x01f4 vmci - ok
13:56:24.0884 0x01f4 VMnetAdapter - ok
13:56:24.0904 0x01f4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:56:24.0934 0x01f4 volmgr - ok
13:56:24.0964 0x01f4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:56:25.0014 0x01f4 volmgrx - ok
13:56:25.0044 0x01f4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:56:25.0094 0x01f4 volsnap - ok
13:56:25.0134 0x01f4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:56:25.0166 0x01f4 vsmraid - ok
13:56:25.0296 0x01f4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:56:25.0479 0x01f4 VSS - ok
13:56:25.0513 0x01f4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:56:25.0548 0x01f4 vwifibus - ok
13:56:25.0588 0x01f4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:56:25.0638 0x01f4 vwififlt - ok
13:56:25.0668 0x01f4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:56:25.0738 0x01f4 vwifimp - ok
13:56:25.0768 0x01f4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:56:25.0868 0x01f4 W32Time - ok
13:56:25.0888 0x01f4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:56:25.0938 0x01f4 WacomPen - ok
13:56:25.0968 0x01f4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:56:26.0068 0x01f4 WANARP - ok
13:56:26.0098 0x01f4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:56:26.0178 0x01f4 Wanarpv6 - ok
13:56:26.0278 0x01f4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:56:26.0449 0x01f4 wbengine - ok
13:56:26.0469 0x01f4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:56:26.0549 0x01f4 WbioSrvc - ok
13:56:26.0569 0x01f4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:56:26.0649 0x01f4 wcncsvc - ok
13:56:26.0669 0x01f4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:56:26.0729 0x01f4 WcsPlugInService - ok
13:56:26.0769 0x01f4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
13:56:26.0799 0x01f4 Wd - ok
13:56:26.0879 0x01f4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:56:26.0949 0x01f4 Wdf01000 - ok
13:56:26.0969 0x01f4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:56:27.0089 0x01f4 WdiServiceHost - ok
13:56:27.0099 0x01f4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:56:27.0159 0x01f4 WdiSystemHost - ok
13:56:27.0189 0x01f4 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
13:56:27.0249 0x01f4 WebClient - ok
13:56:27.0279 0x01f4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:56:27.0399 0x01f4 Wecsvc - ok
13:56:27.0429 0x01f4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:56:27.0519 0x01f4 wercplsupport - ok
13:56:27.0539 0x01f4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:56:27.0649 0x01f4 WerSvc - ok
13:56:27.0679 0x01f4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:56:27.0759 0x01f4 WfpLwf - ok
13:56:27.0799 0x01f4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:56:27.0829 0x01f4 WIMMount - ok
13:56:27.0869 0x01f4 WinDefend - ok
13:56:27.0899 0x01f4 WinHttpAutoProxySvc - ok
13:56:27.0979 0x01f4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:56:28.0089 0x01f4 Winmgmt - ok
13:56:28.0249 0x01f4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
13:56:28.0479 0x01f4 WinRM - ok
13:56:28.0559 0x01f4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:56:28.0599 0x01f4 WinUsb - ok
13:56:28.0709 0x01f4 [ D65E2DB7B0E16F8019FB31579FD31352, D5BDE91702EECEB3CCC931C4185967BAE36B603275D92A73358A969F40915E4D ] WiseBootAssistant C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
13:56:28.0789 0x01f4 WiseBootAssistant - ok
13:56:28.0829 0x01f4 [ 96CC61325A387239C1AD3656F9313DEE, 8016B87E57AE3D507D62EE09122A53AD1D3AD9265D0FDF98DCA836295A09D0B5 ] WiseHDInfo C:\Windows\WiseHDInfo64.dll
13:56:28.0849 0x01f4 WiseHDInfo - ok
13:56:28.0899 0x01f4 [ 33B3842172F21BA22982BFB6BFFBDA27, 9D530642AEB6524691D06B9E02A84E3487C9CDD86C264B105035D925C984823A ] WiseUnlock C:\Windows\WiseUnlock64.sys
13:56:28.0929 0x01f4 WiseUnlock - ok
13:56:29.0019 0x01f4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:56:29.0119 0x01f4 Wlansvc - ok
13:56:29.0159 0x01f4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:56:29.0209 0x01f4 WmiAcpi - ok
13:56:29.0259 0x01f4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:56:29.0329 0x01f4 wmiApSrv - ok
13:56:29.0369 0x01f4 WMPNetworkSvc - ok
13:56:29.0399 0x01f4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:56:29.0459 0x01f4 WPCSvc - ok
13:56:29.0489 0x01f4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:56:29.0579 0x01f4 WPDBusEnum - ok
13:56:29.0619 0x01f4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:56:29.0719 0x01f4 ws2ifsl - ok
13:56:29.0739 0x01f4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:56:29.0799 0x01f4 wscsvc - ok
13:56:29.0809 0x01f4 WSearch - ok
13:56:29.0999 0x01f4 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
13:56:30.0249 0x01f4 wuauserv - ok
13:56:30.0269 0x01f4 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:56:30.0359 0x01f4 WudfPf - ok
13:56:30.0409 0x01f4 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:56:30.0509 0x01f4 WUDFRd - ok
13:56:30.0539 0x01f4 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:56:30.0633 0x01f4 wudfsvc - ok
13:56:30.0671 0x01f4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:56:30.0731 0x01f4 WwanSvc - ok
13:56:30.0791 0x01f4 ================ Scan global ===============================
13:56:30.0831 0x01f4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:56:30.0881 0x01f4 [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
13:56:30.0921 0x01f4 [ A171AC55EE4B4EE35C18EF0977017A72, E0E3E3B1C3708C30C7292CA09E41CA6C49EB850699126C6D2C0383A72C0097A6 ] C:\Windows\system32\winsrv.dll
13:56:30.0971 0x01f4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:56:31.0031 0x01f4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:56:31.0051 0x01f4 [ Global ] - ok
13:56:31.0061 0x01f4 ================ Scan MBR ==================================
13:56:31.0088 0x01f4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:56:32.0353 0x01f4 \Device\Harddisk0\DR0 - ok
13:56:32.0353 0x01f4 ================ Scan VBR ==================================
13:56:32.0363 0x01f4 [ 0E2B19FE6733ED0CC14D7BA9FEA50DA6 ] \Device\Harddisk0\DR0\Partition1
13:56:32.0373 0x01f4 \Device\Harddisk0\DR0\Partition1 - ok
13:56:32.0383 0x01f4 [ E1B3B2A8D788ED5F95AE6ED738D587C1 ] \Device\Harddisk0\DR0\Partition2
13:56:32.0383 0x01f4 \Device\Harddisk0\DR0\Partition2 - ok
13:56:32.0383 0x01f4 ================ Scan generic autorun ======================
13:56:32.0515 0x01f4 [ 7C3218CE118044136BF3FFD00755A70C, 1A0E428314787442D82B6255BEFE63EBC35AAF793CE753BA876A58AA0D4C0AB6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:56:32.0571 0x01f4 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
13:56:35.0067 0x01f4 Detect skipped due to KSN trusted
13:56:35.0067 0x01f4 StartCCC - ok
13:56:35.0627 0x01f4 [ D6FE9E0F705794A86F87A01B222290EF, 92EE74775E39B6CC83C5B8D80239D7C475825057E31CC3A8D85D152FD77F7F8A ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:56:35.0979 0x01f4 AvastUI.exe - ok
13:56:36.0139 0x01f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:56:36.0279 0x01f4 Sidebar - ok
13:56:36.0319 0x01f4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:56:36.0389 0x01f4 mctadmin - ok
13:56:36.0469 0x01f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:56:36.0581 0x01f4 Sidebar - ok
13:56:36.0591 0x01f4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:56:36.0651 0x01f4 mctadmin - ok
13:56:36.0764 0x01f4 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
13:56:36.0835 0x01f4 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
13:56:46.0995 0x01f4 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - warning
13:56:46.0995 0x01f4 Force sending object to P2P due to detect: C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
13:56:52.0926 0x01f4 Object send P2P result: true
13:56:55.0398 0x01f4 Web Companion - ok
13:56:55.0618 0x01f4 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
13:56:55.0628 0x01f4 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41010 ( enabled )
13:56:58.0102 0x01f4 ============================================================
13:56:58.0102 0x01f4 Scan finished
13:56:58.0102 0x01f4 ============================================================
13:56:58.0122 0x0a48 Detected object count: 1
13:56:58.0122 0x0a48 Actual detected object count: 1
13:57:17.0823 0x0a48 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:17.0823 0x0a48 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:57:40.0202 0x0980 Deinitialize success
Geändert von mope1234 (08.08.2015 um 12:16 Uhr) |
|
08.08.2015, 13:40
| #7 |
| | iexplore.exe virus und ständige browser AbstürzeCode:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17414
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.645000 GHz
Memory total: 3870191616, free: 1585704960
Downloaded database version: v2015.08.07.06
Downloaded database version: v2015.08.06.01
Downloaded database version: v2015.07.28.01
=======================================
Initializing...
------------ Kernel report ------------
08/08/2015 11:57:18
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\mmdprbgk.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdisFlt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Windows\WiseUnlock64.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Windows\WiseFs64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\psapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\advapi32.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\kernel32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.07.06
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2904F801
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 25173792
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 25173855 Numsec = 208845
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 25382700 Numsec = 463012420
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\GrimeFighter2.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\SpamEngine.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\StreamFilter.log" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VF" is compressed (flags = 1)
Scan Interrupted
Scan Interrupted
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17414
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.645000 GHz
Memory total: 3870191616, free: 1334071296
Downloaded database version: v2015.08.08.01
=======================================
Initializing...
------------ Kernel report ------------
08/08/2015 12:31:30
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\mmdprbgk.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdisFlt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Windows\WiseUnlock64.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Windows\WiseFs64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\psapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\advapi32.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\kernel32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.08.01
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2904F801
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 25173792
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 25173855 Numsec = 208845
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 25382700 Numsec = 463012420
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\GrimeFighter2.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\SpamEngine.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\StreamFilter.log" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VF" is compressed (flags = 1)
Scan Interrupted
Scan Interrupted
Scan Interrupted
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17414
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.645000 GHz
Memory total: 3870191616, free: 1507074048
Downloaded database version: v2015.08.08.01
Downloaded database version: v2015.08.06.01
Downloaded database version: v2015.07.28.01
=======================================
Initializing...
------------ Kernel report ------------
08/08/2015 13:00:12
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\mmdprbgk.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdisFlt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Windows\WiseUnlock64.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Windows\WiseFs64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\psapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\advapi32.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\kernel32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.08.01
rootkit: v2015.08.06.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8003d90700, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8003d90150, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8003d90700, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003c16680, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2904F801
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 25173792
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 25173855 Numsec = 208845
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 25382700 Numsec = 463012420
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\GrimeFighter2.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\SpamEngine.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\StreamFilter.log" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VF" is compressed (flags = 1)
Scan Interrupted
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17414
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.645000 GHz
Memory total: 3870191616, free: 1439924224
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17414
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.645000 GHz
Memory total: 3870191616, free: 2112278528
=======================================
Initializing...
------------ Kernel report ------------
08/08/2015 13:23:23
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\mmdprbgk.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdisFlt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Windows\WiseUnlock64.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Windows\WiseFs64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\psapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\advapi32.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\kernel32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.08.01
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2904F801
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 25173792
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 25173855 Numsec = 208845
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 25382700 Numsec = 463012420
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\GrimeFighter2.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\SpamEngine.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\StreamFilter.log" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VF" is compressed (flags = 1)
Scan Interrupted
Scan Interrupted
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17414
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.645000 GHz
Memory total: 3870191616, free: 1745649664
=======================================
Initializing...
------------ Kernel report ------------
08/08/2015 13:39:58
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\mmdprbgk.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdisFlt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\Windows\WiseUnlock64.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Windows\WiseFs64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\psapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\advapi32.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\kernel32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.08.01
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2904F801
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 25173792
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 25173855 Numsec = 208845
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 25382700 Numsec = 463012420
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\GrimeFighter2.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\SpamEngine.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\StreamFilter.log" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-D030063FB749176548B3835CD2908AB19A9A6E6D.bin.VF" is compressed (flags = 1)
Scan Interrupted
Scan Interrupted
|
|
09.08.2015, 07:15
| #8 |
| /// the machine /// TB-Ausbilder | iexplore.exe virus und ständige browser Abstürze Kann passieren, ja  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu iexplore.exe virus und ständige browser Abstürze |
| abstürze, auslastung, avast, browser, browser absturz, chrome, cpu, cpu auslastung, einfach, einiger, geht nicht, gelöst, iexplore.exe, iexplore.exe virus, immer wieder, malware, nichts, problem, problem gelöst, probleme, scan, schließe, schließen, ständige, taskma, taskmanager, virus, öffnet |
dann auf 
und dann auf 
. 
Linear-Darstellung
