Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: BOO/TDss.O Virus gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.12.2013, 08:53   #1
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Hi,

ich wurden von avira auf folgendes hingewiesen:

Code:
ATTFilter
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder 
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
         
Jetzt bin ich auf euer tolles Forum gestoßen und bin teilweise fündig geworden. Ich hab mir mal den TDSSKiller downgeloadet und daraus folgendes logfile erhalten:

Code:
ATTFilter
09:01:57.0062 0x1578  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
09:02:00.0193 0x1578  ============================================================
09:02:00.0193 0x1578  Current date / time: 2013/12/02 09:02:00.0193
09:02:00.0193 0x1578  SystemInfo:
09:02:00.0193 0x1578  
09:02:00.0193 0x1578  OS Version: 6.1.7601 ServicePack: 1.0
09:02:00.0193 0x1578  Product type: Workstation
09:02:00.0194 0x1578  ComputerName: MEINER
09:02:00.0194 0x1578  UserName: Richi
09:02:00.0194 0x1578  Windows directory: C:\Windows
09:02:00.0194 0x1578  System windows directory: C:\Windows
09:02:00.0194 0x1578  Running under WOW64
09:02:00.0194 0x1578  Processor architecture: Intel x64
09:02:00.0194 0x1578  Number of processors: 4
09:02:00.0194 0x1578  Page size: 0x1000
09:02:00.0194 0x1578  Boot type: Normal boot
09:02:00.0194 0x1578  ============================================================
09:02:00.0881 0x1578  KLMD registered as C:\Windows\system32\drivers\66739218.sys
09:02:01.0126 0x1578  System UUID: {9B46AF8B-8495-C385-0BD8-CEB1480BA967}
09:02:01.0915 0x1578  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:02:01.0923 0x1578  ============================================================
09:02:01.0923 0x1578  \Device\Harddisk0\DR0:
09:02:01.0924 0x1578  MBR partitions:
09:02:01.0924 0x1578  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
09:02:01.0924 0x1578  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2B879904
09:02:01.0924 0x1578  ============================================================
09:02:01.0948 0x1578  C: <-> \Device\Harddisk0\DR0\Partition2
09:02:01.0949 0x1578  ============================================================
09:02:01.0949 0x1578  Initialize success
09:02:01.0949 0x1578  ============================================================
09:02:37.0707 0x1398  ============================================================
09:02:37.0707 0x1398  Scan started
09:02:37.0707 0x1398  Mode: Manual; SigCheck; TDLFS; 
09:02:37.0707 0x1398  ============================================================
09:02:37.0707 0x1398  KSN ping started
09:03:12.0438 0x1398  KSN ping finished: false
09:03:13.0654 0x1398  ================ Scan system memory ========================
09:03:13.0654 0x1398  System memory - ok
09:03:13.0654 0x1398  ================ Scan services =============================
09:03:13.0857 0x1398  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:03:13.0998 0x1398  1394ohci - ok
09:03:14.0107 0x1398  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:03:14.0138 0x1398  ACPI - ok
09:03:14.0200 0x1398  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:03:14.0310 0x1398  AcpiPmi - ok
09:03:14.0450 0x1398  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:03:14.0481 0x1398  AdobeARMservice - ok
09:03:14.0653 0x1398  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:03:14.0684 0x1398  AdobeFlashPlayerUpdateSvc - ok
09:03:14.0778 0x1398  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:03:14.0840 0x1398  adp94xx - ok
09:03:14.0871 0x1398  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:03:14.0902 0x1398  adpahci - ok
09:03:14.0918 0x1398  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:03:14.0949 0x1398  adpu320 - ok
09:03:14.0980 0x1398  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:03:15.0043 0x1398  AeLookupSvc - ok
09:03:15.0152 0x1398  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
09:03:15.0261 0x1398  AFD - ok
09:03:15.0324 0x1398  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:03:15.0355 0x1398  agp440 - ok
09:03:15.0402 0x1398  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:03:15.0464 0x1398  ALG - ok
09:03:15.0511 0x1398  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:03:15.0542 0x1398  aliide - ok
09:03:15.0620 0x1398  [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:03:15.0714 0x1398  AMD External Events Utility - ok
09:03:15.0745 0x1398  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:03:15.0776 0x1398  amdide - ok
09:03:15.0807 0x1398  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:03:15.0885 0x1398  AmdK8 - ok
09:03:16.0135 0x1398  [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
09:03:16.0540 0x1398  amdkmdag - ok
09:03:16.0587 0x1398  [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:03:16.0618 0x1398  amdkmdap - ok
09:03:16.0650 0x1398  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:03:16.0681 0x1398  AmdPPM - ok
09:03:16.0759 0x1398  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:03:16.0774 0x1398  amdsata - ok
09:03:16.0806 0x1398  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:03:16.0837 0x1398  amdsbs - ok
09:03:16.0852 0x1398  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:03:16.0868 0x1398  amdxata - ok
09:03:16.0915 0x1398  [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
09:03:17.0008 0x1398  androidusb - ok
09:03:17.0242 0x1398  [ 02E2B39AFE9EA2AEC4B15B20A0A4C3A6, 5F345F7CDF7F464DACB72D10B287774799DF990A134608F6920B9B810FC8347D ] ANSYS, Inc. License Manager C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
09:03:17.0414 0x1398  ANSYS, Inc. License Manager - detected UnsignedFile.Multi.Generic ( 1 )
09:03:23.0997 0x1398  Detect skipped due to KSN trusted
09:03:23.0997 0x1398  ANSYS, Inc. License Manager - ok
09:03:24.0247 0x1398  [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:03:24.0278 0x1398  AntiVirSchedulerService - ok
09:03:24.0403 0x1398  [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:03:24.0434 0x1398  AntiVirService - ok
09:03:24.0543 0x1398  [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
09:03:24.0684 0x1398  AntiVirWebService - ok
09:03:24.0746 0x1398  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
09:03:24.0980 0x1398  AppID - ok
09:03:25.0011 0x1398  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:03:25.0074 0x1398  AppIDSvc - ok
09:03:25.0167 0x1398  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
09:03:25.0230 0x1398  Appinfo - ok
09:03:25.0276 0x1398  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:03:25.0308 0x1398  arc - ok
09:03:25.0323 0x1398  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:03:25.0339 0x1398  arcsas - ok
09:03:25.0479 0x1398  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:03:25.0542 0x1398  aspnet_state - ok
09:03:25.0604 0x1398  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:03:25.0666 0x1398  AsyncMac - ok
09:03:25.0729 0x1398  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:03:25.0744 0x1398  atapi - ok
09:03:25.0807 0x1398  [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
09:03:25.0869 0x1398  AtiHdmiService - ok
09:03:25.0947 0x1398  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:03:26.0119 0x1398  AudioEndpointBuilder - ok
09:03:26.0166 0x1398  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:03:26.0228 0x1398  AudioSrv - ok
09:03:26.0337 0x1398  [ 0909E9AD4019AFF25C58E0DFFDCD744E, D1C1A6C7C1EABAC32B24C45E3E6BE3BC7C74A46996CFA6697E7A98E1A6D05531 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
09:03:26.0368 0x1398  avgntflt - ok
09:03:26.0431 0x1398  [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
09:03:26.0462 0x1398  avipbb - ok
09:03:26.0524 0x1398  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
09:03:26.0540 0x1398  avkmgr - ok
09:03:26.0587 0x1398  [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
09:03:26.0618 0x1398  avnetflt - ok
09:03:26.0665 0x1398  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:03:26.0790 0x1398  AxInstSV - ok
09:03:26.0852 0x1398  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:03:26.0961 0x1398  b06bdrv - ok
09:03:27.0008 0x1398  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:03:27.0086 0x1398  b57nd60a - ok
09:03:27.0226 0x1398  [ B44879610F2DC4A046B14BEFA3AE72DE, B9C17872E0DA23A495B6EC4D4C249AA96F82409DD83B6A17F557D9171D1D7089 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
09:03:27.0429 0x1398  BCM43XX - ok
09:03:27.0460 0x1398  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:03:27.0523 0x1398  BDESVC - ok
09:03:27.0570 0x1398  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:03:27.0663 0x1398  Beep - ok
09:03:27.0741 0x1398  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:03:27.0835 0x1398  BFE - ok
09:03:27.0882 0x1398  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:03:28.0006 0x1398  BITS - ok
09:03:28.0053 0x1398  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:03:28.0100 0x1398  blbdrive - ok
09:03:28.0147 0x1398  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:03:28.0209 0x1398  bowser - ok
09:03:28.0240 0x1398  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:03:28.0318 0x1398  BrFiltLo - ok
09:03:28.0334 0x1398  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:03:28.0350 0x1398  BrFiltUp - ok
09:03:28.0412 0x1398  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:03:28.0459 0x1398  Browser - ok
09:03:28.0490 0x1398  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:03:28.0568 0x1398  Brserid - ok
09:03:28.0584 0x1398  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:03:28.0630 0x1398  BrSerWdm - ok
09:03:28.0677 0x1398  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:03:28.0740 0x1398  BrUsbMdm - ok
09:03:28.0755 0x1398  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:03:28.0786 0x1398  BrUsbSer - ok
09:03:28.0880 0x1398  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
09:03:28.0989 0x1398  BthEnum - ok
09:03:29.0036 0x1398  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:03:29.0083 0x1398  BTHMODEM - ok
09:03:29.0114 0x1398  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:03:29.0161 0x1398  BthPan - ok
09:03:29.0254 0x1398  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
09:03:29.0332 0x1398  BTHPORT - ok
09:03:29.0379 0x1398  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:03:29.0442 0x1398  bthserv - ok
09:03:29.0520 0x1398  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
09:03:29.0566 0x1398  BTHUSB - ok
09:03:29.0598 0x1398  [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
09:03:29.0613 0x1398  btusbflt - ok
09:03:29.0660 0x1398  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:03:29.0738 0x1398  cdfs - ok
09:03:29.0800 0x1398  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:03:29.0847 0x1398  cdrom - ok
09:03:29.0925 0x1398  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:03:30.0003 0x1398  CertPropSvc - ok
09:03:30.0050 0x1398  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:03:30.0112 0x1398  circlass - ok
09:03:30.0175 0x1398  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:03:30.0237 0x1398  CLFS - ok
09:03:30.0315 0x1398  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:03:30.0346 0x1398  clr_optimization_v2.0.50727_32 - ok
09:03:30.0362 0x1398  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:03:30.0378 0x1398  clr_optimization_v2.0.50727_64 - ok
09:03:30.0518 0x1398  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:03:30.0596 0x1398  clr_optimization_v4.0.30319_32 - ok
09:03:30.0627 0x1398  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:03:30.0705 0x1398  clr_optimization_v4.0.30319_64 - ok
09:03:30.0721 0x1398  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:03:30.0768 0x1398  CmBatt - ok
09:03:30.0814 0x1398  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:03:30.0846 0x1398  cmdide - ok
09:03:30.0908 0x1398  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
09:03:30.0986 0x1398  CNG - ok
09:03:31.0017 0x1398  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:03:31.0033 0x1398  Compbatt - ok
09:03:31.0095 0x1398  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:03:31.0158 0x1398  CompositeBus - ok
09:03:31.0204 0x1398  COMSysApp - ok
09:03:31.0236 0x1398  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:03:31.0267 0x1398  crcdisk - ok
09:03:31.0314 0x1398  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:03:31.0392 0x1398  CryptSvc - ok
09:03:31.0454 0x1398  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
09:03:31.0470 0x1398  CVirtA - ok
09:03:31.0610 0x1398  [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
09:03:31.0719 0x1398  CVPND - ok
09:03:31.0750 0x1398  [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
09:03:31.0766 0x1398  CVPNDRVA - ok
09:03:31.0844 0x1398  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:03:31.0922 0x1398  DcomLaunch - ok
09:03:31.0969 0x1398  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:03:32.0094 0x1398  defragsvc - ok
09:03:32.0140 0x1398  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:03:32.0203 0x1398  DfsC - ok
09:03:32.0281 0x1398  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:03:32.0374 0x1398  Dhcp - ok
09:03:32.0406 0x1398  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:03:32.0452 0x1398  discache - ok
09:03:32.0484 0x1398  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:03:32.0499 0x1398  Disk - ok
09:03:32.0577 0x1398  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
09:03:32.0608 0x1398  DNE - ok
09:03:32.0671 0x1398  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:03:32.0733 0x1398  Dnscache - ok
09:03:32.0780 0x1398  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:03:32.0874 0x1398  dot3svc - ok
09:03:32.0952 0x1398  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
09:03:33.0030 0x1398  Dot4 - ok
09:03:33.0061 0x1398  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:03:33.0108 0x1398  Dot4Print - ok
09:03:33.0139 0x1398  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
09:03:33.0186 0x1398  dot4usb - ok
09:03:33.0248 0x1398  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:03:33.0326 0x1398  DPS - ok
09:03:33.0373 0x1398  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:03:33.0420 0x1398  drmkaud - ok
09:03:33.0498 0x1398  [ 61E894FE1E9CC720C909E6E343351794, 2C8540ED0A2C7028B242289078B4C2D8678D26FB7429AB3B33C136BB47B178C3 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:03:33.0544 0x1398  DsiWMIService - ok
09:03:33.0607 0x1398  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:03:33.0669 0x1398  dtsoftbus01 - ok
09:03:33.0747 0x1398  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:03:33.0825 0x1398  DXGKrnl - ok
09:03:33.0856 0x1398  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:03:33.0919 0x1398  EapHost - ok
09:03:34.0075 0x1398  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:03:34.0278 0x1398  ebdrv - ok
09:03:34.0340 0x1398  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
09:03:34.0387 0x1398  EFS - ok
09:03:34.0512 0x1398  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:03:34.0636 0x1398  ehRecvr - ok
09:03:34.0668 0x1398  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:03:34.0761 0x1398  ehSched - ok
09:03:34.0824 0x1398  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
09:03:34.0855 0x1398  ElbyCDFL - ok
09:03:34.0902 0x1398  [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
09:03:34.0933 0x1398  ElbyCDIO - ok
09:03:34.0995 0x1398  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:03:35.0042 0x1398  elxstor - ok
09:03:35.0167 0x1398  [ 49EEF52BFB986A2B5D70F4EC12637D7B, C42C93EC36B4BD0AFF4248AD571F56FB5F39D5C57B93C01EBB34997A262E41A9 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
09:03:35.0229 0x1398  ePowerSvc - ok
09:03:35.0292 0x1398  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
09:03:35.0354 0x1398  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
09:03:38.0193 0x1398  Detect skipped due to KSN trusted
09:03:38.0193 0x1398  EpsonBidirectionalService - ok
09:03:38.0287 0x1398  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:03:38.0318 0x1398  ErrDev - ok
09:03:38.0412 0x1398  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:03:38.0505 0x1398  EventSystem - ok
09:03:38.0552 0x1398  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:03:38.0599 0x1398  exfat - ok
09:03:38.0630 0x1398  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:03:38.0692 0x1398  fastfat - ok
09:03:38.0786 0x1398  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:03:38.0880 0x1398  Fax - ok
09:03:38.0911 0x1398  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:03:38.0958 0x1398  fdc - ok
09:03:39.0004 0x1398  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:03:39.0082 0x1398  fdPHost - ok
09:03:39.0114 0x1398  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:03:39.0176 0x1398  FDResPub - ok
09:03:39.0207 0x1398  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:03:39.0223 0x1398  FileInfo - ok
09:03:39.0254 0x1398  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:03:39.0316 0x1398  Filetrace - ok
09:03:39.0394 0x1398  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:03:39.0472 0x1398  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:03:46.0024 0x1398  Detect skipped due to KSN trusted
09:03:46.0024 0x1398  FLEXnet Licensing Service - ok
09:03:46.0102 0x1398  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:03:46.0134 0x1398  flpydisk - ok
09:03:46.0180 0x1398  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:03:46.0243 0x1398  FltMgr - ok
09:03:46.0336 0x1398  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
09:03:46.0430 0x1398  FontCache - ok
09:03:46.0492 0x1398  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:03:46.0524 0x1398  FontCache3.0.0.0 - ok
09:03:46.0555 0x1398  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:03:46.0570 0x1398  FsDepends - ok
09:03:46.0617 0x1398  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:03:46.0648 0x1398  Fs_Rec - ok
09:03:46.0711 0x1398  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:03:46.0758 0x1398  fvevol - ok
09:03:46.0773 0x1398  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:03:46.0789 0x1398  gagp30kx - ok
09:03:46.0882 0x1398  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:03:46.0976 0x1398  gpsvc - ok
09:03:47.0101 0x1398  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
09:03:47.0132 0x1398  Greg_Service - ok
09:03:47.0241 0x1398  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:03:47.0257 0x1398  gupdate - ok
09:03:47.0272 0x1398  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:03:47.0288 0x1398  gupdatem - ok
09:03:47.0366 0x1398  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:03:47.0397 0x1398  gusvc - ok
09:03:47.0428 0x1398  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:03:47.0491 0x1398  hcw85cir - ok
09:03:47.0569 0x1398  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:03:47.0631 0x1398  HdAudAddService - ok
09:03:47.0662 0x1398  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:03:47.0709 0x1398  HDAudBus - ok
09:03:47.0756 0x1398  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
09:03:47.0772 0x1398  HECIx64 - ok
09:03:47.0803 0x1398  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:03:47.0865 0x1398  HidBatt - ok
09:03:47.0881 0x1398  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:03:47.0943 0x1398  HidBth - ok
09:03:47.0974 0x1398  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:03:47.0990 0x1398  HidIr - ok
09:03:48.0021 0x1398  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:03:48.0099 0x1398  hidserv - ok
09:03:48.0162 0x1398  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
09:03:48.0193 0x1398  HidUsb - ok
09:03:48.0240 0x1398  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:03:48.0318 0x1398  hkmsvc - ok
09:03:48.0396 0x1398  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:03:48.0489 0x1398  HomeGroupListener - ok
09:03:48.0536 0x1398  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:03:48.0598 0x1398  HomeGroupProvider - ok
09:03:48.0661 0x1398  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:03:48.0692 0x1398  HpSAMD - ok
09:03:48.0832 0x1398  [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
09:03:49.0363 0x1398  HPSLPSVC - ok
09:03:49.0425 0x1398  [ CF44B25AE808765D7308F412AD492DDB, 97A16ACCD6D624B2A57DDA913C8005320FF91542C0EF7F39456741D99D7B2725 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
09:03:49.0503 0x1398  HTCAND64 - ok
09:03:49.0566 0x1398  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
09:03:49.0597 0x1398  htcnprot - ok
09:03:49.0690 0x1398  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:03:49.0768 0x1398  HTTP - ok
09:03:49.0815 0x1398  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:03:49.0831 0x1398  hwpolicy - ok
09:03:49.0893 0x1398  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:03:49.0924 0x1398  i8042prt - ok
09:03:49.0987 0x1398  [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:03:50.0018 0x1398  iaStor - ok
09:03:50.0065 0x1398  [ 48362E5DB5CB2C000C514EE1F3890ACD, 561FB7BE085A624770832B0138DA1B9859981BCC66540A8F98D9F7D5B8EE6707 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:03:50.0096 0x1398  IAStorDataMgrSvc - ok
09:03:50.0143 0x1398  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:03:50.0190 0x1398  iaStorV - ok
09:03:50.0299 0x1398  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:03:50.0424 0x1398  idsvc - ok
09:03:50.0470 0x1398  IEEtwCollectorService - ok
09:03:50.0502 0x1398  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:03:50.0533 0x1398  iirsp - ok
09:03:50.0642 0x1398  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:03:50.0767 0x1398  IKEEXT - ok
09:03:50.0829 0x1398  [ C48567D80AD357613CD0EEADE18780AE, AFFAB3C915C5B48A39F7F8F9438A3085DBEBA1E431DD35861A5A08EA1CBE4D37 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
09:03:50.0907 0x1398  Impcd - ok
09:03:51.0063 0x1398  [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:03:51.0282 0x1398  IntcAzAudAddService - ok
09:03:51.0344 0x1398  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:03:51.0360 0x1398  intelide - ok
09:03:51.0406 0x1398  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:03:51.0453 0x1398  intelppm - ok
09:03:51.0500 0x1398  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:03:51.0562 0x1398  IPBusEnum - ok
09:03:51.0609 0x1398  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:03:51.0687 0x1398  IpFilterDriver - ok
09:03:51.0781 0x1398  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:03:51.0890 0x1398  iphlpsvc - ok
09:03:51.0937 0x1398  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:03:51.0968 0x1398  IPMIDRV - ok
09:03:51.0999 0x1398  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:03:52.0062 0x1398  IPNAT - ok
09:03:52.0093 0x1398  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:03:52.0202 0x1398  IRENUM - ok
09:03:52.0264 0x1398  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:03:52.0280 0x1398  isapnp - ok
09:03:52.0327 0x1398  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:03:52.0374 0x1398  iScsiPrt - ok
09:03:52.0420 0x1398  [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:03:52.0436 0x1398  IviRegMgr - ok
09:03:52.0483 0x1398  [ C9B4ECC187581E5BF3F76648884B7829, D4DDFDD92FEFDFAF293633C2B3860C37D7DC59965170E55AD181EFAFCFD1DB13 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
09:03:52.0514 0x1398  k57nd60a - ok
09:03:52.0561 0x1398  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:03:52.0608 0x1398  kbdclass - ok
09:03:52.0654 0x1398  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:03:52.0701 0x1398  kbdhid - ok
09:03:52.0717 0x1398  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
09:03:52.0732 0x1398  KeyIso - ok
09:03:52.0779 0x1398  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:03:52.0795 0x1398  KSecDD - ok
09:03:52.0826 0x1398  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:03:52.0842 0x1398  KSecPkg - ok
09:03:52.0888 0x1398  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:03:52.0966 0x1398  ksthunk - ok
09:03:52.0998 0x1398  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:03:53.0107 0x1398  KtmRm - ok
09:03:53.0185 0x1398  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:03:53.0278 0x1398  LanmanServer - ok
09:03:53.0325 0x1398  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:03:53.0419 0x1398  LanmanWorkstation - ok
09:03:53.0450 0x1398  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:03:53.0497 0x1398  lltdio - ok
09:03:53.0528 0x1398  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:03:53.0590 0x1398  lltdsvc - ok
09:03:53.0622 0x1398  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:03:53.0653 0x1398  lmhosts - ok
09:03:53.0762 0x1398  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:03:53.0809 0x1398  LMS - ok
09:03:53.0856 0x1398  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:03:53.0871 0x1398  LSI_FC - ok
09:03:53.0887 0x1398  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:03:53.0918 0x1398  LSI_SAS - ok
09:03:53.0934 0x1398  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:03:53.0949 0x1398  LSI_SAS2 - ok
09:03:53.0965 0x1398  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:03:53.0996 0x1398  LSI_SCSI - ok
09:03:54.0012 0x1398  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:03:54.0090 0x1398  luafv - ok
09:03:54.0152 0x1398  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:03:54.0230 0x1398  Mcx2Svc - ok
09:03:54.0246 0x1398  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:03:54.0261 0x1398  megasas - ok
09:03:54.0292 0x1398  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:03:54.0324 0x1398  MegaSR - ok
09:03:54.0433 0x1398  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
09:03:54.0464 0x1398  Microsoft Office Groove Audit Service - ok
09:03:54.0480 0x1398  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:03:54.0558 0x1398  MMCSS - ok
09:03:54.0589 0x1398  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:03:54.0651 0x1398  Modem - ok
09:03:54.0682 0x1398  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:03:54.0729 0x1398  monitor - ok
09:03:54.0807 0x1398  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:03:54.0838 0x1398  mouclass - ok
09:03:54.0870 0x1398  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:03:54.0901 0x1398  mouhid - ok
09:03:54.0979 0x1398  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:03:54.0994 0x1398  mountmgr - ok
09:03:55.0088 0x1398  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:03:55.0135 0x1398  MozillaMaintenance - ok
09:03:55.0182 0x1398  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:03:55.0197 0x1398  mpio - ok
09:03:55.0244 0x1398  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:03:55.0306 0x1398  mpsdrv - ok
09:03:55.0400 0x1398  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:03:55.0525 0x1398  MpsSvc - ok
09:03:55.0572 0x1398  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:03:55.0618 0x1398  MRxDAV - ok
09:03:55.0650 0x1398  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:03:55.0712 0x1398  mrxsmb - ok
09:03:55.0743 0x1398  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:03:55.0790 0x1398  mrxsmb10 - ok
09:03:55.0806 0x1398  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:03:55.0852 0x1398  mrxsmb20 - ok
09:03:55.0884 0x1398  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:03:55.0899 0x1398  msahci - ok
09:03:55.0915 0x1398  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:03:55.0930 0x1398  msdsm - ok
09:03:55.0946 0x1398  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:03:55.0993 0x1398  MSDTC - ok
09:03:56.0040 0x1398  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:03:56.0086 0x1398  Msfs - ok
09:03:56.0118 0x1398  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:03:56.0180 0x1398  mshidkmdf - ok
09:03:56.0211 0x1398  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:03:56.0227 0x1398  msisadrv - ok
09:03:56.0274 0x1398  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:03:56.0352 0x1398  MSiSCSI - ok
09:03:56.0352 0x1398  msiserver - ok
09:03:56.0383 0x1398  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:03:56.0414 0x1398  MSKSSRV - ok
09:03:56.0430 0x1398  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:03:56.0492 0x1398  MSPCLOCK - ok
09:03:56.0508 0x1398  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:03:56.0601 0x1398  MSPQM - ok
09:03:56.0648 0x1398  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:03:56.0695 0x1398  MsRPC - ok
09:03:56.0742 0x1398  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:03:56.0773 0x1398  mssmbios - ok
09:03:56.0804 0x1398  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:03:56.0866 0x1398  MSTEE - ok
09:03:56.0882 0x1398  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:03:56.0913 0x1398  MTConfig - ok
09:03:56.0944 0x1398  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:03:56.0960 0x1398  Mup - ok
09:03:57.0022 0x1398  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:03:57.0116 0x1398  napagent - ok
09:03:57.0178 0x1398  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:03:57.0256 0x1398  NativeWifiP - ok
09:03:57.0319 0x1398  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:03:57.0350 0x1398  NDIS - ok
09:03:57.0366 0x1398  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:03:57.0412 0x1398  NdisCap - ok
09:03:57.0444 0x1398  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:03:57.0522 0x1398  NdisTapi - ok
09:03:57.0584 0x1398  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:03:57.0631 0x1398  Ndisuio - ok
09:03:57.0678 0x1398  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:03:57.0771 0x1398  NdisWan - ok
09:03:57.0818 0x1398  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:03:57.0896 0x1398  NDProxy - ok
09:03:57.0958 0x1398  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:03:57.0990 0x1398  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:04:08.0086 0x1398  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:04:08.0086 0x1398  Force sending object to P2P due to detect: C:\Windows\system32\HPZinw12.dll
09:04:28.0086 0x1398  Object send P2P result: false
09:04:30.0866 0x1398  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:04:30.0946 0x1398  NetBIOS - ok
09:04:31.0006 0x1398  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:04:31.0076 0x1398  NetBT - ok
09:04:31.0106 0x1398  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
09:04:31.0116 0x1398  Netlogon - ok
09:04:31.0156 0x1398  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:04:31.0246 0x1398  Netman - ok
09:04:31.0316 0x1398  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0356 0x1398  NetMsmqActivator - ok
09:04:31.0366 0x1398  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0386 0x1398  NetPipeActivator - ok
09:04:31.0406 0x1398  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:04:31.0476 0x1398  netprofm - ok
09:04:31.0486 0x1398  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0496 0x1398  NetTcpActivator - ok
09:04:31.0506 0x1398  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:04:31.0516 0x1398  NetTcpPortSharing - ok
09:04:31.0786 0x1398  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
09:04:32.0206 0x1398  NETw5s64 - ok
09:04:32.0256 0x1398  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:04:32.0276 0x1398  nfrd960 - ok
09:04:32.0326 0x1398  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:04:32.0386 0x1398  NlaSvc - ok
09:04:32.0416 0x1398  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:04:32.0466 0x1398  Npfs - ok
09:04:32.0486 0x1398  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:04:32.0566 0x1398  nsi - ok
09:04:32.0586 0x1398  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:04:32.0646 0x1398  nsiproxy - ok
09:04:32.0736 0x1398  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:04:32.0846 0x1398  Ntfs - ok
09:04:32.0946 0x1398  [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:04:32.0966 0x1398  NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:04:35.0706 0x1398  Detect skipped due to KSN trusted
09:04:35.0706 0x1398  NTI IScheduleSvc - ok
09:04:35.0806 0x1398  [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
09:04:35.0836 0x1398  NTIBackupSvc - ok
09:04:35.0856 0x1398  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
09:04:35.0876 0x1398  NTIDrvr - ok
09:04:35.0896 0x1398  [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
09:04:35.0946 0x1398  NTISchedulerSvc - ok
09:04:35.0986 0x1398  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:04:36.0066 0x1398  Null - ok
09:04:36.0096 0x1398  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:04:36.0116 0x1398  nvraid - ok
09:04:36.0166 0x1398  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:04:36.0206 0x1398  nvstor - ok
09:04:36.0276 0x1398  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:04:36.0296 0x1398  nv_agp - ok
09:04:36.0406 0x1398  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:04:36.0466 0x1398  odserv - ok
09:04:36.0496 0x1398  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:04:36.0536 0x1398  ohci1394 - ok
09:04:36.0616 0x1398  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:04:36.0656 0x1398  ose - ok
09:04:36.0696 0x1398  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:04:36.0796 0x1398  p2pimsvc - ok
09:04:36.0836 0x1398  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:04:36.0886 0x1398  p2psvc - ok
09:04:36.0916 0x1398  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:04:36.0936 0x1398  Parport - ok
09:04:36.0976 0x1398  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:04:37.0006 0x1398  partmgr - ok
09:04:37.0056 0x1398  [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
09:04:37.0096 0x1398  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
09:04:39.0886 0x1398  Detect skipped due to KSN trusted
09:04:39.0886 0x1398  PassThru Service - ok
09:04:39.0996 0x1398  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:04:40.0056 0x1398  PcaSvc - ok
09:04:40.0106 0x1398  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:04:40.0136 0x1398  pci - ok
09:04:40.0176 0x1398  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:04:40.0206 0x1398  pciide - ok
09:04:40.0256 0x1398  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:04:40.0306 0x1398  pcmcia - ok
09:04:40.0326 0x1398  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:04:40.0346 0x1398  pcw - ok
09:04:40.0376 0x1398  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:04:40.0496 0x1398  PEAUTH - ok
09:04:40.0586 0x1398  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:04:40.0636 0x1398  PerfHost - ok
09:04:40.0736 0x1398  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:04:40.0876 0x1398  pla - ok
09:04:40.0966 0x1398  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:04:41.0036 0x1398  PlugPlay - ok
09:04:41.0066 0x1398  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:04:41.0096 0x1398  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:04:43.0886 0x1398  Detect skipped due to KSN trusted
09:04:43.0886 0x1398  Pml Driver HPZ12 - ok
09:04:44.0026 0x1398  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:04:44.0066 0x1398  PNRPAutoReg - ok
09:04:44.0096 0x1398  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:04:44.0126 0x1398  PNRPsvc - ok
09:04:44.0196 0x1398  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:04:44.0286 0x1398  PolicyAgent - ok
09:04:44.0336 0x1398  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:04:44.0426 0x1398  Power - ok
09:04:44.0496 0x1398  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:04:44.0556 0x1398  PptpMiniport - ok
09:04:44.0586 0x1398  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:04:44.0646 0x1398  Processor - ok
09:04:44.0696 0x1398  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:04:44.0726 0x1398  ProfSvc - ok
09:04:44.0746 0x1398  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:04:44.0756 0x1398  ProtectedStorage - ok
09:04:44.0796 0x1398  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:04:44.0856 0x1398  Psched - ok
09:04:44.0886 0x1398  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:04:44.0906 0x1398  PSI_SVC_2 - ok
09:04:44.0966 0x1398  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:04:45.0076 0x1398  ql2300 - ok
09:04:45.0106 0x1398  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:04:45.0126 0x1398  ql40xx - ok
09:04:45.0166 0x1398  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:04:45.0246 0x1398  QWAVE - ok
09:04:45.0266 0x1398  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:04:45.0306 0x1398  QWAVEdrv - ok
09:04:45.0326 0x1398  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:04:45.0386 0x1398  RasAcd - ok
09:04:45.0436 0x1398  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:04:45.0486 0x1398  RasAgileVpn - ok
09:04:45.0506 0x1398  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:04:45.0586 0x1398  RasAuto - ok
09:04:45.0616 0x1398  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:04:45.0716 0x1398  Rasl2tp - ok
09:04:45.0806 0x1398  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:04:45.0916 0x1398  RasMan - ok
09:04:45.0956 0x1398  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:04:46.0016 0x1398  RasPppoe - ok
09:04:46.0066 0x1398  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:04:46.0126 0x1398  RasSstp - ok
09:04:46.0196 0x1398  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:04:46.0276 0x1398  rdbss - ok
09:04:46.0316 0x1398  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:04:46.0346 0x1398  rdpbus - ok
09:04:46.0366 0x1398  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:04:46.0426 0x1398  RDPCDD - ok
09:04:46.0446 0x1398  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:04:46.0506 0x1398  RDPENCDD - ok
09:04:46.0526 0x1398  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:04:46.0566 0x1398  RDPREFMP - ok
09:04:46.0616 0x1398  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:04:46.0676 0x1398  RDPWD - ok
09:04:46.0726 0x1398  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:04:46.0776 0x1398  rdyboost - ok
09:04:46.0806 0x1398  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:04:46.0876 0x1398  RemoteAccess - ok
09:04:46.0906 0x1398  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:04:46.0976 0x1398  RemoteRegistry - ok
09:04:47.0026 0x1398  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:04:47.0076 0x1398  RFCOMM - ok
09:04:47.0106 0x1398  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:04:47.0156 0x1398  RpcEptMapper - ok
09:04:47.0186 0x1398  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:04:47.0226 0x1398  RpcLocator - ok
09:04:47.0266 0x1398  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:04:47.0316 0x1398  RpcSs - ok
09:04:47.0366 0x1398  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:04:47.0436 0x1398  rspndr - ok
09:04:47.0516 0x1398  [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
09:04:47.0546 0x1398  RSUSBSTOR - ok
09:04:47.0586 0x1398  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
09:04:47.0616 0x1398  RS_Service - ok
09:04:47.0666 0x1398  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
09:04:47.0726 0x1398  RTHDMIAzAudService - ok
09:04:47.0756 0x1398  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
09:04:47.0776 0x1398  SamSs - ok
09:04:47.0826 0x1398  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:04:47.0846 0x1398  sbp2port - ok
09:04:47.0886 0x1398  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:04:47.0956 0x1398  SCardSvr - ok
09:04:47.0986 0x1398  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:04:48.0046 0x1398  scfilter - ok
09:04:48.0096 0x1398  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:04:48.0226 0x1398  Schedule - ok
09:04:48.0266 0x1398  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:04:48.0296 0x1398  SCPolicySvc - ok
09:04:48.0346 0x1398  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:04:48.0396 0x1398  SDRSVC - ok
09:04:48.0456 0x1398  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:04:48.0536 0x1398  secdrv - ok
09:04:48.0576 0x1398  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:04:48.0626 0x1398  seclogon - ok
09:04:48.0656 0x1398  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:04:48.0716 0x1398  SENS - ok
09:04:48.0746 0x1398  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:04:48.0786 0x1398  SensrSvc - ok
09:04:48.0836 0x1398  [ 2437720D4480523562360B2B6B5864A7, 314725F4786B3E660D6C58AF611ABD41D9938CEF5A7F19762632DF51CB3A52D5 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
09:04:48.0906 0x1398  Ser2pl - ok
09:04:48.0936 0x1398  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:04:48.0976 0x1398  Serenum - ok
09:04:49.0006 0x1398  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:04:49.0056 0x1398  Serial - ok
09:04:49.0106 0x1398  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:04:49.0156 0x1398  sermouse - ok
09:04:49.0206 0x1398  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:04:49.0266 0x1398  SessionEnv - ok
09:04:49.0296 0x1398  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:04:49.0346 0x1398  sffdisk - ok
09:04:49.0366 0x1398  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:04:49.0416 0x1398  sffp_mmc - ok
09:04:49.0446 0x1398  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:04:49.0496 0x1398  sffp_sd - ok
09:04:49.0536 0x1398  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:04:49.0576 0x1398  sfloppy - ok
09:04:49.0636 0x1398  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:04:49.0716 0x1398  SharedAccess - ok
09:04:49.0786 0x1398  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:04:49.0846 0x1398  ShellHWDetection - ok
09:04:49.0856 0x1398  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:04:49.0876 0x1398  SiSRaid2 - ok
09:04:49.0906 0x1398  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:04:49.0926 0x1398  SiSRaid4 - ok
09:04:50.0156 0x1398  [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:04:50.0316 0x1398  Skype C2C Service - ok
09:04:50.0446 0x1398  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:04:50.0516 0x1398  SkypeUpdate - ok
09:04:50.0546 0x1398  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:04:50.0586 0x1398  Smb - ok
09:04:50.0626 0x1398  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:04:50.0666 0x1398  SNMPTRAP - ok
09:04:50.0696 0x1398  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:04:50.0716 0x1398  spldr - ok
09:04:50.0776 0x1398  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:04:50.0846 0x1398  Spooler - ok
09:04:51.0026 0x1398  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:04:51.0266 0x1398  sppsvc - ok
09:04:51.0306 0x1398  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:04:51.0396 0x1398  sppuinotify - ok
09:04:51.0446 0x1398  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:04:51.0546 0x1398  srv - ok
09:04:51.0566 0x1398  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:04:51.0686 0x1398  srv2 - ok
09:04:51.0716 0x1398  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:04:51.0786 0x1398  srvnet - ok
09:04:51.0856 0x1398  [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
09:04:51.0876 0x1398  ssadbus - ok
09:04:51.0936 0x1398  [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
09:04:51.0956 0x1398  ssadmdfl - ok
09:04:52.0016 0x1398  [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
09:04:52.0046 0x1398  ssadmdm - ok
09:04:52.0126 0x1398  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:04:52.0226 0x1398  SSDPSRV - ok
09:04:52.0246 0x1398  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:04:52.0286 0x1398  SstpSvc - ok
09:04:52.0316 0x1398  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:04:52.0326 0x1398  stexstor - ok
09:04:52.0386 0x1398  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
09:04:52.0426 0x1398  StillCam - ok
09:04:52.0496 0x1398  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:04:52.0576 0x1398  stisvc - ok
09:04:52.0616 0x1398  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:04:52.0626 0x1398  swenum - ok
09:04:52.0666 0x1398  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:04:52.0746 0x1398  swprv - ok
09:04:52.0806 0x1398  [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:04:52.0856 0x1398  SynTP - ok
09:04:52.0976 0x1398  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:04:53.0096 0x1398  SysMain - ok
09:04:53.0136 0x1398  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:04:53.0186 0x1398  TabletInputService - ok
09:04:53.0206 0x1398  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:04:53.0296 0x1398  TapiSrv - ok
09:04:53.0326 0x1398  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:04:53.0376 0x1398  TBS - ok
09:04:53.0486 0x1398  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:04:53.0686 0x1398  Tcpip - ok
09:04:53.0796 0x1398  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:04:53.0846 0x1398  TCPIP6 - ok
09:04:53.0886 0x1398  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:04:53.0926 0x1398  tcpipreg - ok
09:04:53.0956 0x1398  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:04:53.0976 0x1398  TDPIPE - ok
09:04:54.0016 0x1398  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:04:54.0076 0x1398  TDTCP - ok
09:04:54.0126 0x1398  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:04:54.0196 0x1398  tdx - ok
09:04:54.0506 0x1398  [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
09:04:54.0746 0x1398  TeamViewer8 - ok
09:04:54.0796 0x1398  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:04:54.0836 0x1398  TermDD - ok
09:04:54.0916 0x1398  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
09:04:54.0996 0x1398  TermService - ok
09:04:55.0026 0x1398  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:04:55.0066 0x1398  Themes - ok
09:04:55.0106 0x1398  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:04:55.0146 0x1398  THREADORDER - ok
09:04:55.0266 0x1398  [ F620772888B6E3EDEF5C3E71E3D447F0, 67CFC8E94ACCA0B31E7D2062D587C1BD37911F95A02C8CCB1B4A3E0EBDADC8B0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
09:04:55.0286 0x1398  TomTomHOMEService - ok
09:04:55.0316 0x1398  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:04:55.0376 0x1398  TrkWks - ok
09:04:55.0466 0x1398  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:04:55.0536 0x1398  TrustedInstaller - ok
09:04:55.0576 0x1398  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:04:55.0636 0x1398  tssecsrv - ok
09:04:55.0716 0x1398  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:04:55.0766 0x1398  TsUsbFlt - ok
09:04:55.0826 0x1398  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:04:55.0906 0x1398  tunnel - ok
09:04:55.0966 0x1398  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:04:55.0996 0x1398  uagp35 - ok
09:04:56.0016 0x1398  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
09:04:56.0026 0x1398  UBHelper - ok
09:04:56.0076 0x1398  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:04:56.0146 0x1398  udfs - ok
09:04:56.0176 0x1398  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:04:56.0196 0x1398  UI0Detect - ok
09:04:56.0226 0x1398  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:04:56.0246 0x1398  uliagpkx - ok
09:04:56.0316 0x1398  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:04:56.0356 0x1398  umbus - ok
09:04:56.0396 0x1398  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:04:56.0426 0x1398  UmPass - ok
09:04:56.0576 0x1398  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:04:56.0676 0x1398  UNS - ok
09:04:56.0736 0x1398  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:04:56.0756 0x1398  Updater Service - ok
09:04:56.0796 0x1398  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:04:56.0866 0x1398  upnphost - ok
09:04:56.0906 0x1398  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:04:56.0926 0x1398  usbccgp - ok
09:04:56.0976 0x1398  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:04:57.0026 0x1398  usbcir - ok
09:04:57.0066 0x1398  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
09:04:57.0126 0x1398  usbehci - ok
09:04:57.0166 0x1398  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:04:57.0226 0x1398  usbhub - ok
09:04:57.0266 0x1398  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:04:57.0306 0x1398  usbohci - ok
09:04:57.0346 0x1398  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:04:57.0406 0x1398  usbprint - ok
09:04:57.0436 0x1398  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:04:57.0486 0x1398  usbscan - ok
09:04:57.0576 0x1398  [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
09:04:57.0646 0x1398  usbser - ok
09:04:57.0666 0x1398  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:04:57.0746 0x1398  USBSTOR - ok
09:04:57.0776 0x1398  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:04:57.0816 0x1398  usbuhci - ok
09:04:57.0886 0x1398  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:04:57.0956 0x1398  usbvideo - ok
09:04:58.0006 0x1398  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
09:04:58.0056 0x1398  usb_rndisx - ok
09:04:58.0096 0x1398  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:04:58.0176 0x1398  UxSms - ok
09:04:58.0206 0x1398  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
09:04:58.0216 0x1398  VaultSvc - ok
09:04:58.0236 0x1398  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:04:58.0256 0x1398  vdrvroot - ok
09:04:58.0306 0x1398  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:04:58.0356 0x1398  vds - ok
09:04:58.0406 0x1398  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:04:58.0436 0x1398  vga - ok
09:04:58.0456 0x1398  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:04:58.0526 0x1398  VgaSave - ok
09:04:58.0576 0x1398  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:04:58.0616 0x1398  vhdmp - ok
09:04:58.0656 0x1398  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:04:58.0686 0x1398  viaide - ok
09:04:58.0706 0x1398  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:04:58.0736 0x1398  volmgr - ok
09:04:58.0796 0x1398  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:04:58.0846 0x1398  volmgrx - ok
09:04:58.0866 0x1398  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:04:58.0896 0x1398  volsnap - ok
09:04:58.0936 0x1398  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:04:58.0976 0x1398  vsmraid - ok
09:04:59.0086 0x1398  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:04:59.0226 0x1398  VSS - ok
09:04:59.0256 0x1398  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:04:59.0276 0x1398  vwifibus - ok
09:04:59.0296 0x1398  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:04:59.0326 0x1398  vwififlt - ok
09:04:59.0356 0x1398  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:04:59.0376 0x1398  vwifimp - ok
09:04:59.0416 0x1398  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:04:59.0496 0x1398  W32Time - ok
09:04:59.0536 0x1398  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:04:59.0586 0x1398  WacomPen - ok
09:04:59.0646 0x1398  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:04:59.0726 0x1398  WANARP - ok
09:04:59.0746 0x1398  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:04:59.0786 0x1398  Wanarpv6 - ok
09:04:59.0886 0x1398  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:04:59.0996 0x1398  WatAdminSvc - ok
09:05:00.0106 0x1398  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:05:00.0206 0x1398  wbengine - ok
09:05:00.0236 0x1398  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:05:00.0276 0x1398  WbioSrvc - ok
09:05:00.0336 0x1398  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:05:00.0436 0x1398  wcncsvc - ok
09:05:00.0456 0x1398  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:05:00.0506 0x1398  WcsPlugInService - ok
09:05:00.0516 0x1398  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:05:00.0536 0x1398  Wd - ok
09:05:00.0616 0x1398  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:05:00.0696 0x1398  Wdf01000 - ok
09:05:00.0716 0x1398  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:05:00.0856 0x1398  WdiServiceHost - ok
09:05:00.0876 0x1398  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:05:00.0896 0x1398  WdiSystemHost - ok
09:05:00.0936 0x1398  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
09:05:00.0966 0x1398  WebClient - ok
09:05:01.0016 0x1398  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:05:01.0086 0x1398  Wecsvc - ok
09:05:01.0106 0x1398  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:05:01.0166 0x1398  wercplsupport - ok
09:05:01.0196 0x1398  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:05:01.0246 0x1398  WerSvc - ok
09:05:01.0276 0x1398  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:05:01.0316 0x1398  WfpLwf - ok
09:05:01.0326 0x1398  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:05:01.0346 0x1398  WIMMount - ok
09:05:01.0366 0x1398  WinDefend - ok
09:05:01.0376 0x1398  WinHttpAutoProxySvc - ok
09:05:01.0436 0x1398  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:05:01.0516 0x1398  Winmgmt - ok
09:05:01.0646 0x1398  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:05:01.0806 0x1398  WinRM - ok
09:05:01.0886 0x1398  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:05:01.0936 0x1398  WinUsb - ok
09:05:02.0016 0x1398  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:05:02.0106 0x1398  Wlansvc - ok
09:05:02.0306 0x1398  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:05:02.0436 0x1398  wlidsvc - ok
09:05:02.0486 0x1398  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:05:02.0536 0x1398  WmiAcpi - ok
09:05:02.0566 0x1398  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:05:02.0636 0x1398  wmiApSrv - ok
09:05:02.0676 0x1398  WMPNetworkSvc - ok
09:05:02.0706 0x1398  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:05:02.0746 0x1398  WPCSvc - ok
09:05:02.0786 0x1398  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:05:02.0806 0x1398  WPDBusEnum - ok
09:05:02.0836 0x1398  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:05:02.0896 0x1398  ws2ifsl - ok
09:05:02.0936 0x1398  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:05:02.0956 0x1398  wscsvc - ok
09:05:03.0006 0x1398  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
09:05:03.0046 0x1398  WSDPrintDevice - ok
09:05:03.0076 0x1398  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
09:05:03.0086 0x1398  WSDScan - ok
09:05:03.0096 0x1398  WSearch - ok
09:05:03.0176 0x1398  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:05:03.0286 0x1398  wuauserv - ok
09:05:03.0326 0x1398  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:05:03.0356 0x1398  WudfPf - ok
09:05:03.0406 0x1398  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:05:03.0446 0x1398  WUDFRd - ok
09:05:03.0476 0x1398  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:05:03.0516 0x1398  wudfsvc - ok
09:05:03.0556 0x1398  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:05:03.0606 0x1398  WwanSvc - ok
09:05:03.0656 0x1398  ================ Scan global ===============================
09:05:03.0676 0x1398  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:05:03.0736 0x1398  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:05:03.0766 0x1398  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:05:03.0806 0x1398  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:05:03.0826 0x1398  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:05:03.0836 0x1398  [ Global ] - ok
09:05:03.0836 0x1398  ================ Scan MBR ==================================
09:05:03.0856 0x1398  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:05:04.0316 0x1398  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
09:05:04.0316 0x1398  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:05:07.0006 0x1398  ================ Scan VBR ==================================
09:05:07.0006 0x1398  [ A494A22B5EFEED048E8B225C0B4F343E ] \Device\Harddisk0\DR0\Partition1
09:05:07.0006 0x1398  \Device\Harddisk0\DR0\Partition1 - ok
09:05:07.0076 0x1398  [ 25F5849B729BA047868E7BFDFFD3EFF8 ] \Device\Harddisk0\DR0\Partition2
09:05:07.0086 0x1398  \Device\Harddisk0\DR0\Partition2 - ok
09:05:07.0086 0x1398  Waiting for KSN requests completion. In queue: 197
09:05:08.0086 0x1398  Waiting for KSN requests completion. In queue: 197
09:05:09.0086 0x1398  Waiting for KSN requests completion. In queue: 197
09:05:10.0086 0x1398  Waiting for KSN requests completion. In queue: 197
09:05:11.0226 0x1398  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
09:05:11.0246 0x1398  Win FW state via NFP2: enabled
09:05:25.0956 0x1398  ============================================================
09:05:25.0956 0x1398  Scan finished
09:05:25.0956 0x1398  ============================================================
09:05:25.0966 0x0d30  Detected object count: 2
09:05:25.0966 0x0d30  Actual detected object count: 2
09:12:51.0930 0x0d30  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:12:51.0930 0x0d30  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:12:51.0930 0x0d30  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:12:51.0930 0x0d30  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
09:12:56.0595 0x19d4  Deinitialize success
         
Alle anderen Logfiles (ListParts, frst, addition) hab ich als zip zusammengefasst.
Was soll ich nun als nächstes tun?

Vielen Dank schon mal für die Hilfe!
lg

Alt 02.12.2013, 08:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 

BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.


TDSSKiller nochmal laufen lassen, neben TDSS File System bitte Cure wählen und weiter. Dann bitte das Logfile posten.
__________________

__________________

Alt 02.12.2013, 09:01   #3
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



wow, das ging schnell!

listparts:

Code:
ATTFilter
ListParts by Farbar Version: 20-10-2013
Ran by Richi (administrator) on 02-12-2013 at 09:16:13
Windows 7 (X64)
Running From: C:\Users\Richi\Desktop
Language: 0407
************************************************************

========================= Memory info ====================== 

Percentage of memory in use: 43%
Total physical RAM: 3958.7 MB
Available physical RAM: 2244.45 MB
Total Pagefile: 7915.59 MB
Available Pagefile: 5490.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: (Acer) (Fixed) (Total:348.24 GB) (Free:162.9 GB) NTFS

  Datentr„ger ###  Status         Gr”áe    Frei     Dyn  GPT
  ---------------  -------------  -------  -------  ---  ---
  Datentr„ger 0    Online          465 GB      0 B         

Partitions of Disk 0:
===============

Datentr„ger-ID: 6027F48B

  Partition ###  Typ               GrӇe    Offset
  -------------  ----------------  -------  -------
  Partition 1    Wiederherstellun    12 GB    31 KB
  Partition 2    Prim„r             101 MB    12 GB
  Partition 3    Prim„r             348 GB    12 GB
  Partition 4    Prim„r              10 GB   360 GB

======================================================================================================

Disk: 0
Partition 1
Typ      : 27
Versteckt: Ja
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS     Typ         GrӇe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4         PQSERVICE    NTFS   Partition     12 GB  Fehlerfre  Versteck

======================================================================================================

Disk: 0
Partition 2
Typ      : 07
Versteckt: Nein
Aktiv    : Ja

  Volume ###  Bst  Bezeichnung  DS     Typ         GrӇe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2         SYSTEM RESE  NTFS   Partition    101 MB  Fehlerfre  System (partition with boot components)  

======================================================================================================

Disk: 0
Partition 3
Typ      : 07
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS     Typ         GrӇe    Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     C   Acer         NTFS   Partition    348 GB  Fehlerfre  Startpar

======================================================================================================

Disk: 0
Partition 4
Typ      : 17
Versteckt: Ja
Aktiv    : Nein

Dieser Partition ist kein Volume zugewiesen.

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: 6027F48B
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10 GB) - (Type=17)


****** End Of Log ******
         
die frst + addtion


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by Richi (administrator) on MEINER on 02-12-2013 09:20:17
Running from C:\Users\Richi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Macrovision Corporation) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Farbar) C:\Users\Richi\Desktop\ListParts64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-02] (Google Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [Epson Stylus SX525WD(Netzwerk)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\Windows\TEMP\E_S639.tmp" /EF "HKCU"
MountPoints2: {a6ed1acf-0e98-11e1-b824-705ab6d3fc5a} - E:\wubi.exe
MountPoints2: {eb34f6dd-6377-11e1-b883-705ab6d3fc5a} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
AppInit_DLLs: C:\Windows\System32\acaptuser64.dll [36984 2007-05-10] (Adobe Systems, Inc.)
AppInit_DLLs-x32: acaptuser32.dll [112248 2007-05-10] (Adobe Systems, Inc.)
Startup: C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=travelmate_5740g&r=27361111n205l0454z1j5x4572m28n
URLSearchHook: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
SearchScopes: HKCU - DefaultScope {09C9F427-A44D-4124-BE7A-E35344C6F88A} URL = hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
SearchScopes: HKCU - {09C9F427-A44D-4124-BE7A-E35344C6F88A} URL = hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=116198&tt=4012_4&babsrc=SP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll (Montera Technologeis LTD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default
FF user.js: detected! => C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\user.js
FF Homepage: www.orf.at
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Richi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\footiefox.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\funmoods.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\twitter-.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch, erweitert für Österreich - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\de-AT@dictionaries.addons.mozilla.org
FF Extension: Xmarks - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\foxmarks@kei.com
FF Extension: Evernote Web Clipper - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: twitter.address.bar.search - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\twitter.address.bar.search@firefox.twitter.xpi
FF Extension: youtube2mp3 - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR HomePage: hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
CHR RestoreOnStartup: "hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5"
CHR Plugin: (Shockwave Flash) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (AdBlock) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\Richi\AppData\Local\Temp\ccex.crx

==================== Services (Whitelisted) =================

R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [3536896 2009-04-14] (ANSYS, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-14] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-02 09:20 - 2013-12-02 09:20 - 00022437 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 01959184 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 20:32 - 2013-11-26 20:34 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 18:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:18 - 2013-11-26 18:35 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 11:59 - 2013-11-23 20:12 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-16 15:40 - 2013-11-16 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 10:51 - 2013-11-19 19:22 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-13 16:02 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:02 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:02 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:02 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 16:02 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:01 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:01 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:01 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:01 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:44 - 2013-11-12 22:57 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-10 17:58 - 2013-11-10 17:59 - 00000000 ____D C:\Users\Richi\bitcoin

==================== One Month Modified Files and Folders =======

2013-12-02 09:20 - 2013-12-02 09:20 - 00022437 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 01959184 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:14 - 2011-11-01 21:32 - 01376753 _____ C:\Windows\WindowsUpdate.log
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-02 08:49 - 2011-11-02 12:49 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-02 08:37 - 2011-11-01 22:22 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Skype
2013-12-02 08:29 - 2012-08-20 09:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-02 08:26 - 2011-11-04 17:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 08:14 - 2012-04-05 21:17 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-01 23:31 - 2013-08-13 19:55 - 00014573 _____ C:\Windows\setupact.log
2013-12-01 22:38 - 2011-11-02 12:49 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-01 22:32 - 2011-11-04 17:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 12:10 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 12:10 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 12:03 - 2011-11-21 15:23 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Dropbox
2013-12-01 12:02 - 2012-05-03 12:59 - 00000000 ___RD C:\Users\Richi\Google Drive
2013-12-01 12:02 - 2011-11-21 15:24 - 00000000 ___RD C:\Users\Richi\Dropbox
2013-12-01 12:01 - 2012-05-03 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-01 12:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-30 16:19 - 2013-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-28 18:20 - 2013-10-06 13:00 - 00099066 _____ C:\Windows\PFRO.log
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-08-09 09:51 - 00000000 ____D C:\ProgramData\Avira
2013-11-26 20:34 - 2013-11-26 20:32 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 19:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 18:44 - 2011-11-06 11:08 - 00001425 _____ C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 18:43 - 2010-03-29 11:25 - 00000000 ____D C:\Windows\Panther
2013-11-26 18:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 18:35 - 2013-11-26 18:18 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:12 - 2011-11-01 21:39 - 00000000 ____D C:\Users\Richi
2013-11-26 18:11 - 2013-06-07 23:22 - 00000000 ____D C:\Windows\Minidump
2013-11-26 18:11 - 2012-02-09 18:45 - 00000000 ____D C:\Program Files\CCleaner
2013-11-26 18:11 - 2011-12-08 02:20 - 00000000 ____D C:\Users\Richi\AppData\Roaming\vlc
2013-11-26 18:11 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 20:12 - 2013-11-23 11:59 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-20 14:14 - 2011-11-02 08:55 - 00000000 ____D C:\Users\Richi\AppData\Local\Adobe
2013-11-19 19:29 - 2012-04-05 21:17 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-11-19 19:22 - 2013-11-16 10:51 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-16 15:41 - 2013-11-16 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 14:48 - 2013-03-23 13:35 - 00000000 ____D C:\Users\Richi\Bewerbung
2013-11-14 13:52 - 2010-03-29 10:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 13:48 - 2013-08-01 19:47 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:48 - 2011-11-06 10:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 22:57 - 2013-11-12 20:44 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-12 16:35 - 2011-11-01 21:48 - 00000000 ____D C:\Users\Richi\Downloads\Programme
2013-11-12 16:10 - 2011-11-02 06:15 - 00700608 _____ C:\Windows\system32\perfh007.dat
2013-11-12 16:10 - 2011-11-02 06:15 - 00149372 _____ C:\Windows\system32\perfc007.dat
2013-11-12 16:10 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:50 - 2011-11-01 22:10 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 17:59 - 2013-11-10 17:58 - 00000000 ____D C:\Users\Richi\bitcoin
2013-11-09 23:50 - 2011-11-01 21:57 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Mozilla
2013-11-09 14:44 - 2012-02-02 20:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-08 15:33 - 2012-03-07 18:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 15:33 - 2011-11-01 22:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 20:10 - 2011-11-04 07:54 - 00000000 ____D C:\Users\Richi\Segeln

Files to move or delete:
====================
C:\Users\Richi\Keygen.exe


Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 21:25

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013
Ran by Richi at 2013-12-02 09:21:15
Running from C:\Users\Richi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 6.2.2)
Acer Backup Manager (x32 Version: 2.0.1.60)
Acer Crystal Eye webcam (x32 Version: 1.0.2.0)
Acer ePower Management (x32 Version: 5.00.3002)
Acer eRecovery Management (x32 Version: 4.05.3007)
Acer Registration (x32 Version: 1.02.3006)
Acer ScreenSaver (x32 Version: 1.1.0203.2010)
Acer Updater (x32 Version: 1.01.3014)
Acer VCM (x32 Version: 4.05.3002)
Acrobat 3D 64-bit Add-On (Version: 8.1.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe Acrobat 3D version 8 (x32 Version: 8.1.0)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Advanced Renamer (x32 Version: 3.15)
AnvSoft Photo Flash Maker Free 5.41 (x32 Version: 5.41)
Apple Application Support (x32 Version: 2.1.5)
Apple Software Update (x32 Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.758.0)
Avira Free Antivirus (x32 Version: 14.0.1.749)
Azureus (x32 Version: 2.5.0.4)
Backup Manager Advance (x32 Version: 2.0.1.60)
Bitcoin (HKCU Version: 0.7.2)
Blender (Version: 2.64-release)
Broadcom Gigabit NetLink Controller (Version: 12.52.04)
Canon MX410 series MP Drivers
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Light (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0122.858.16002)
Catalyst Control Center InstallProxy (x32 Version: 2010.0122.858.16002)
Catalyst Control Center Localization All (x32 Version: 2010.0122.858.16002)
CCC Help Chinese Standard (x32 Version: 2010.0122.0857.16002)
CCC Help Chinese Traditional (x32 Version: 2010.0122.0857.16002)
CCC Help Czech (x32 Version: 2010.0122.0857.16002)
CCC Help Danish (x32 Version: 2010.0122.0857.16002)
CCC Help Dutch (x32 Version: 2010.0122.0857.16002)
CCC Help English (x32 Version: 2010.0122.0857.16002)
CCC Help Finnish (x32 Version: 2010.0122.0857.16002)
CCC Help French (x32 Version: 2010.0122.0857.16002)
CCC Help German (x32 Version: 2010.0122.0857.16002)
CCC Help Greek (x32 Version: 2010.0122.0857.16002)
CCC Help Hungarian (x32 Version: 2010.0122.0857.16002)
CCC Help Italian (x32 Version: 2010.0122.0857.16002)
CCC Help Japanese (x32 Version: 2010.0122.0857.16002)
CCC Help Korean (x32 Version: 2010.0122.0857.16002)
CCC Help Norwegian (x32 Version: 2010.0122.0857.16002)
CCC Help Polish (x32 Version: 2010.0122.0857.16002)
CCC Help Portuguese (x32 Version: 2010.0122.0857.16002)
CCC Help Russian (x32 Version: 2010.0122.0857.16002)
CCC Help Spanish (x32 Version: 2010.0122.0857.16002)
CCC Help Swedish (x32 Version: 2010.0122.0857.16002)
CCC Help Thai (x32 Version: 2010.0122.0857.16002)
CCC Help Turkish (x32 Version: 2010.0122.0857.16002)
ccc-core-static (x32 Version: 2010.0122.858.16002)
ccc-utility64 (Version: 2010.0122.858.16002)
CCleaner (Version: 4.04)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
Claro LTD toolbar   (x32)
CloneCD (x32)
DAEMON Tools Lite (x32 Version: 4.45.1.0236)
Deluxe Ski Jump 4 (x32 Version: 1.3.2)
DivX-Setup (x32 Version: 2.6.0.34)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000)
Dropbox (HKCU Version: 2.0.22)
EPSON Scan (x32)
EPSON SX525WD Series Printer Uninstall
EpsonNet Print (x32 Version: 2.6.0)
EpsonNet Setup 3.3 (x32 Version: 3.3b)
eSobi v2 (x32 Version: 2.0.4.000274)
Evernote v. 4.6 (x32 Version: 4.6.0.7670)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
fit2sail-SBF_SKS (x32 Version: 1.00.0000)
Fugawi 4.5 (x32 Version: 4.5)
Game Alarm (HKCU)
GEODOG-SOFTWARE (x32 Version: 1.8.2342)
Google Chrome (HKCU Version: 31.0.1650.57)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth (x32 Version: 7.1.1.1888)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Google Update Helper (x32 Version: 1.3.21.165)
GPL Ghostscript (Version: 9.02)
GSview 4.9
HammerHead Rhythm Station (x32)
HappyFoto-Designer 5.1 (x32)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
HTC Driver Installer (x32 Version: 3.0.0.007)
Identity Card (x32 Version: 1.00.3003)
InfraRecorder (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.5.6.1001)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.01.00.1005)
InterVideo WinDVD 8 (x32 Version: 8.5.10.75)
Java 7 Update 21 (x32 Version: 7.0.210)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 29 (x32 Version: 6.0.290)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 14.0.8089.726)
Launch Manager (x32 Version: 4.0.7)
MATLAB R2007b (Version: 7.5)
MegaCAD 3D 2005  (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Flight (x32 Version: 1.0.0000.129)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MozBackup 1.5.1 (x32)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
MyPhoneExplorer (x32 Version: 1.8.4)
Network64 (Version: 140.0.215.000)
NTI Backup Now 5 (x32 Version: 5.1.2.628)
NTI Backup Now Standard (x32 Version: 5.1.2.628)
NTI Media Maker 8 (x32 Version: 8.0.12.6630)
Picasa 3 (x32 Version: 3.9)
Pixum Fotobuch (x32 Version: 5.0.1)
PL-2303 USB-to-Serial (x32 Version: 1.4.17)
Plancal® nova 8.1 x64 (Version: 8.1.0.5)
PX Profile Update (x32 Version: 1.00.1.)
QuickTime (x32 Version: 7.71.80.42)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6037)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30113)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Scan (x32 Version: 140.0.80.000)
Shredder Classic 4 (x32)
Ski Challenge 12 (AT) (HKCU)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.10 (x32 Version: 6.10.104)
Softonic toolbar  on IE and Chrome (x32)
Spotify (HKCU Version: 0.6.4)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
TeamViewer 8 (x32 Version: 8.0.22298)
TeXnicCenter Version 1.0 Stable RC1 (x32 Version: Version 1.0 Stable RC1)
TomTom HOME (x32 Version: 2.9.3)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Toolbox (x32 Version: 140.0.428.000)
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VirtualDJ Home FREE (x32 Version: 7.0.5)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Vsk5Online (x32)
Vuze (x32 Version: 4.7)
Vuze Remote Toolbar (x32 Version: 6.8.5.1)
Welcome Center (x32 Version: 1.00.3013)
Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416) (Version: 01/06/2010 6.2.0.9416)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Messenger (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
WinSCP 4.3.5 (x32 Version: 4.3.5)
Xming 6.9.0.31 (x32 Version: 6.9.0.31)
Xvid Video Codec (x32 Version: 1.3.2)

==================== Restore Points  =========================

19-11-2013 18:33:55 Windows Update
26-11-2013 16:57:20 Windows Update
26-11-2013 17:02:15 Wiederherstellungsvorgang
26-11-2013 17:17:18 Windows Update
26-11-2013 17:29:23 Windows Update
30-11-2013 14:45:15 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0776AE2D-FD27-4F36-B711-3998A63A9D5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04] (Google Inc.)
Task: {6B691179-72AD-4723-A33F-FCF1D83066D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02] (Google Inc.)
Task: {6D8A6D77-F7A2-40CA-AE83-63F27B79373A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04] (Google Inc.)
Task: {6F72DA02-B884-46B2-BEE0-5A2B5287989D} - System32\Tasks\{82284C48-A882-4361-82BB-C716422CDACF} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.8.0.158.259&amp;LastError=12002
Task: {7382EF3D-0750-4427-8151-A89891BD8E46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {7605269D-D3BB-4A2A-BD39-F31BC1545567} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {95FDD2E1-778B-466B-945D-D480D6108CF3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {B5C5CADE-C598-40C2-8070-FFB68E813D8C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {F4DD4678-6B77-4151-B448-0ABA6B9AF030} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job => C:\Users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job => C:\Users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-11-28 15:50 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-01-07 14:42 - 2010-01-07 14:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-01 21:32 - 2011-11-01 21:32 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-26 20:36 - 2013-10-31 19:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Richi\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-01 12:01 - 2013-12-01 12:01 - 00098816 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32api.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00110080 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pywintypes27.dll
2013-12-01 12:01 - 2013-12-01 12:01 - 00364544 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pythoncom27.dll
2013-12-01 12:01 - 2013-12-01 12:01 - 00044032 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_socket.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 01153024 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_ssl.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00320512 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32com.shell.shell.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00711680 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_hashlib.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 01175040 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._core_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00805888 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._gdi_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00811008 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._windows_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 01062400 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._controls_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00735232 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._misc_.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00128512 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_elementtree.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00127488 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pyexpat.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00557056 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\pysqlite2._sqlite.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00087040 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_ctypes.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00119808 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32file.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00108544 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32security.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00018432 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32event.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00038912 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32inet.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00122368 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._wizard.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00686080 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\unicodedata.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00026624 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\_multiprocessing.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00070656 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\wx._html2.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00010240 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\select.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00025600 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32pdh.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00504832 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\windows._cacheinvalidation.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00011264 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32crypt.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00035840 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32process.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00017408 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32profile.pyd
2013-12-01 12:01 - 2013-12-01 12:01 - 00022528 _____ () C:\Users\Richi\AppData\Local\Temp\_MEI27842\win32ts.pyd
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-03-29 11:23 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2010-03-29 10:47 - 2009-12-24 01:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-16 15:40 - 2013-11-16 15:40 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-18 16:59 - 2013-11-30 16:19 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-18 16:59 - 2013-11-30 16:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-18 16:59 - 2013-11-30 16:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-11-26 20:36 - 2013-10-31 19:25 - 00394808 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:72850EB04904A401

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: GEODOG Pro Device (COM6)
Description: GEODOG Pro Device
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: GEODOG GmbH
Service: usbser
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: GEODOG Plus Device (COM7)
Description: GEODOG Plus Device
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: GEODOG GmbH
Service: usbser
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/28/2013 07:59:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (11/26/2013 08:31:10 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/26/2013 08:25:49 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/26/2013 08:25:18 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/26/2013 08:13:53 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/26/2013 07:14:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (11/26/2013 06:43:24 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/26/2013 06:20:18 PM) (Source: Application Hang) (User: )
Description: Programm avcenter.exe, Version 13.6.20.2100 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17a4

Startzeit: 01ceeacb87e7729c

Endzeit: 50843

Anwendungspfad: C:\program files (x86)\avira\antivir desktop\avcenter.exe

Berichts-ID: da4d3d39-56be-11e3-8d59-705ab6d3fc5a

Error: (11/26/2013 06:18:57 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/26/2013 06:18:53 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!


System errors:
=============
Error: (12/01/2013 00:22:10 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.

Error: (12/01/2013 00:02:47 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.

Error: (12/01/2013 00:02:34 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/30/2013 03:58:33 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.

Error: (11/30/2013 03:39:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (11/30/2013 03:39:05 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.

Error: (11/30/2013 03:38:57 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/28/2013 06:41:29 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.

Error: (11/28/2013 06:22:20 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "" den Befehl "chkdsk" aus.

Error: (11/28/2013 06:22:03 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 3958.7 MB
Available physical RAM: 2123.39 MB
Total Pagefile: 7915.59 MB
Available Pagefile: 5440.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:348.24 GB) (Free:162.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6027F48B)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=348 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10 GB) - (Type=17)

==================== End Of Log ============================
         
__________________

Alt 02.12.2013, 09:16   #4
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Hier nochmal das logfile von tdsskiller

Code:
ATTFilter
10:08:45.0421 0x1878  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
10:08:48.0166 0x1878  ============================================================
10:08:48.0166 0x1878  Current date / time: 2013/12/02 10:08:48.0166
10:08:48.0166 0x1878  SystemInfo:
10:08:48.0166 0x1878  
10:08:48.0166 0x1878  OS Version: 6.1.7601 ServicePack: 1.0
10:08:48.0166 0x1878  Product type: Workstation
10:08:48.0166 0x1878  ComputerName: MEINER
10:08:48.0182 0x1878  UserName: Richi
10:08:48.0182 0x1878  Windows directory: C:\Windows
10:08:48.0182 0x1878  System windows directory: C:\Windows
10:08:48.0182 0x1878  Running under WOW64
10:08:48.0182 0x1878  Processor architecture: Intel x64
10:08:48.0182 0x1878  Number of processors: 4
10:08:48.0182 0x1878  Page size: 0x1000
10:08:48.0182 0x1878  Boot type: Normal boot
10:08:48.0182 0x1878  ============================================================
10:08:48.0993 0x1878  KLMD registered as C:\Windows\system32\drivers\25161414.sys
10:08:49.0165 0x1878  System UUID: {9B46AF8B-8495-C385-0BD8-CEB1480BA967}
10:08:49.0695 0x1878  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:08:49.0711 0x1878  ============================================================
10:08:49.0711 0x1878  \Device\Harddisk0\DR0:
10:08:49.0711 0x1878  MBR partitions:
10:08:49.0711 0x1878  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
10:08:49.0711 0x1878  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2B879904
10:08:49.0711 0x1878  ============================================================
10:08:49.0742 0x1878  C: <-> \Device\Harddisk0\DR0\Partition2
10:08:49.0742 0x1878  ============================================================
10:08:49.0742 0x1878  Initialize success
10:08:49.0742 0x1878  ============================================================
10:08:56.0622 0x1240  ============================================================
10:08:56.0622 0x1240  Scan started
10:08:56.0622 0x1240  Mode: Manual; SigCheck; TDLFS; 
10:08:56.0622 0x1240  ============================================================
10:08:56.0622 0x1240  KSN ping started
10:09:10.0396 0x1240  KSN ping finished: true
10:09:10.0724 0x1240  ================ Scan system memory ========================
10:09:10.0724 0x1240  System memory - ok
10:09:10.0724 0x1240  ================ Scan services =============================
10:09:11.0223 0x1240  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:09:11.0270 0x1240  1394ohci - ok
10:09:11.0348 0x1240  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:09:11.0395 0x1240  ACPI - ok
10:09:11.0410 0x1240  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:09:11.0426 0x1240  AcpiPmi - ok
10:09:11.0566 0x1240  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:09:11.0582 0x1240  AdobeARMservice - ok
10:09:11.0738 0x1240  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:09:11.0754 0x1240  AdobeFlashPlayerUpdateSvc - ok
10:09:11.0800 0x1240  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:09:11.0816 0x1240  adp94xx - ok
10:09:11.0863 0x1240  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:09:11.0878 0x1240  adpahci - ok
10:09:11.0910 0x1240  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:09:11.0925 0x1240  adpu320 - ok
10:09:11.0956 0x1240  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:09:11.0988 0x1240  AeLookupSvc - ok
10:09:12.0066 0x1240  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
10:09:12.0097 0x1240  AFD - ok
10:09:12.0159 0x1240  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:09:12.0175 0x1240  agp440 - ok
10:09:12.0190 0x1240  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:09:12.0206 0x1240  ALG - ok
10:09:12.0268 0x1240  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:09:12.0284 0x1240  aliide - ok
10:09:12.0315 0x1240  [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:09:12.0346 0x1240  AMD External Events Utility - ok
10:09:12.0378 0x1240  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:09:12.0393 0x1240  amdide - ok
10:09:12.0440 0x1240  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:09:12.0456 0x1240  AmdK8 - ok
10:09:12.0752 0x1240  [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
10:09:12.0939 0x1240  amdkmdag - ok
10:09:13.0033 0x1240  [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:09:13.0048 0x1240  amdkmdap - ok
10:09:13.0080 0x1240  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:09:13.0095 0x1240  AmdPPM - ok
10:09:13.0158 0x1240  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:09:13.0173 0x1240  amdsata - ok
10:09:13.0204 0x1240  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:09:13.0220 0x1240  amdsbs - ok
10:09:13.0236 0x1240  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:09:13.0251 0x1240  amdxata - ok
10:09:13.0298 0x1240  [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
10:09:13.0329 0x1240  androidusb - ok
10:09:13.0548 0x1240  [ 02E2B39AFE9EA2AEC4B15B20A0A4C3A6, 5F345F7CDF7F464DACB72D10B287774799DF990A134608F6920B9B810FC8347D ] ANSYS, Inc. License Manager C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
10:09:13.0657 0x1240  ANSYS, Inc. License Manager - detected UnsignedFile.Multi.Generic ( 1 )
10:09:16.0418 0x1240  Detect skipped due to KSN trusted
10:09:16.0418 0x1240  ANSYS, Inc. License Manager - ok
10:09:16.0636 0x1240  [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:09:16.0652 0x1240  AntiVirSchedulerService - ok
10:09:16.0746 0x1240  [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:09:16.0761 0x1240  AntiVirService - ok
10:09:16.0855 0x1240  [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:09:16.0886 0x1240  AntiVirWebService - ok
10:09:16.0980 0x1240  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:09:17.0026 0x1240  AppID - ok
10:09:17.0058 0x1240  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:09:17.0104 0x1240  AppIDSvc - ok
10:09:17.0151 0x1240  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:09:17.0167 0x1240  Appinfo - ok
10:09:17.0198 0x1240  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:09:17.0214 0x1240  arc - ok
10:09:17.0214 0x1240  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:09:17.0229 0x1240  arcsas - ok
10:09:17.0370 0x1240  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:09:17.0385 0x1240  aspnet_state - ok
10:09:17.0432 0x1240  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:09:17.0479 0x1240  AsyncMac - ok
10:09:17.0526 0x1240  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:09:17.0557 0x1240  atapi - ok
10:09:17.0619 0x1240  [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
10:09:17.0635 0x1240  AtiHdmiService - ok
10:09:17.0713 0x1240  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:09:17.0760 0x1240  AudioEndpointBuilder - ok
10:09:17.0791 0x1240  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:09:17.0853 0x1240  AudioSrv - ok
10:09:17.0978 0x1240  [ 0909E9AD4019AFF25C58E0DFFDCD744E, D1C1A6C7C1EABAC32B24C45E3E6BE3BC7C74A46996CFA6697E7A98E1A6D05531 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:09:17.0994 0x1240  avgntflt - ok
10:09:18.0072 0x1240  [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:09:18.0087 0x1240  avipbb - ok
10:09:18.0150 0x1240  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:09:18.0165 0x1240  avkmgr - ok
10:09:18.0212 0x1240  [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
10:09:18.0228 0x1240  avnetflt - ok
10:09:18.0274 0x1240  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:09:18.0306 0x1240  AxInstSV - ok
10:09:18.0368 0x1240  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:09:18.0415 0x1240  b06bdrv - ok
10:09:18.0446 0x1240  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:09:18.0477 0x1240  b57nd60a - ok
10:09:18.0649 0x1240  [ B44879610F2DC4A046B14BEFA3AE72DE, B9C17872E0DA23A495B6EC4D4C249AA96F82409DD83B6A17F557D9171D1D7089 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
10:09:18.0727 0x1240  BCM43XX - ok
10:09:18.0789 0x1240  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:09:18.0805 0x1240  BDESVC - ok
10:09:18.0820 0x1240  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:09:18.0852 0x1240  Beep - ok
10:09:18.0930 0x1240  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:09:18.0976 0x1240  BFE - ok
10:09:19.0039 0x1240  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:09:19.0101 0x1240  BITS - ok
10:09:19.0132 0x1240  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:09:19.0148 0x1240  blbdrive - ok
10:09:19.0195 0x1240  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:09:19.0210 0x1240  bowser - ok
10:09:19.0257 0x1240  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:09:19.0273 0x1240  BrFiltLo - ok
10:09:19.0288 0x1240  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:09:19.0304 0x1240  BrFiltUp - ok
10:09:19.0351 0x1240  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:09:19.0366 0x1240  Browser - ok
10:09:19.0398 0x1240  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:09:19.0413 0x1240  Brserid - ok
10:09:19.0444 0x1240  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:09:19.0460 0x1240  BrSerWdm - ok
10:09:19.0476 0x1240  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:09:19.0491 0x1240  BrUsbMdm - ok
10:09:19.0507 0x1240  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:09:19.0522 0x1240  BrUsbSer - ok
10:09:19.0585 0x1240  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
10:09:19.0600 0x1240  BthEnum - ok
10:09:19.0632 0x1240  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:09:19.0647 0x1240  BTHMODEM - ok
10:09:19.0678 0x1240  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:09:19.0694 0x1240  BthPan - ok
10:09:19.0725 0x1240  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
10:09:19.0756 0x1240  BTHPORT - ok
10:09:19.0803 0x1240  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:09:19.0866 0x1240  bthserv - ok
10:09:19.0881 0x1240  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
10:09:19.0897 0x1240  BTHUSB - ok
10:09:19.0944 0x1240  [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
10:09:19.0959 0x1240  btusbflt - ok
10:09:19.0990 0x1240  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:09:20.0037 0x1240  cdfs - ok
10:09:20.0100 0x1240  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:09:20.0115 0x1240  cdrom - ok
10:09:20.0178 0x1240  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:09:20.0209 0x1240  CertPropSvc - ok
10:09:20.0224 0x1240  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:09:20.0240 0x1240  circlass - ok
10:09:20.0287 0x1240  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:09:20.0302 0x1240  CLFS - ok
10:09:20.0365 0x1240  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:09:20.0396 0x1240  clr_optimization_v2.0.50727_32 - ok
10:09:20.0427 0x1240  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:09:20.0443 0x1240  clr_optimization_v2.0.50727_64 - ok
10:09:20.0568 0x1240  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:09:20.0583 0x1240  clr_optimization_v4.0.30319_32 - ok
10:09:20.0630 0x1240  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:09:20.0646 0x1240  clr_optimization_v4.0.30319_64 - ok
10:09:20.0677 0x1240  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:09:20.0677 0x1240  CmBatt - ok
10:09:20.0724 0x1240  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:09:20.0755 0x1240  cmdide - ok
10:09:20.0833 0x1240  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:09:20.0864 0x1240  CNG - ok
10:09:20.0911 0x1240  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:09:20.0911 0x1240  Compbatt - ok
10:09:20.0958 0x1240  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:09:20.0989 0x1240  CompositeBus - ok
10:09:21.0004 0x1240  COMSysApp - ok
10:09:21.0036 0x1240  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:09:21.0051 0x1240  crcdisk - ok
10:09:21.0114 0x1240  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:09:21.0145 0x1240  CryptSvc - ok
10:09:21.0207 0x1240  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
10:09:21.0223 0x1240  CVirtA - ok
10:09:21.0363 0x1240  [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
10:09:21.0426 0x1240  CVPND - ok
10:09:21.0457 0x1240  [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
10:09:21.0457 0x1240  CVPNDRVA - ok
10:09:21.0535 0x1240  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:09:21.0597 0x1240  DcomLaunch - ok
10:09:21.0644 0x1240  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:09:21.0691 0x1240  defragsvc - ok
10:09:21.0722 0x1240  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:09:21.0769 0x1240  DfsC - ok
10:09:21.0831 0x1240  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:09:21.0878 0x1240  Dhcp - ok
10:09:21.0909 0x1240  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:09:21.0940 0x1240  discache - ok
10:09:21.0972 0x1240  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:09:21.0987 0x1240  Disk - ok
10:09:22.0050 0x1240  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
10:09:22.0065 0x1240  DNE - ok
10:09:22.0112 0x1240  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:09:22.0128 0x1240  Dnscache - ok
10:09:22.0206 0x1240  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:09:22.0268 0x1240  dot3svc - ok
10:09:22.0315 0x1240  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:09:22.0330 0x1240  Dot4 - ok
10:09:22.0377 0x1240  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:09:22.0393 0x1240  Dot4Print - ok
10:09:22.0408 0x1240  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:09:22.0424 0x1240  dot4usb - ok
10:09:22.0502 0x1240  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:09:22.0564 0x1240  DPS - ok
10:09:22.0611 0x1240  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:09:22.0627 0x1240  drmkaud - ok
10:09:22.0674 0x1240  [ 61E894FE1E9CC720C909E6E343351794, 2C8540ED0A2C7028B242289078B4C2D8678D26FB7429AB3B33C136BB47B178C3 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
10:09:22.0689 0x1240  DsiWMIService - ok
10:09:22.0767 0x1240  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:09:22.0783 0x1240  dtsoftbus01 - ok
10:09:22.0876 0x1240  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:09:22.0908 0x1240  DXGKrnl - ok
10:09:22.0939 0x1240  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:09:22.0970 0x1240  EapHost - ok
10:09:23.0126 0x1240  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:09:23.0235 0x1240  ebdrv - ok
10:09:23.0266 0x1240  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
10:09:23.0282 0x1240  EFS - ok
10:09:23.0391 0x1240  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:09:23.0422 0x1240  ehRecvr - ok
10:09:23.0454 0x1240  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:09:23.0469 0x1240  ehSched - ok
10:09:23.0532 0x1240  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
10:09:23.0563 0x1240  ElbyCDFL - ok
10:09:23.0578 0x1240  [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
10:09:23.0578 0x1240  ElbyCDIO - ok
10:09:23.0656 0x1240  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:09:23.0688 0x1240  elxstor - ok
10:09:23.0828 0x1240  [ 49EEF52BFB986A2B5D70F4EC12637D7B, C42C93EC36B4BD0AFF4248AD571F56FB5F39D5C57B93C01EBB34997A262E41A9 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
10:09:23.0859 0x1240  ePowerSvc - ok
10:09:23.0922 0x1240  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
10:09:23.0937 0x1240  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
10:09:26.0823 0x1240  Detect skipped due to KSN trusted
10:09:26.0823 0x1240  EpsonBidirectionalService - ok
10:09:26.0901 0x1240  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:09:26.0917 0x1240  ErrDev - ok
10:09:26.0979 0x1240  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:09:27.0026 0x1240  EventSystem - ok
10:09:27.0057 0x1240  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:09:27.0104 0x1240  exfat - ok
10:09:27.0120 0x1240  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:09:27.0166 0x1240  fastfat - ok
10:09:27.0229 0x1240  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:09:27.0260 0x1240  Fax - ok
10:09:27.0291 0x1240  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:09:27.0307 0x1240  fdc - ok
10:09:27.0322 0x1240  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:09:27.0354 0x1240  fdPHost - ok
10:09:27.0385 0x1240  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:09:27.0416 0x1240  FDResPub - ok
10:09:27.0463 0x1240  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:09:27.0463 0x1240  FileInfo - ok
10:09:27.0478 0x1240  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:09:27.0510 0x1240  Filetrace - ok
10:09:27.0588 0x1240  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:09:27.0619 0x1240  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
10:09:30.0458 0x1240  Detect skipped due to KSN trusted
10:09:30.0458 0x1240  FLEXnet Licensing Service - ok
10:09:30.0505 0x1240  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:09:30.0536 0x1240  flpydisk - ok
10:09:30.0583 0x1240  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:09:30.0598 0x1240  FltMgr - ok
10:09:30.0692 0x1240  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:09:30.0739 0x1240  FontCache - ok
10:09:30.0832 0x1240  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:09:30.0864 0x1240  FontCache3.0.0.0 - ok
10:09:30.0895 0x1240  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:09:30.0910 0x1240  FsDepends - ok
10:09:30.0957 0x1240  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:09:30.0957 0x1240  Fs_Rec - ok
10:09:31.0051 0x1240  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:09:31.0066 0x1240  fvevol - ok
10:09:31.0082 0x1240  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:09:31.0098 0x1240  gagp30kx - ok
10:09:31.0160 0x1240  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:09:31.0222 0x1240  gpsvc - ok
10:09:31.0347 0x1240  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
10:09:31.0378 0x1240  Greg_Service - ok
10:09:31.0488 0x1240  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:09:31.0488 0x1240  gupdate - ok
10:09:31.0519 0x1240  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:09:31.0519 0x1240  gupdatem - ok
10:09:31.0597 0x1240  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:09:31.0612 0x1240  gusvc - ok
10:09:31.0659 0x1240  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:09:31.0675 0x1240  hcw85cir - ok
10:09:31.0737 0x1240  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:09:31.0768 0x1240  HdAudAddService - ok
10:09:31.0800 0x1240  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:09:31.0815 0x1240  HDAudBus - ok
10:09:31.0846 0x1240  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
10:09:31.0862 0x1240  HECIx64 - ok
10:09:31.0893 0x1240  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:09:31.0909 0x1240  HidBatt - ok
10:09:31.0924 0x1240  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:09:31.0940 0x1240  HidBth - ok
10:09:31.0956 0x1240  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:09:31.0971 0x1240  HidIr - ok
10:09:31.0987 0x1240  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:09:32.0034 0x1240  hidserv - ok
10:09:32.0096 0x1240  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:09:32.0112 0x1240  HidUsb - ok
10:09:32.0158 0x1240  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:09:32.0190 0x1240  hkmsvc - ok
10:09:32.0252 0x1240  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:09:32.0268 0x1240  HomeGroupListener - ok
10:09:32.0314 0x1240  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:09:32.0330 0x1240  HomeGroupProvider - ok
10:09:32.0377 0x1240  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:09:32.0392 0x1240  HpSAMD - ok
10:09:32.0517 0x1240  [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:09:32.0548 0x1240  HPSLPSVC - ok
10:09:32.0595 0x1240  [ CF44B25AE808765D7308F412AD492DDB, 97A16ACCD6D624B2A57DDA913C8005320FF91542C0EF7F39456741D99D7B2725 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
10:09:32.0611 0x1240  HTCAND64 - ok
10:09:32.0658 0x1240  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
10:09:32.0673 0x1240  htcnprot - ok
10:09:32.0736 0x1240  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:09:32.0798 0x1240  HTTP - ok
10:09:32.0829 0x1240  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:09:32.0845 0x1240  hwpolicy - ok
10:09:32.0907 0x1240  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:09:32.0923 0x1240  i8042prt - ok
10:09:32.0970 0x1240  [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:09:32.0985 0x1240  iaStor - ok
10:09:33.0048 0x1240  [ 48362E5DB5CB2C000C514EE1F3890ACD, 561FB7BE085A624770832B0138DA1B9859981BCC66540A8F98D9F7D5B8EE6707 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:09:33.0063 0x1240  IAStorDataMgrSvc - ok
10:09:33.0110 0x1240  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:09:33.0126 0x1240  iaStorV - ok
10:09:33.0204 0x1240  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:09:33.0235 0x1240  idsvc - ok
10:09:33.0282 0x1240  IEEtwCollectorService - ok
10:09:33.0328 0x1240  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:09:33.0328 0x1240  iirsp - ok
10:09:33.0406 0x1240  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:09:33.0453 0x1240  IKEEXT - ok
10:09:33.0500 0x1240  [ C48567D80AD357613CD0EEADE18780AE, AFFAB3C915C5B48A39F7F8F9438A3085DBEBA1E431DD35861A5A08EA1CBE4D37 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
10:09:33.0516 0x1240  Impcd - ok
10:09:33.0640 0x1240  [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:09:33.0703 0x1240  IntcAzAudAddService - ok
10:09:33.0750 0x1240  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:09:33.0781 0x1240  intelide - ok
10:09:33.0812 0x1240  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:09:33.0828 0x1240  intelppm - ok
10:09:33.0890 0x1240  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:09:33.0937 0x1240  IPBusEnum - ok
10:09:33.0984 0x1240  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:09:34.0015 0x1240  IpFilterDriver - ok
10:09:34.0077 0x1240  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:09:34.0093 0x1240  iphlpsvc - ok
10:09:34.0140 0x1240  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:09:34.0155 0x1240  IPMIDRV - ok
10:09:34.0186 0x1240  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:09:34.0218 0x1240  IPNAT - ok
10:09:34.0249 0x1240  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:09:34.0264 0x1240  IRENUM - ok
10:09:34.0327 0x1240  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:09:34.0327 0x1240  isapnp - ok
10:09:34.0374 0x1240  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:09:34.0389 0x1240  iScsiPrt - ok
10:09:34.0436 0x1240  [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
10:09:34.0452 0x1240  IviRegMgr - ok
10:09:34.0498 0x1240  [ C9B4ECC187581E5BF3F76648884B7829, D4DDFDD92FEFDFAF293633C2B3860C37D7DC59965170E55AD181EFAFCFD1DB13 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
10:09:34.0514 0x1240  k57nd60a - ok
10:09:34.0545 0x1240  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:09:34.0561 0x1240  kbdclass - ok
10:09:34.0608 0x1240  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:09:34.0623 0x1240  kbdhid - ok
10:09:34.0639 0x1240  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
10:09:34.0654 0x1240  KeyIso - ok
10:09:34.0701 0x1240  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:09:34.0701 0x1240  KSecDD - ok
10:09:34.0717 0x1240  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:09:34.0732 0x1240  KSecPkg - ok
10:09:34.0779 0x1240  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:09:34.0810 0x1240  ksthunk - ok
10:09:34.0857 0x1240  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:09:34.0904 0x1240  KtmRm - ok
10:09:34.0966 0x1240  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:09:35.0013 0x1240  LanmanServer - ok
10:09:35.0060 0x1240  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:09:35.0107 0x1240  LanmanWorkstation - ok
10:09:35.0138 0x1240  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:09:35.0169 0x1240  lltdio - ok
10:09:35.0216 0x1240  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:09:35.0263 0x1240  lltdsvc - ok
10:09:35.0294 0x1240  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:09:35.0325 0x1240  lmhosts - ok
10:09:35.0403 0x1240  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:09:35.0419 0x1240  LMS - ok
10:09:35.0466 0x1240  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:09:35.0481 0x1240  LSI_FC - ok
10:09:35.0497 0x1240  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:09:35.0512 0x1240  LSI_SAS - ok
10:09:35.0528 0x1240  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:09:35.0544 0x1240  LSI_SAS2 - ok
10:09:35.0559 0x1240  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:09:35.0575 0x1240  LSI_SCSI - ok
10:09:35.0606 0x1240  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:09:35.0637 0x1240  luafv - ok
10:09:35.0700 0x1240  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:09:35.0715 0x1240  Mcx2Svc - ok
10:09:35.0746 0x1240  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:09:35.0746 0x1240  megasas - ok
10:09:35.0778 0x1240  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:09:35.0793 0x1240  MegaSR - ok
10:09:35.0918 0x1240  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:09:35.0918 0x1240  Microsoft Office Groove Audit Service - ok
10:09:35.0949 0x1240  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:09:35.0980 0x1240  MMCSS - ok
10:09:36.0012 0x1240  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:09:36.0043 0x1240  Modem - ok
10:09:36.0074 0x1240  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:09:36.0074 0x1240  monitor - ok
10:09:36.0136 0x1240  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:09:36.0136 0x1240  mouclass - ok
10:09:36.0168 0x1240  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:09:36.0183 0x1240  mouhid - ok
10:09:36.0246 0x1240  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:09:36.0261 0x1240  mountmgr - ok
10:09:36.0370 0x1240  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:09:36.0370 0x1240  MozillaMaintenance - ok
10:09:36.0433 0x1240  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:09:36.0448 0x1240  mpio - ok
10:09:36.0480 0x1240  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:09:36.0511 0x1240  mpsdrv - ok
10:09:36.0604 0x1240  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:09:36.0667 0x1240  MpsSvc - ok
10:09:36.0698 0x1240  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:09:36.0745 0x1240  MRxDAV - ok
10:09:36.0807 0x1240  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:09:36.0823 0x1240  mrxsmb - ok
10:09:36.0838 0x1240  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:09:36.0854 0x1240  mrxsmb10 - ok
10:09:36.0870 0x1240  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:09:36.0885 0x1240  mrxsmb20 - ok
10:09:36.0948 0x1240  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:09:36.0963 0x1240  msahci - ok
10:09:36.0994 0x1240  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:09:37.0010 0x1240  msdsm - ok
10:09:37.0026 0x1240  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:09:37.0041 0x1240  MSDTC - ok
10:09:37.0072 0x1240  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:09:37.0104 0x1240  Msfs - ok
10:09:37.0119 0x1240  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:09:37.0150 0x1240  mshidkmdf - ok
10:09:37.0197 0x1240  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:09:37.0213 0x1240  msisadrv - ok
10:09:37.0260 0x1240  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:09:37.0291 0x1240  MSiSCSI - ok
10:09:37.0306 0x1240  msiserver - ok
10:09:37.0338 0x1240  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:09:37.0384 0x1240  MSKSSRV - ok
10:09:37.0400 0x1240  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:09:37.0447 0x1240  MSPCLOCK - ok
10:09:37.0462 0x1240  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:09:37.0509 0x1240  MSPQM - ok
10:09:37.0556 0x1240  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:09:37.0572 0x1240  MsRPC - ok
10:09:37.0618 0x1240  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:09:37.0634 0x1240  mssmbios - ok
10:09:37.0665 0x1240  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:09:37.0696 0x1240  MSTEE - ok
10:09:37.0712 0x1240  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:09:37.0728 0x1240  MTConfig - ok
10:09:37.0743 0x1240  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:09:37.0743 0x1240  Mup - ok
10:09:37.0806 0x1240  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:09:37.0852 0x1240  napagent - ok
10:09:37.0899 0x1240  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:09:37.0930 0x1240  NativeWifiP - ok
10:09:38.0008 0x1240  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:09:38.0055 0x1240  NDIS - ok
10:09:38.0071 0x1240  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:09:38.0102 0x1240  NdisCap - ok
10:09:38.0133 0x1240  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:09:38.0164 0x1240  NdisTapi - ok
10:09:38.0227 0x1240  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:09:38.0274 0x1240  Ndisuio - ok
10:09:38.0320 0x1240  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:09:38.0352 0x1240  NdisWan - ok
10:09:38.0398 0x1240  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:09:38.0430 0x1240  NDProxy - ok
10:09:38.0492 0x1240  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:09:38.0492 0x1240  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:09:41.0269 0x1240  Detect skipped due to KSN trusted
10:09:41.0269 0x1240  Net Driver HPZ12 - ok
10:09:41.0362 0x1240  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:09:41.0409 0x1240  NetBIOS - ok
10:09:41.0472 0x1240  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:09:41.0518 0x1240  NetBT - ok
10:09:41.0550 0x1240  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
10:09:41.0565 0x1240  Netlogon - ok
10:09:41.0596 0x1240  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:09:41.0643 0x1240  Netman - ok
10:09:41.0721 0x1240  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0752 0x1240  NetMsmqActivator - ok
10:09:41.0768 0x1240  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0768 0x1240  NetPipeActivator - ok
10:09:41.0799 0x1240  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:09:41.0846 0x1240  netprofm - ok
10:09:41.0846 0x1240  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0862 0x1240  NetTcpActivator - ok
10:09:41.0877 0x1240  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:09:41.0893 0x1240  NetTcpPortSharing - ok
10:09:42.0158 0x1240  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
10:09:42.0376 0x1240  NETw5s64 - ok
10:09:42.0548 0x1240  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:09:42.0564 0x1240  nfrd960 - ok
10:09:42.0626 0x1240  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:09:42.0657 0x1240  NlaSvc - ok
10:09:42.0657 0x1240  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:09:42.0704 0x1240  Npfs - ok
10:09:42.0720 0x1240  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:09:42.0751 0x1240  nsi - ok
10:09:42.0766 0x1240  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:09:42.0813 0x1240  nsiproxy - ok
10:09:42.0891 0x1240  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:09:42.0954 0x1240  Ntfs - ok
10:09:43.0000 0x1240  [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
10:09:43.0016 0x1240  NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:09:45.0871 0x1240  Detect skipped due to KSN trusted
10:09:45.0871 0x1240  NTI IScheduleSvc - ok
10:09:45.0933 0x1240  [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
10:09:45.0949 0x1240  NTIBackupSvc - ok
10:09:45.0964 0x1240  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
10:09:45.0980 0x1240  NTIDrvr - ok
10:09:45.0996 0x1240  [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
10:09:45.0996 0x1240  NTISchedulerSvc - ok
10:09:46.0027 0x1240  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:09:46.0058 0x1240  Null - ok
10:09:46.0089 0x1240  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:09:46.0105 0x1240  nvraid - ok
10:09:46.0167 0x1240  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:09:46.0198 0x1240  nvstor - ok
10:09:46.0245 0x1240  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:09:46.0245 0x1240  nv_agp - ok
10:09:46.0386 0x1240  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:09:46.0401 0x1240  odserv - ok
10:09:46.0448 0x1240  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:09:46.0464 0x1240  ohci1394 - ok
10:09:46.0557 0x1240  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:09:46.0573 0x1240  ose - ok
10:09:46.0635 0x1240  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:09:46.0651 0x1240  p2pimsvc - ok
10:09:46.0698 0x1240  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:09:46.0729 0x1240  p2psvc - ok
10:09:46.0760 0x1240  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:09:46.0776 0x1240  Parport - ok
10:09:46.0838 0x1240  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:09:46.0854 0x1240  partmgr - ok
10:09:46.0916 0x1240  [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
10:09:46.0916 0x1240  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
10:09:49.0662 0x1240  Detect skipped due to KSN trusted
10:09:49.0662 0x1240  PassThru Service - ok
10:09:49.0740 0x1240  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:09:49.0786 0x1240  PcaSvc - ok
10:09:49.0833 0x1240  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:09:49.0849 0x1240  pci - ok
10:09:49.0896 0x1240  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:09:49.0896 0x1240  pciide - ok
10:09:49.0942 0x1240  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:09:49.0958 0x1240  pcmcia - ok
10:09:49.0974 0x1240  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:09:49.0974 0x1240  pcw - ok
10:09:50.0020 0x1240  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:09:50.0067 0x1240  PEAUTH - ok
10:09:50.0130 0x1240  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:09:50.0161 0x1240  PerfHost - ok
10:09:50.0239 0x1240  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:09:50.0317 0x1240  pla - ok
10:09:50.0395 0x1240  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:09:50.0426 0x1240  PlugPlay - ok
10:09:50.0457 0x1240  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:09:50.0473 0x1240  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:09:53.0296 0x1240  Detect skipped due to KSN trusted
10:09:53.0296 0x1240  Pml Driver HPZ12 - ok
10:09:53.0390 0x1240  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:09:53.0406 0x1240  PNRPAutoReg - ok
10:09:53.0437 0x1240  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:09:53.0468 0x1240  PNRPsvc - ok
10:09:53.0546 0x1240  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:09:53.0608 0x1240  PolicyAgent - ok
10:09:53.0640 0x1240  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:09:53.0671 0x1240  Power - ok
10:09:53.0733 0x1240  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:09:53.0796 0x1240  PptpMiniport - ok
10:09:53.0811 0x1240  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:09:53.0827 0x1240  Processor - ok
10:09:53.0874 0x1240  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:09:53.0905 0x1240  ProfSvc - ok
10:09:53.0920 0x1240  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:09:53.0936 0x1240  ProtectedStorage - ok
10:09:53.0998 0x1240  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:09:54.0045 0x1240  Psched - ok
10:09:54.0061 0x1240  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
10:09:54.0076 0x1240  PSI_SVC_2 - ok
10:09:54.0139 0x1240  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:09:54.0186 0x1240  ql2300 - ok
10:09:54.0217 0x1240  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:09:54.0232 0x1240  ql40xx - ok
10:09:54.0264 0x1240  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:09:54.0295 0x1240  QWAVE - ok
10:09:54.0310 0x1240  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:09:54.0326 0x1240  QWAVEdrv - ok
10:09:54.0342 0x1240  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:09:54.0373 0x1240  RasAcd - ok
10:09:54.0404 0x1240  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:09:54.0451 0x1240  RasAgileVpn - ok
10:09:54.0466 0x1240  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:09:54.0513 0x1240  RasAuto - ok
10:09:54.0560 0x1240  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:09:54.0622 0x1240  Rasl2tp - ok
10:09:54.0685 0x1240  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:09:54.0716 0x1240  RasMan - ok
10:09:54.0778 0x1240  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:09:54.0810 0x1240  RasPppoe - ok
10:09:54.0872 0x1240  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:09:54.0934 0x1240  RasSstp - ok
10:09:54.0981 0x1240  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:09:55.0028 0x1240  rdbss - ok
10:09:55.0059 0x1240  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:09:55.0075 0x1240  rdpbus - ok
10:09:55.0090 0x1240  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:09:55.0122 0x1240  RDPCDD - ok
10:09:55.0153 0x1240  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:09:55.0184 0x1240  RDPENCDD - ok
10:09:55.0200 0x1240  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:09:55.0246 0x1240  RDPREFMP - ok
10:09:55.0293 0x1240  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:09:55.0309 0x1240  RDPWD - ok
10:09:55.0356 0x1240  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:09:55.0371 0x1240  rdyboost - ok
10:09:55.0402 0x1240  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:09:55.0449 0x1240  RemoteAccess - ok
10:09:55.0480 0x1240  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:09:55.0512 0x1240  RemoteRegistry - ok
10:09:55.0558 0x1240  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:09:55.0590 0x1240  RFCOMM - ok
10:09:55.0605 0x1240  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:09:55.0652 0x1240  RpcEptMapper - ok
10:09:55.0668 0x1240  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:09:55.0683 0x1240  RpcLocator - ok
10:09:55.0730 0x1240  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:09:55.0792 0x1240  RpcSs - ok
10:09:55.0839 0x1240  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:09:55.0870 0x1240  rspndr - ok
10:09:55.0948 0x1240  [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
10:09:55.0980 0x1240  RSUSBSTOR - ok
10:09:56.0026 0x1240  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
10:09:56.0058 0x1240  RS_Service - ok
10:09:56.0089 0x1240  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
10:09:56.0104 0x1240  RTHDMIAzAudService - ok
10:09:56.0120 0x1240  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
10:09:56.0136 0x1240  SamSs - ok
10:09:56.0182 0x1240  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:09:56.0198 0x1240  sbp2port - ok
10:09:56.0245 0x1240  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:09:56.0307 0x1240  SCardSvr - ok
10:09:56.0354 0x1240  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:09:56.0385 0x1240  scfilter - ok
10:09:56.0432 0x1240  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:09:56.0494 0x1240  Schedule - ok
10:09:56.0541 0x1240  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:09:56.0588 0x1240  SCPolicySvc - ok
10:09:56.0619 0x1240  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:09:56.0635 0x1240  SDRSVC - ok
10:09:56.0682 0x1240  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:09:56.0713 0x1240  secdrv - ok
10:09:56.0760 0x1240  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:09:56.0806 0x1240  seclogon - ok
10:09:56.0838 0x1240  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:09:56.0869 0x1240  SENS - ok
10:09:56.0884 0x1240  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:09:56.0900 0x1240  SensrSvc - ok
10:09:56.0947 0x1240  [ 2437720D4480523562360B2B6B5864A7, 314725F4786B3E660D6C58AF611ABD41D9938CEF5A7F19762632DF51CB3A52D5 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
10:09:56.0962 0x1240  Ser2pl - ok
10:09:56.0994 0x1240  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:09:56.0994 0x1240  Serenum - ok
10:09:57.0025 0x1240  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:09:57.0040 0x1240  Serial - ok
10:09:57.0118 0x1240  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:09:57.0134 0x1240  sermouse - ok
10:09:57.0181 0x1240  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:09:57.0228 0x1240  SessionEnv - ok
10:09:57.0259 0x1240  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:09:57.0274 0x1240  sffdisk - ok
10:09:57.0290 0x1240  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:09:57.0306 0x1240  sffp_mmc - ok
10:09:57.0306 0x1240  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:09:57.0321 0x1240  sffp_sd - ok
10:09:57.0352 0x1240  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:09:57.0368 0x1240  sfloppy - ok
10:09:57.0430 0x1240  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:09:57.0477 0x1240  SharedAccess - ok
10:09:57.0555 0x1240  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:09:57.0633 0x1240  ShellHWDetection - ok
10:09:57.0649 0x1240  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:09:57.0664 0x1240  SiSRaid2 - ok
10:09:57.0696 0x1240  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:09:57.0696 0x1240  SiSRaid4 - ok
10:09:57.0930 0x1240  [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:09:58.0008 0x1240  Skype C2C Service - ok
10:09:58.0101 0x1240  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:09:58.0132 0x1240  SkypeUpdate - ok
10:09:58.0179 0x1240  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:09:58.0226 0x1240  Smb - ok
10:09:58.0273 0x1240  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:09:58.0288 0x1240  SNMPTRAP - ok
10:09:58.0320 0x1240  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:09:58.0335 0x1240  spldr - ok
10:09:58.0398 0x1240  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:09:58.0444 0x1240  Spooler - ok
10:09:58.0616 0x1240  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:09:58.0756 0x1240  sppsvc - ok
10:09:58.0772 0x1240  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:09:58.0803 0x1240  sppuinotify - ok
10:09:58.0866 0x1240  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:09:58.0881 0x1240  srv - ok
10:09:58.0912 0x1240  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:09:58.0928 0x1240  srv2 - ok
10:09:58.0959 0x1240  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:09:58.0975 0x1240  srvnet - ok
10:09:59.0037 0x1240  [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
10:09:59.0053 0x1240  ssadbus - ok
10:09:59.0084 0x1240  [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
10:09:59.0100 0x1240  ssadmdfl - ok
10:09:59.0115 0x1240  [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
10:09:59.0131 0x1240  ssadmdm - ok
10:09:59.0178 0x1240  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:09:59.0209 0x1240  SSDPSRV - ok
10:09:59.0224 0x1240  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:09:59.0271 0x1240  SstpSvc - ok
10:09:59.0302 0x1240  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:09:59.0302 0x1240  stexstor - ok
10:09:59.0365 0x1240  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
10:09:59.0380 0x1240  StillCam - ok
10:09:59.0458 0x1240  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:09:59.0505 0x1240  stisvc - ok
10:09:59.0552 0x1240  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:09:59.0568 0x1240  swenum - ok
10:09:59.0614 0x1240  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:09:59.0661 0x1240  swprv - ok
10:09:59.0708 0x1240  [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:09:59.0724 0x1240  SynTP - ok
10:09:59.0848 0x1240  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:09:59.0911 0x1240  SysMain - ok
10:09:59.0973 0x1240  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:09:59.0989 0x1240  TabletInputService - ok
10:10:00.0004 0x1240  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:10:00.0051 0x1240  TapiSrv - ok
10:10:00.0082 0x1240  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:10:00.0114 0x1240  TBS - ok
10:10:00.0238 0x1240  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:10:00.0285 0x1240  Tcpip - ok
10:10:00.0394 0x1240  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:10:00.0457 0x1240  TCPIP6 - ok
10:10:00.0504 0x1240  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:10:00.0519 0x1240  tcpipreg - ok
10:10:00.0550 0x1240  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:10:00.0566 0x1240  TDPIPE - ok
10:10:00.0613 0x1240  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:10:00.0628 0x1240  TDTCP - ok
10:10:00.0675 0x1240  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:10:00.0738 0x1240  tdx - ok
10:10:01.0096 0x1240  [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
10:10:01.0221 0x1240  TeamViewer8 - ok
10:10:01.0252 0x1240  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:10:01.0268 0x1240  TermDD - ok
10:10:01.0346 0x1240  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:10:01.0408 0x1240  TermService - ok
10:10:01.0440 0x1240  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:10:01.0455 0x1240  Themes - ok
10:10:01.0486 0x1240  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:10:01.0518 0x1240  THREADORDER - ok
10:10:01.0611 0x1240  [ F620772888B6E3EDEF5C3E71E3D447F0, 67CFC8E94ACCA0B31E7D2062D587C1BD37911F95A02C8CCB1B4A3E0EBDADC8B0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
10:10:01.0627 0x1240  TomTomHOMEService - ok
10:10:01.0658 0x1240  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:10:01.0689 0x1240  TrkWks - ok
10:10:01.0767 0x1240  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:10:01.0814 0x1240  TrustedInstaller - ok
10:10:01.0861 0x1240  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:10:01.0876 0x1240  tssecsrv - ok
10:10:01.0939 0x1240  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:10:01.0954 0x1240  TsUsbFlt - ok
10:10:02.0017 0x1240  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:10:02.0064 0x1240  tunnel - ok
10:10:02.0095 0x1240  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:10:02.0110 0x1240  uagp35 - ok
10:10:02.0110 0x1240  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
10:10:02.0126 0x1240  UBHelper - ok
10:10:02.0173 0x1240  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:10:02.0220 0x1240  udfs - ok
10:10:02.0235 0x1240  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:10:02.0251 0x1240  UI0Detect - ok
10:10:02.0266 0x1240  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:10:02.0266 0x1240  uliagpkx - ok
10:10:02.0344 0x1240  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:10:02.0360 0x1240  umbus - ok
10:10:02.0391 0x1240  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:10:02.0407 0x1240  UmPass - ok
10:10:02.0532 0x1240  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:10:02.0594 0x1240  UNS - ok
10:10:02.0672 0x1240  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
10:10:02.0688 0x1240  Updater Service - ok
10:10:02.0734 0x1240  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:10:02.0797 0x1240  upnphost - ok
10:10:02.0859 0x1240  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:10:02.0875 0x1240  usbccgp - ok
10:10:02.0922 0x1240  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:10:02.0953 0x1240  usbcir - ok
10:10:03.0000 0x1240  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:10:03.0015 0x1240  usbehci - ok
10:10:03.0062 0x1240  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:10:03.0078 0x1240  usbhub - ok
10:10:03.0124 0x1240  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:10:03.0156 0x1240  usbohci - ok
10:10:03.0187 0x1240  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:10:03.0218 0x1240  usbprint - ok
10:10:03.0265 0x1240  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:10:03.0296 0x1240  usbscan - ok
10:10:03.0374 0x1240  [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
10:10:03.0405 0x1240  usbser - ok
10:10:03.0421 0x1240  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:10:03.0436 0x1240  USBSTOR - ok
10:10:03.0483 0x1240  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:10:03.0514 0x1240  usbuhci - ok
10:10:03.0561 0x1240  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:10:03.0592 0x1240  usbvideo - ok
10:10:03.0639 0x1240  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
10:10:03.0655 0x1240  usb_rndisx - ok
10:10:03.0686 0x1240  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:10:03.0717 0x1240  UxSms - ok
10:10:03.0733 0x1240  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
10:10:03.0748 0x1240  VaultSvc - ok
10:10:03.0764 0x1240  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:10:03.0780 0x1240  vdrvroot - ok
10:10:03.0842 0x1240  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:10:03.0904 0x1240  vds - ok
10:10:03.0936 0x1240  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:10:03.0967 0x1240  vga - ok
10:10:03.0982 0x1240  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:10:04.0029 0x1240  VgaSave - ok
10:10:04.0076 0x1240  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:10:04.0107 0x1240  vhdmp - ok
10:10:04.0138 0x1240  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:10:04.0170 0x1240  viaide - ok
10:10:04.0185 0x1240  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:10:04.0201 0x1240  volmgr - ok
10:10:04.0248 0x1240  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:10:04.0279 0x1240  volmgrx - ok
10:10:04.0310 0x1240  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:10:04.0326 0x1240  volsnap - ok
10:10:04.0372 0x1240  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:10:04.0404 0x1240  vsmraid - ok
10:10:04.0513 0x1240  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:10:04.0591 0x1240  VSS - ok
10:10:04.0606 0x1240  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:10:04.0622 0x1240  vwifibus - ok
10:10:04.0653 0x1240  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:10:04.0669 0x1240  vwififlt - ok
10:10:04.0731 0x1240  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:10:04.0762 0x1240  vwifimp - ok
10:10:04.0840 0x1240  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:10:04.0903 0x1240  W32Time - ok
10:10:04.0918 0x1240  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:10:04.0934 0x1240  WacomPen - ok
10:10:04.0981 0x1240  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:10:05.0043 0x1240  WANARP - ok
10:10:05.0059 0x1240  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:10:05.0090 0x1240  Wanarpv6 - ok
10:10:05.0215 0x1240  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:10:05.0246 0x1240  WatAdminSvc - ok
10:10:05.0355 0x1240  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:10:05.0402 0x1240  wbengine - ok
10:10:05.0449 0x1240  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:10:05.0480 0x1240  WbioSrvc - ok
10:10:05.0542 0x1240  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:10:05.0589 0x1240  wcncsvc - ok
10:10:05.0605 0x1240  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:10:05.0620 0x1240  WcsPlugInService - ok
10:10:05.0636 0x1240  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:10:05.0652 0x1240  Wd - ok
10:10:05.0730 0x1240  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:10:05.0761 0x1240  Wdf01000 - ok
10:10:05.0776 0x1240  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:10:05.0808 0x1240  WdiServiceHost - ok
10:10:05.0823 0x1240  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:10:05.0839 0x1240  WdiSystemHost - ok
10:10:05.0886 0x1240  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:10:05.0901 0x1240  WebClient - ok
10:10:05.0932 0x1240  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:10:05.0979 0x1240  Wecsvc - ok
10:10:05.0995 0x1240  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:10:06.0026 0x1240  wercplsupport - ok
10:10:06.0057 0x1240  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:10:06.0104 0x1240  WerSvc - ok
10:10:06.0135 0x1240  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:10:06.0182 0x1240  WfpLwf - ok
10:10:06.0182 0x1240  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:10:06.0198 0x1240  WIMMount - ok
10:10:06.0213 0x1240  WinDefend - ok
10:10:06.0229 0x1240  WinHttpAutoProxySvc - ok
10:10:06.0276 0x1240  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:10:06.0322 0x1240  Winmgmt - ok
10:10:06.0432 0x1240  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:10:06.0525 0x1240  WinRM - ok
10:10:06.0588 0x1240  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:10:06.0619 0x1240  WinUsb - ok
10:10:06.0666 0x1240  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:10:06.0712 0x1240  Wlansvc - ok
10:10:06.0900 0x1240  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:10:06.0962 0x1240  wlidsvc - ok
10:10:07.0024 0x1240  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:10:07.0056 0x1240  WmiAcpi - ok
10:10:07.0071 0x1240  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:10:07.0087 0x1240  wmiApSrv - ok
10:10:07.0134 0x1240  WMPNetworkSvc - ok
10:10:07.0165 0x1240  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:10:07.0180 0x1240  WPCSvc - ok
10:10:07.0227 0x1240  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:10:07.0243 0x1240  WPDBusEnum - ok
10:10:07.0258 0x1240  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:10:07.0305 0x1240  ws2ifsl - ok
10:10:07.0321 0x1240  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:10:07.0336 0x1240  wscsvc - ok
10:10:07.0399 0x1240  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:10:07.0414 0x1240  WSDPrintDevice - ok
10:10:07.0446 0x1240  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
10:10:07.0461 0x1240  WSDScan - ok
10:10:07.0461 0x1240  WSearch - ok
10:10:07.0555 0x1240  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:10:07.0617 0x1240  wuauserv - ok
10:10:07.0664 0x1240  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:10:07.0695 0x1240  WudfPf - ok
10:10:07.0742 0x1240  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:10:07.0773 0x1240  WUDFRd - ok
10:10:07.0789 0x1240  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:10:07.0804 0x1240  wudfsvc - ok
10:10:07.0867 0x1240  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:10:07.0898 0x1240  WwanSvc - ok
10:10:07.0929 0x1240  ================ Scan global ===============================
10:10:07.0960 0x1240  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:10:08.0023 0x1240  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:10:08.0054 0x1240  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:10:08.0085 0x1240  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:10:08.0116 0x1240  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:10:08.0116 0x1240  [ Global ] - ok
10:10:08.0116 0x1240  ================ Scan MBR ==================================
10:10:08.0148 0x1240  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:10:08.0647 0x1240  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
10:10:08.0647 0x1240  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:10:22.0422 0x1240  ================ Scan VBR ==================================
10:10:22.0484 0x1240  [ A494A22B5EFEED048E8B225C0B4F343E ] \Device\Harddisk0\DR0\Partition1
10:10:22.0484 0x1240  \Device\Harddisk0\DR0\Partition1 - ok
10:10:22.0500 0x1240  [ 25F5849B729BA047868E7BFDFFD3EFF8 ] \Device\Harddisk0\DR0\Partition2
10:10:22.0500 0x1240  \Device\Harddisk0\DR0\Partition2 - ok
10:10:22.0500 0x1240  Waiting for KSN requests completion. In queue: 182
10:10:23.0529 0x1240  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
10:10:23.0529 0x1240  Win FW state via NFP2: enabled
10:10:26.0290 0x1240  ============================================================
10:10:26.0290 0x1240  Scan finished
10:10:26.0290 0x1240  ============================================================
10:10:26.0290 0x1a04  Detected object count: 1
10:10:26.0290 0x1a04  Actual detected object count: 1
10:10:42.0795 0x1a04  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
10:10:42.0811 0x1a04  \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
10:10:42.0811 0x1a04  \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
10:10:42.0811 0x1a04  \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
10:10:42.0811 0x1a04  \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
10:10:42.0811 0x1a04  \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
10:10:42.0827 0x1a04  \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
10:10:42.0827 0x1a04  \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
10:10:42.0858 0x1a04  \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
10:10:42.0873 0x1a04  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
10:10:42.0873 0x1a04  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
10:10:42.0889 0x1a04  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
10:10:42.0889 0x1a04  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
10:10:42.0889 0x1a04  \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
10:10:42.0889 0x1a04  \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
10:10:42.0905 0x1a04  \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
10:10:42.0905 0x1a04  \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
10:10:42.0983 0x1a04  \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
10:10:43.0045 0x1a04  \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
10:10:43.0045 0x1a04  \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
10:10:43.0092 0x1a04  \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
10:10:43.0107 0x1a04  \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
10:10:43.0123 0x1a04  \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
10:10:43.0139 0x1a04  \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
10:10:43.0139 0x1a04  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine 
10:10:47.0819 0x1564  Deinitialize success
         
hab jetzt mal "copy to quarantine" gewählt, cure gabs nicht.

Geändert von pace123 (02.12.2013 um 09:11 Uhr)

Alt 02.12.2013, 10:51   #5
schrauber
/// the machine
/// TB-Ausbilder
 

BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.12.2013, 12:27   #6
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Hier mein logfile von Combofix:

Code:
ATTFilter
ComboFix 13-12-01.01 - Richi 02.12.2013  12:52:50.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.3959.1873 [GMT 1:00]
ausgeführt von:: c:\users\Richi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
 ADS - Windows: deleted 24 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Richi\AppData\Local\Temp\_MEI27842\_ctypes.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_elementtree.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_hashlib.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_multiprocessing.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_socket.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\_ssl.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\msvcp100.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\msvcr100.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\pyexpat.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\pysqlite2._sqlite.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\python27.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\pythoncom27.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\PyWinTypes27.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\select.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\unicodedata.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32api.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32com.shell.shell.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32crypt.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32event.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32file.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32inet.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32pdh.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32process.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32profile.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32security.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\win32ts.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\windows._cacheinvalidation.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._controls_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._core_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._gdi_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._html2.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._misc_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._windows_.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wx._wizard.pyd
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxbase294u_net_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxbase294u_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_adv_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_core_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_html_vc90.dll
c:\users\Richi\AppData\Local\Temp\_MEI27842\wxmsw294u_webview_vc90.dll
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-11-02 bis 2013-12-02  ))))))))))))))))))))))))))))))
.
.
2013-12-02 11:59 . 2013-12-02 11:59	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-12-02 09:10 . 2013-12-02 09:10	--------	d-----w-	C:\TDSSKiller_Quarantine
2013-12-02 08:19 . 2013-12-02 08:19	--------	d-----w-	C:\FRST
2013-11-30 14:46 . 2013-11-18 00:28	10285968	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5ED1C31A-7FFB-426B-9662-6ADCFE451AAE}\mpengine.dll
2013-11-26 19:45 . 2013-11-26 19:45	--------	d-----w-	c:\users\Richi\AppData\Roaming\Avira
2013-11-26 19:36 . 2013-10-31 18:25	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-11-26 19:36 . 2013-10-31 18:25	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-11-26 19:36 . 2013-10-31 18:25	132600	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-11-26 19:36 . 2013-10-31 18:25	106904	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-11-26 19:36 . 2013-11-26 19:36	--------	d-----w-	c:\program files (x86)\Avira
2013-11-26 17:35 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2013-11-26 17:31 . 2013-11-26 17:31	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:31 . 2013-11-26 17:31	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-13 15:02 . 2013-10-04 02:28	190464	----a-w-	c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 15:02 . 2013-10-04 02:25	197120	----a-w-	c:\windows\system32\credui.dll
2013-11-13 15:02 . 2013-10-04 02:24	1930752	----a-w-	c:\windows\system32\authui.dll
2013-11-13 15:02 . 2013-10-04 01:58	152576	----a-w-	c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-13 15:02 . 2013-10-04 01:56	168960	----a-w-	c:\windows\SysWow64\credui.dll
2013-11-13 15:02 . 2013-10-04 01:56	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-11-13 15:02 . 2013-09-28 01:09	497152	----a-w-	c:\windows\system32\drivers\afd.sys
2013-11-13 15:02 . 2013-10-05 20:25	1474048	----a-w-	c:\windows\system32\crypt32.dll
2013-11-10 16:58 . 2013-11-10 16:59	--------	d-----w-	c:\users\Richi\bitcoin
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 12:48 . 2011-11-06 09:38	82896128	----a-w-	c:\windows\system32\MRT.exe
2013-11-11 04:50 . 2011-11-01 21:10	267936	------w-	c:\windows\system32\MpSigStub.exe
2013-10-10 14:29 . 2011-11-01 21:55	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 22:18 . 2012-11-10 13:28	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-10-08 22:18 . 2013-10-08 22:18	824144	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-09-08 02:30 . 2013-10-10 14:00	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 14:00	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 14:00	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-11-01 16:00	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-11-01 16:00	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-11-01 16:00	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-11-01 16:00	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-11-01 16:00	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-11-01 16:00	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-11-01 16:00	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}]
2012-07-09 00:09	263272	----a-w-	c:\program files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 08:49	176936	----a-w-	c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-03-15 13:57	242384	----a-w-	c:\program files (x86)\Softonic\Softonic\1.5.21.0\bh\Softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll" [2012-03-15 250576]
"{9E131A93-EED7-4BEB-B015-A0ADB30B5646}"= "c:\program files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll" [2012-07-09 287848]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{9e131a93-eed7-4beb-b015-a0adb30b5646}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-09-25 20133824]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-31 683576]
.
c:\users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager;c:\program files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe;c:\program files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 14:29]
.
2013-12-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
- c:\users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-05 08:22]
.
2013-12-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
- c:\users\Richi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-05 08:22]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04 16:07]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-04 16:07]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
- c:\users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02 11:49]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
- c:\users\Richi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-02 11:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Richi\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-05 860192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.claro-search.com/?affID=116198&tt=4012_4&babsrc=HP_ss&mntrId=e4a08d4b00000000000078e4002ed2f5
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\
FF - prefs.js: browser.startup.homepage - www.orf.at
           user_pref('network.proxy.ftp', '');     user_pref('network.proxy.ftp_port', 80);     user_pref('network.proxy.gopher', '');     user_pref('network.proxy.gopher_port', 80);     user_pref('network.proxy.http', '');     user_pref('network.proxy.http_port', 80);     user_pref('network.proxy.socks', '');     user_pref('network.proxy.socks_port', 80);     user_pref('network.proxy.ssl', '');     user_pref('network.proxy.ssl_port', 80);            FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=ddrnw
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=ddrnw
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=
FF - user.js: extensions.funmoods_i.id - e4a08d4b00000000000078e4002ed2f5
FF - user.js: extensions.funmoods_i.instlDay - 15372
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1620:34
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - ddrnw
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef - 
FF - user.js: extensions.funmoods_i.dfltLng - 
FF - user.js: extensions.funmoods_i.excTlbr - false
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - e4a08d4b00000000000078e4002ed2f5
FF - user.js: extensions.Softonic.instlDay - 15475
FF - user.js: extensions.Softonic.vrsn - 1.5.21.0
FF - user.js: extensions.Softonic.vrsni - 1.5.21.0
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.21.021:55
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00015
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.claro.id - e4a08d4b00000000000078e4002ed2f5
FF - user.js: extensions.claro.instlDay - 15618
FF - user.js: extensions.claro.vrsn - 1.6.4.1
FF - user.js: extensions.claro.vrsni - 1.6.4.1
FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.112:27
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - claro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-02  13:06:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-12-02 12:06
.
Vor Suchlauf: 12 Verzeichnis(se), 174.565.728.256 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 174.892.130.304 Bytes frei
.
- - End Of File - - C96B17CDB05A7B3323714A589B996043
         
hab die oben angeführte Fehlermeldung nicht erhalten, lg

Alt 03.12.2013, 08:42   #7
schrauber
/// the machine
/// TB-Ausbilder
 

BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.12.2013, 09:35   #8
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



also hier mal die das Malwarebytes logfile:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.03.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Richi :: MEINER [Administrator]

03.12.2013 10:02:31
mbam-log-2013-12-03 (10-02-31).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 215898
Laufzeit: 4 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Richi\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Richi\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 6
C:\Users\Richi\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Richi\Keygen.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Richi\Microsoft Office 2007 Enterprise Keygen.rar (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Richi\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Richi\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
hier das AdwCleander logfile:

Code:
ATTFilter
# AdwCleaner v3.014 - Bericht erstellt am 03/12/2013 um 10:17:04
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Richi - MEINER
# Gestartet von : C:\Users\Richi\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azureus
Ordner Gelöscht : C:\Program Files (x86)\Claro LTD
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\file scout
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\Vuze_Remote
Ordner Gelöscht : C:\Program Files (x86)\Azureus
Ordner Gelöscht : C:\Users\Richi\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Claro LTD
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Richi\AppData\LocalLow\Vuze_Remote
Ordner Gelöscht : C:\Users\Richi\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Richi\AppData\Roaming\Azureus
Ordner Gelöscht : C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Azureus
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\funmoods.xml
Datei Gelöscht : C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-flash-maker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-flash-maker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_shredder-classic_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_shredder-classic_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj-free-home-edition_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_virtual-dj-free-home-edition_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B972AA18-C742-46F7-B200-3444DC69EE94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05BD01CA-E290-4DDB-A214-08461D3E5271}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Claro LTD
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Azureus
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Vuze_Remote
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Claro LTD
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Azureus
Schlüssel Gelöscht : HKLM\Software\Vuze_Remote
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Azureus
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\prefs.js ]

Zeile gelöscht : user_pref("CT2504091.autoDisableScopes", -1);
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.id", "e4a08d4b00000000000078e4002ed2f5");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "15475");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MON00015");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.5.21.0");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.5.21.0");
Zeile gelöscht : user_pref("extensions.Softonic_i.newTab", false);
Zeile gelöscht : user_pref("extensions.Softonic_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.021:55:01");
Zeile gelöscht : user_pref("extensions.claro.admin", false);
Zeile gelöscht : user_pref("extensions.claro.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.claro.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.claro.excTlbr", false);
Zeile gelöscht : user_pref("extensions.claro.id", "e4a08d4b00000000000078e4002ed2f5");
Zeile gelöscht : user_pref("extensions.claro.instlDay", "15618");
Zeile gelöscht : user_pref("extensions.claro.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.claro.prdct", "claro");
Zeile gelöscht : user_pref("extensions.claro.prtnrId", "claro");
Zeile gelöscht : user_pref("extensions.claro.tlbrId", "claro");
Zeile gelöscht : user_pref("extensions.claro.vrsn", "1.6.4.1");
Zeile gelöscht : user_pref("extensions.claro.vrsni", "1.6.4.1");
Zeile gelöscht : user_pref("extensions.claro_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.claro_i.vrsnTs", "1.6.4.112:27:21");
Zeile gelöscht : user_pref("extensions.funmoods_i.aflt", "ddrnw");
Zeile gelöscht : user_pref("extensions.funmoods_i.dfltLng", "");
Zeile gelöscht : user_pref("extensions.funmoods_i.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.dnsErr", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.excTlbr", false);
Zeile gelöscht : user_pref("extensions.funmoods_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ddrnw");
Zeile gelöscht : user_pref("extensions.funmoods_i.id", "e4a08d4b00000000000078e4002ed2f5");
Zeile gelöscht : user_pref("extensions.funmoods_i.instlDay", "15372");
Zeile gelöscht : user_pref("extensions.funmoods_i.instlRef", "");
Zeile gelöscht : user_pref("extensions.funmoods_i.newTab", true);
Zeile gelöscht : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ddrnw");
Zeile gelöscht : user_pref("extensions.funmoods_i.prdct", "funmoods");
Zeile gelöscht : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Zeile gelöscht : user_pref("extensions.funmoods_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Zeile gelöscht : user_pref("extensions.funmoods_i.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=");
Zeile gelöscht : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Zeile gelöscht : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1620:34:21");
Zeile gelöscht : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.activityViewPoint", false);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableAutoplayViewPoint", false);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableContextMenuViewPoint", true);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableEmbedViewPoint", true);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.enableFileViewPoint", true);
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.playerparamsviewpoint", "%f");
Zeile gelöscht : user_pref("extensions.mediaplayerconnectivity.playerviewpoint", "");

-\\ Google Chrome v

[ Datei : C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [25433 octets] - [03/12/2013 10:16:00]
AdwCleaner[S0].txt - [23705 octets] - [03/12/2013 10:17:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23766 octets] ##########
         
hier das jrt.txt

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Richi on 03.12.2013 at 10:24:07,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{09C9F427-A44D-4124-BE7A-E35344C6F88A}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Richi\AppData\Roaming\mozilla\firefox\profiles\ncp7yj3m.default\prefs.js

user_pref("extensions.twitter.trends", "[{\"title\":\"Lady Gaga's boyfriend bust\",\"url\":\"hxxp://tr.oneriotads.com/LQq74ShJW27saEY-seK1ltDFJBXgYK_1dpC-9jRmXnUEmCKLjFSrn9PBH
Emptied folder: C:\Users\Richi\AppData\Roaming\mozilla\firefox\profiles\ncp7yj3m.default\minidumps [406 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2013 at 10:30:15,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
hier nochmal dir frst.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013
Ran by Richi (administrator) on MEINER on 03-12-2013 10:33:50
Running from C:\Users\Richi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Macrovision Corporation) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dropbox, Inc.) C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
AppInit_DLLs: C:\Windows\System32\acaptuser64.dll [36984 2007-05-10] (Adobe Systems, Inc.)
Startup: C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default
FF Homepage: www.orf.at
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Richi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\footiefox.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\twitter-.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch, erweitert für Österreich - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\de-AT@dictionaries.addons.mozilla.org
FF Extension: Xmarks - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\foxmarks@kei.com
FF Extension: Evernote Web Clipper - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: twitter.address.bar.search - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\twitter.address.bar.search@firefox.twitter.xpi
FF Extension: youtube2mp3 - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (AdBlock) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [3536896 2009-04-14] (ANSYS, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-14] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-03 10:33 - 2013-12-03 10:33 - 01959434 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:15 - 2013-12-03 10:17 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 12:50 - 2013-12-02 13:07 - 00000000 ____D C:\Qoobox
2013-12-02 12:50 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-02 12:50 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-02 12:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-02 12:49 - 2013-12-02 13:05 - 00000000 ____D C:\Windows\erdnt
2013-12-02 11:59 - 2013-12-02 12:00 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:20 - 2013-12-03 10:33 - 00018853 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-12-03 09:30 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 20:32 - 2013-11-26 20:34 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 18:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:18 - 2013-11-26 18:35 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 11:59 - 2013-11-23 20:12 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-16 15:40 - 2013-11-16 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 10:51 - 2013-11-19 19:22 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-13 16:02 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:02 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:02 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:02 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 16:02 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:01 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:01 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:01 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:01 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:44 - 2013-11-12 22:57 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-10 17:58 - 2013-11-10 17:59 - 00000000 ____D C:\Users\Richi\bitcoin

==================== One Month Modified Files and Folders =======

2013-12-03 10:34 - 2013-12-02 09:20 - 00018853 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-03 10:33 - 2013-12-03 10:33 - 01959434 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:29 - 2012-08-20 09:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-03 10:27 - 2012-04-05 21:17 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-03 10:27 - 2012-04-05 21:17 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-03 10:27 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:27 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:26 - 2011-11-04 17:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:24 - 2011-11-01 22:22 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Skype
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:19 - 2011-11-21 15:24 - 00000000 ___RD C:\Users\Richi\Dropbox
2013-12-03 10:19 - 2011-11-21 15:23 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Dropbox
2013-12-03 10:18 - 2013-08-13 19:55 - 00015357 _____ C:\Windows\setupact.log
2013-12-03 10:18 - 2012-05-03 12:59 - 00000000 ___RD C:\Users\Richi\Google Drive
2013-12-03 10:18 - 2011-11-04 17:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-03 10:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 10:17 - 2013-12-03 10:15 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:17 - 2011-11-01 21:32 - 01472968 _____ C:\Windows\WindowsUpdate.log
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 10:10 - 2013-10-06 13:00 - 00103868 _____ C:\Windows\PFRO.log
2013-12-03 10:07 - 2011-11-01 21:39 - 00000000 ____D C:\Users\Richi
2013-12-03 09:49 - 2011-11-02 12:49 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:30 - 2013-11-26 20:36 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 20:49 - 2011-11-02 12:49 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-02 13:07 - 2013-12-02 12:50 - 00000000 ____D C:\Qoobox
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 13:05 - 2013-12-02 12:49 - 00000000 ____D C:\Windows\erdnt
2013-12-02 13:01 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-02 12:00 - 2013-12-02 11:59 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 12:01 - 2012-05-03 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-30 16:19 - 2013-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-08-09 09:51 - 00000000 ____D C:\ProgramData\Avira
2013-11-26 20:34 - 2013-11-26 20:32 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 19:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 18:44 - 2011-11-06 11:08 - 00001425 _____ C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 18:43 - 2010-03-29 11:25 - 00000000 ____D C:\Windows\Panther
2013-11-26 18:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 18:35 - 2013-11-26 18:18 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:11 - 2013-06-07 23:22 - 00000000 ____D C:\Windows\Minidump
2013-11-26 18:11 - 2012-02-09 18:45 - 00000000 ____D C:\Program Files\CCleaner
2013-11-26 18:11 - 2011-12-08 02:20 - 00000000 ____D C:\Users\Richi\AppData\Roaming\vlc
2013-11-26 18:11 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 20:12 - 2013-11-23 11:59 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-20 14:14 - 2011-11-02 08:55 - 00000000 ____D C:\Users\Richi\AppData\Local\Adobe
2013-11-19 19:22 - 2013-11-16 10:51 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-16 15:41 - 2013-11-16 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 14:48 - 2013-03-23 13:35 - 00000000 ____D C:\Users\Richi\Bewerbung
2013-11-14 13:52 - 2010-03-29 10:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 13:48 - 2013-08-01 19:47 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:48 - 2011-11-06 10:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 22:57 - 2013-11-12 20:44 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-12 16:35 - 2011-11-01 21:48 - 00000000 ____D C:\Users\Richi\Downloads\Programme
2013-11-12 16:10 - 2011-11-02 06:15 - 00700608 _____ C:\Windows\system32\perfh007.dat
2013-11-12 16:10 - 2011-11-02 06:15 - 00149372 _____ C:\Windows\system32\perfc007.dat
2013-11-12 16:10 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:50 - 2011-11-01 22:10 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 17:59 - 2013-11-10 17:58 - 00000000 ____D C:\Users\Richi\bitcoin
2013-11-09 23:50 - 2011-11-01 21:57 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Mozilla
2013-11-09 14:44 - 2012-02-02 20:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-08 15:33 - 2012-03-07 18:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 15:33 - 2011-11-01 22:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 20:10 - 2011-11-04 07:54 - 00000000 ____D C:\Users\Richi\Segeln

Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\avgnt.exe
C:\Users\Richi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-02 09:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 04.12.2013, 09:12   #9
schrauber
/// the machine
/// TB-Ausbilder
 

BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.12.2013, 18:11   #10
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



so nach 3h(!) eset kam es zu folgenden logfile:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=eb00843b140a4c41808c704a3cfafcce
# engine=16132
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-04 05:41:45
# local_time=2013-12-04 06:41:45 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 15033 2938587 7807 0
# compatibility_mode=5893 16776573 100 94 115951 137808755 0 0
# scanned=459156
# found=19
# cleaned=0
# scan_time=11113
sh=1B55A807FB047C47C0CFF49162A91BE77E50F051 ft=1 fh=4a92c2fd18962af4 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0005.dta"
sh=7C794856DA9A3D40740431C1C355324BF15F7B9F ft=1 fh=3c404436a28ba5f7 vn="a variant of Generik.CIVPCAN trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0006.dta"
sh=8FC47002C94322D27E7CC23DE0E09366278D1FAC ft=1 fh=b59116e9ea4b609b vn="Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0007.dta"
sh=C1537F8F8308DB428A17D8309AF853CBDDD86378 ft=1 fh=c25e6ab804e54205 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0008.dta"
sh=D5F20E8DD68BF3F2755756925DE31F78941EFD8F ft=1 fh=533da6b67824c7dc vn="a variant of Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0009.dta"
sh=BD23CFA926B0FE04CDE450F63D7BDC381D238E12 ft=1 fh=e7aec2c971424e71 vn="Win64/Olmasco.V trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0010.dta"
sh=614A4E374797F94A1327F4C7D08A79A948660E9A ft=1 fh=1cb93ee4eea17c9e vn="Win32/Olmasco.Q trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0011.dta"
sh=0052E97FFDEB7172B5306B68B008697EB61862A4 ft=1 fh=98c9107c7a5c7106 vn="Win64/Olmasco.X trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0012.dta"
sh=3F20A1B9A9B3BD3FE2D0A633163354FAA0F88CB0 ft=1 fh=84c5424661190d94 vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0018.dta"
sh=EE9BF7F76862D0FE3D465778CE2FC95CE5193BBA ft=1 fh=89e67a75a2cd2bcc vn="a variant of Win32/Kryptik.UWS trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0019.dta"
sh=5474B198E55E9FC5CA0164692178832F5F9014E4 ft=1 fh=7f460b92ec8cf3d3 vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0020.dta"
sh=5042BE31C99C1BC56ECD4E17F2EA9C62429D7E0B ft=1 fh=2daf6b25d34e32de vn="a variant of Win64/Olmasco.AD trojan" ac=I fn="C:\TDSSKiller_Quarantine\02.12.2013_10.08.48\tdlfs0000\tsk0021.dta"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\Dropbox\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
sh=0444530407A5461C2FF4220D90AFBB38B292BBAD ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard\Wechseldatenträger\backups\apps\jds.smsbomb-1.apk"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard\Wechseldatenträger\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
sh=0444530407A5461C2FF4220D90AFBB38B292BBAD ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard1\Wechseldatenträger\backups\apps\jds.smsbomb-1.apk"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard1\Wechseldatenträger\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
sh=0444530407A5461C2FF4220D90AFBB38B292BBAD ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard2\Wechseldatenträger\backups\apps\jds.smsbomb-1.apk"
sh=9AAE246677D5AC29F8E85952AA5F162DB25FB2FF ft=0 fh=0000000000000000 vn="a variant of Android/TrojanSMS.Bosm.E trojan" ac=I fn="C:\Users\Richi\HTC Desire\sdcard2\Wechseldatenträger\TitaniumBackup\jds.smsbomb-4c71c9229742e29fda5910daf7ee138e.apk.gz"
         
und hier das checkup.txt:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.76  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java(TM) 6 Update 29  
 Java 7 Update 21  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.117  
 Adobe Reader 10.1.4 Adobe Reader out of Date!  
 Mozilla Firefox (25.0.1) 
 Mozilla Thunderbird (24.1.1) 
 Google Chrome 30.0.1599.101  
 Google Chrome 31.0.1650.57  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und hier nochmal das frst


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by Richi (administrator) on MEINER on 04-12-2013 18:55:55
Running from C:\Users\Richi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Macrovision Corporation) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Dropbox, Inc.) C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
AppInit_DLLs: C:\Windows\System32\acaptuser64.dll [36984 2007-05-10] (Adobe Systems, Inc.)
Startup: C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Richi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default
FF Homepage: www.orf.at
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Richi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Richi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\footiefox.xml
FF SearchPlugin: C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\searchplugins\twitter-.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch, erweitert für Österreich - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\de-AT@dictionaries.addons.mozilla.org
FF Extension: Xmarks - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\foxmarks@kei.com
FF Extension: Evernote Web Clipper - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: twitter.address.bar.search - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\twitter.address.bar.search@firefox.twitter.xpi
FF Extension: youtube2mp3 - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: Adblock Plus - C:\Users\Richi\AppData\Roaming\Mozilla\Firefox\Profiles\ncp7yj3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Richi\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Richi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Richi\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (AdBlock) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0
CHR Extension: (Google Wallet) - C:\Users\Richi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [3536896 2009-04-14] (ANSYS, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-14] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-04 18:46 - 2013-12-04 18:46 - 00891184 _____ C:\Users\Richi\Desktop\SecurityCheck.exe
2013-12-04 15:31 - 2013-12-04 15:31 - 02347384 _____ (ESET) C:\Users\Richi\Desktop\esetsmartinstaller_enu.exe
2013-12-03 10:33 - 2013-12-04 18:55 - 01959766 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:15 - 2013-12-03 10:17 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 12:50 - 2013-12-02 13:07 - 00000000 ____D C:\Qoobox
2013-12-02 12:50 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-02 12:50 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-02 12:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-02 12:50 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-02 12:49 - 2013-12-02 13:05 - 00000000 ____D C:\Windows\erdnt
2013-12-02 11:59 - 2013-12-02 12:00 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:20 - 2013-12-04 18:55 - 00018865 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-12-03 09:30 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-26 20:36 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-26 20:32 - 2013-11-26 20:34 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 18:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:18 - 2013-11-26 18:35 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 11:59 - 2013-11-23 20:12 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-16 15:40 - 2013-11-16 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 10:51 - 2013-11-19 19:22 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-13 16:02 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:02 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 16:02 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 16:02 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 16:02 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 16:02 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 16:01 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 16:01 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 16:01 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 16:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 16:01 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 16:01 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 16:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 16:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 16:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 16:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 16:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 16:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 16:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 16:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 16:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 16:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:44 - 2013-11-12 22:57 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-10 17:58 - 2013-11-10 17:59 - 00000000 ____D C:\Users\Richi\bitcoin

==================== One Month Modified Files and Folders =======

2013-12-04 18:56 - 2013-12-02 09:20 - 00018865 _____ C:\Users\Richi\Desktop\FRST.txt
2013-12-04 18:55 - 2013-12-03 10:33 - 01959766 _____ (Farbar) C:\Users\Richi\Desktop\FRST64.exe
2013-12-04 18:49 - 2011-11-02 12:49 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-04 18:46 - 2013-12-04 18:46 - 00891184 _____ C:\Users\Richi\Desktop\SecurityCheck.exe
2013-12-04 18:33 - 2011-11-01 21:32 - 01502854 _____ C:\Windows\WindowsUpdate.log
2013-12-04 18:29 - 2012-08-20 09:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-04 18:27 - 2011-11-04 17:07 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-04 16:27 - 2012-04-05 21:17 - 00001138 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000UA.job
2013-12-04 15:38 - 2011-11-04 17:07 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-04 15:31 - 2013-12-04 15:31 - 02347384 _____ (ESET) C:\Users\Richi\Desktop\esetsmartinstaller_enu.exe
2013-12-04 15:30 - 2013-08-13 19:55 - 00016029 _____ C:\Windows\setupact.log
2013-12-04 15:30 - 2012-04-05 21:17 - 00001116 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-03 21:01 - 2011-11-02 12:49 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1142447305-3240122546-274984239-1000Core.job
2013-12-03 10:59 - 2011-11-01 22:22 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Skype
2013-12-03 10:49 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:49 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:41 - 2011-11-21 15:24 - 00000000 ___RD C:\Users\Richi\Dropbox
2013-12-03 10:41 - 2011-11-21 15:23 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Dropbox
2013-12-03 10:40 - 2012-05-03 12:59 - 00000000 ___RD C:\Users\Richi\Google Drive
2013-12-03 10:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 10:32 - 2013-12-03 10:32 - 01959434 _____ (Farbar) C:\Users\Richi\Downloads\FRST64.exe
2013-12-03 10:30 - 2013-12-03 10:30 - 00001303 _____ C:\Users\Richi\Desktop\JRT.txt
2013-12-03 10:24 - 2013-12-03 10:24 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 10:22 - 2013-12-03 10:22 - 01034531 _____ (Thisisu) C:\Users\Richi\Desktop\JRT.exe
2013-12-03 10:17 - 2013-12-03 10:15 - 00000000 ____D C:\AdwCleaner
2013-12-03 10:15 - 2013-12-03 10:15 - 01110034 _____ C:\Users\Richi\Desktop\adwcleaner.exe
2013-12-03 10:14 - 2013-12-03 10:14 - 01110034 _____ C:\Users\Richi\Downloads\adwcleaner.exe
2013-12-03 10:10 - 2013-10-06 13:00 - 00103868 _____ C:\Windows\PFRO.log
2013-12-03 10:07 - 2011-11-01 21:39 - 00000000 ____D C:\Users\Richi
2013-12-03 09:48 - 2013-12-03 09:48 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 09:48 - 2013-12-03 09:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 09:30 - 2013-11-26 20:36 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 13:07 - 2013-12-02 12:50 - 00000000 ____D C:\Qoobox
2013-12-02 13:06 - 2013-12-02 13:06 - 00034797 _____ C:\ComboFix.txt
2013-12-02 13:05 - 2013-12-02 12:49 - 00000000 ____D C:\Windows\erdnt
2013-12-02 13:01 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-02 12:00 - 2013-12-02 11:59 - 05151572 ____R (Swearware) C:\Users\Richi\Desktop\ComboFix.exe
2013-12-02 10:10 - 2013-12-02 10:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-02 09:47 - 2013-12-02 09:47 - 00019171 _____ C:\Users\Richi\Desktop\logfiles.zip
2013-12-02 09:21 - 2013-12-02 09:21 - 00030586 _____ C:\Users\Richi\Desktop\Addition.txt
2013-12-02 09:19 - 2013-12-02 09:19 - 00000000 ____D C:\FRST
2013-12-02 09:16 - 2013-12-02 09:16 - 00003258 _____ C:\Users\Richi\Desktop\Result.txt
2013-12-02 09:15 - 2013-12-02 09:15 - 00868491 _____ (Farbar) C:\Users\Richi\Desktop\ListParts64.exe
2013-12-02 09:01 - 2013-12-02 09:01 - 00000000 ____D C:\Users\Richi\Desktop\tdsskiller
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Downloads\tdsskiller.exe
2013-12-02 09:00 - 2013-12-02 09:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Richi\Desktop\tdsskiller.exe
2013-12-02 08:53 - 2013-12-02 08:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Richi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 12:01 - 2012-05-03 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-30 16:19 - 2013-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-26 20:45 - 2013-11-26 20:45 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Avira
2013-11-26 20:36 - 2013-11-26 20:36 - 00002070 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-26 20:36 - 2013-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-26 20:36 - 2013-08-09 09:51 - 00000000 ____D C:\ProgramData\Avira
2013-11-26 20:34 - 2013-11-26 20:32 - 126764512 _____ C:\Users\Richi\Downloads\avira_free_antivirus_de.exe
2013-11-26 19:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 18:44 - 2011-11-06 11:08 - 00001425 _____ C:\Users\Richi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 18:43 - 2010-03-29 11:25 - 00000000 ____D C:\Windows\Panther
2013-11-26 18:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 18:35 - 2013-11-26 18:18 - 00015374 _____ C:\Windows\IE11_main.log
2013-11-26 18:31 - 2013-11-26 18:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:31 - 2013-11-26 18:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 18:30 - 2013-11-26 18:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 18:30 - 2013-11-26 18:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 18:30 - 2013-11-26 18:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 18:30 - 2013-11-26 18:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 18:30 - 2013-11-26 18:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 18:30 - 2013-11-26 18:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 18:30 - 2013-11-26 18:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 18:11 - 2013-06-07 23:22 - 00000000 ____D C:\Windows\Minidump
2013-11-26 18:11 - 2012-02-09 18:45 - 00000000 ____D C:\Program Files\CCleaner
2013-11-26 18:11 - 2011-12-08 02:20 - 00000000 ____D C:\Users\Richi\AppData\Roaming\vlc
2013-11-26 18:11 - 2009-07-14 08:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-25 23:17 - 2013-11-25 23:17 - 00016213 _____ C:\Users\Richi\Documents\hijackthis.log
2013-11-23 20:12 - 2013-11-23 11:59 - 00067374 _____ C:\Users\Richi\Documents\julo_rich.wlmp
2013-11-23 10:05 - 2013-11-23 10:05 - 00047929 _____ C:\Users\Richi\Documents\Test_Sizilien.wlmp
2013-11-20 14:14 - 2011-11-02 08:55 - 00000000 ____D C:\Users\Richi\AppData\Local\Adobe
2013-11-19 19:22 - 2013-11-16 10:51 - 105225210 _____ C:\Windows\SysWOW64\뫲翢癌¿
2013-11-16 15:41 - 2013-11-16 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 14:48 - 2013-03-23 13:35 - 00000000 ____D C:\Users\Richi\Bewerbung
2013-11-14 13:52 - 2010-03-29 10:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 13:48 - 2013-08-01 19:47 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 13:48 - 2011-11-06 10:38 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 22:57 - 2013-11-12 20:44 - 00000089 _____ C:\Users\Richi\Desktop\Geschenkideen.txt
2013-11-12 16:35 - 2011-11-01 21:48 - 00000000 ____D C:\Users\Richi\Downloads\Programme
2013-11-12 16:10 - 2011-11-02 06:15 - 00700608 _____ C:\Windows\system32\perfh007.dat
2013-11-12 16:10 - 2011-11-02 06:15 - 00149372 _____ C:\Windows\system32\perfc007.dat
2013-11-12 16:10 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 05:50 - 2011-11-01 22:10 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 17:59 - 2013-11-10 17:58 - 00000000 ____D C:\Users\Richi\bitcoin
2013-11-09 23:50 - 2011-11-01 21:57 - 00000000 ____D C:\Users\Richi\AppData\Roaming\Mozilla
2013-11-09 14:44 - 2012-02-02 20:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-08 15:33 - 2012-03-07 18:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 15:33 - 2011-11-01 22:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 20:10 - 2011-11-04 07:54 - 00000000 ____D C:\Users\Richi\Segeln

Some content of TEMP:
====================
C:\Users\Richi\AppData\Local\Temp\avgnt.exe
C:\Users\Richi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-02 09:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

danke mal für die detaillierte Vorgehensweise. Muss aber leider vermelden, dass nach einem Neustart immer noch die gleiche Meldung

Code:
ATTFilter
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder 
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern
         
von avira kommt. Gibt es noch andere Möglichkeiten diesen Virus zu beseitigen?

Alt 05.12.2013, 11:06   #11
schrauber
/// the machine
/// TB-Ausbilder
 

BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.12.2013, 12:01   #12
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



danke, und hier das logfile

Code:
ATTFilter
12:36:50.0153 0x16dc  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
12:36:53.0337 0x16dc  ============================================================
12:36:53.0337 0x16dc  Current date / time: 2013/12/05 12:36:53.0337
12:36:53.0337 0x16dc  SystemInfo:
12:36:53.0337 0x16dc  
12:36:53.0337 0x16dc  OS Version: 6.1.7601 ServicePack: 1.0
12:36:53.0337 0x16dc  Product type: Workstation
12:36:53.0337 0x16dc  ComputerName: MEINER
12:36:53.0338 0x16dc  UserName: Richi
12:36:53.0338 0x16dc  Windows directory: C:\Windows
12:36:53.0338 0x16dc  System windows directory: C:\Windows
12:36:53.0338 0x16dc  Running under WOW64
12:36:53.0338 0x16dc  Processor architecture: Intel x64
12:36:53.0338 0x16dc  Number of processors: 4
12:36:53.0338 0x16dc  Page size: 0x1000
12:36:53.0338 0x16dc  Boot type: Normal boot
12:36:53.0338 0x16dc  ============================================================
12:36:54.0202 0x16dc  KLMD registered as C:\Windows\system32\drivers\48580110.sys
12:36:54.0442 0x16dc  System UUID: {9B46AF8B-8495-C385-0BD8-CEB1480BA967}
12:36:55.0018 0x16dc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:36:55.0027 0x16dc  ============================================================
12:36:55.0027 0x16dc  \Device\Harddisk0\DR0:
12:36:55.0028 0x16dc  MBR partitions:
12:36:55.0028 0x16dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
12:36:55.0028 0x16dc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x2B879904
12:36:55.0028 0x16dc  ============================================================
12:36:55.0067 0x16dc  C: <-> \Device\Harddisk0\DR0\Partition2
12:36:55.0067 0x16dc  ============================================================
12:36:55.0068 0x16dc  Initialize success
12:36:55.0068 0x16dc  ============================================================
12:37:26.0740 0x02d8  ============================================================
12:37:26.0740 0x02d8  Scan started
12:37:26.0740 0x02d8  Mode: Manual; SigCheck; TDLFS; 
12:37:26.0740 0x02d8  ============================================================
12:37:26.0740 0x02d8  KSN ping started
12:37:41.0473 0x02d8  KSN ping finished: true
12:37:44.0058 0x02d8  ================ Scan system memory ========================
12:37:44.0058 0x02d8  System memory - ok
12:37:44.0059 0x02d8  ================ Scan services =============================
12:37:44.0271 0x02d8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:37:44.0445 0x02d8  1394ohci - ok
12:37:44.0554 0x02d8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:37:44.0620 0x02d8  ACPI - ok
12:37:44.0681 0x02d8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:37:44.0781 0x02d8  AcpiPmi - ok
12:37:44.0932 0x02d8  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:37:44.0963 0x02d8  AdobeARMservice - ok
12:37:45.0155 0x02d8  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:37:45.0180 0x02d8  AdobeFlashPlayerUpdateSvc - ok
12:37:45.0260 0x02d8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:37:45.0315 0x02d8  adp94xx - ok
12:37:45.0328 0x02d8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:37:45.0357 0x02d8  adpahci - ok
12:37:45.0378 0x02d8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:37:45.0401 0x02d8  adpu320 - ok
12:37:45.0431 0x02d8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:37:45.0593 0x02d8  AeLookupSvc - ok
12:37:45.0682 0x02d8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
12:37:45.0793 0x02d8  AFD - ok
12:37:45.0860 0x02d8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:37:45.0891 0x02d8  agp440 - ok
12:37:45.0926 0x02d8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:37:46.0008 0x02d8  ALG - ok
12:37:46.0068 0x02d8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:37:46.0095 0x02d8  aliide - ok
12:37:46.0181 0x02d8  [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:37:46.0296 0x02d8  AMD External Events Utility - ok
12:37:46.0347 0x02d8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:37:46.0375 0x02d8  amdide - ok
12:37:46.0425 0x02d8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:37:46.0497 0x02d8  AmdK8 - ok
12:37:46.0748 0x02d8  [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
12:37:47.0216 0x02d8  amdkmdag - ok
12:37:47.0257 0x02d8  [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:37:47.0294 0x02d8  amdkmdap - ok
12:37:47.0315 0x02d8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:37:47.0366 0x02d8  AmdPPM - ok
12:37:47.0439 0x02d8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:37:47.0471 0x02d8  amdsata - ok
12:37:47.0517 0x02d8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:37:47.0564 0x02d8  amdsbs - ok
12:37:47.0587 0x02d8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:37:47.0602 0x02d8  amdxata - ok
12:37:47.0642 0x02d8  [ 3CF7A4350C9646D92F147D620EC0D363, 0C09A5B3656BCC98151BF3F1F6B827DD5189D89AFFE0730187E5FDB2D84EC4B4 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
12:37:47.0741 0x02d8  androidusb - ok
12:37:47.0976 0x02d8  [ 02E2B39AFE9EA2AEC4B15B20A0A4C3A6, 5F345F7CDF7F464DACB72D10B287774799DF990A134608F6920B9B810FC8347D ] ANSYS, Inc. License Manager C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
12:37:48.0178 0x02d8  ANSYS, Inc. License Manager - detected UnsignedFile.Multi.Generic ( 1 )
12:37:50.0934 0x02d8  Detect skipped due to KSN trusted
12:37:50.0935 0x02d8  ANSYS, Inc. License Manager - ok
12:37:51.0204 0x02d8  [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:37:51.0263 0x02d8  AntiVirSchedulerService - ok
12:37:51.0353 0x02d8  [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:37:51.0389 0x02d8  AntiVirService - ok
12:37:51.0489 0x02d8  [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:37:51.0628 0x02d8  AntiVirWebService - ok
12:37:51.0696 0x02d8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:37:51.0918 0x02d8  AppID - ok
12:37:51.0954 0x02d8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:37:52.0054 0x02d8  AppIDSvc - ok
12:37:52.0135 0x02d8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:37:52.0193 0x02d8  Appinfo - ok
12:37:52.0247 0x02d8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:37:52.0279 0x02d8  arc - ok
12:37:52.0284 0x02d8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:37:52.0303 0x02d8  arcsas - ok
12:37:52.0437 0x02d8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:37:52.0512 0x02d8  aspnet_state - ok
12:37:52.0568 0x02d8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:37:52.0649 0x02d8  AsyncMac - ok
12:37:52.0694 0x02d8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:37:52.0722 0x02d8  atapi - ok
12:37:52.0775 0x02d8  [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
12:37:52.0848 0x02d8  AtiHdmiService - ok
12:37:52.0925 0x02d8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:37:53.0017 0x02d8  AudioEndpointBuilder - ok
12:37:53.0071 0x02d8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:37:53.0127 0x02d8  AudioSrv - ok
12:37:53.0251 0x02d8  [ 471321EA23309699AE61611CC1559C5E, CA48D874B1EA430613BC4E17869DCD52C6FBF317454B3614AFD5BB600DEC8403 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:37:53.0286 0x02d8  avgntflt - ok
12:37:53.0355 0x02d8  [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:37:53.0392 0x02d8  avipbb - ok
12:37:53.0439 0x02d8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:37:53.0464 0x02d8  avkmgr - ok
12:37:53.0540 0x02d8  [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
12:37:53.0571 0x02d8  avnetflt - ok
12:37:53.0625 0x02d8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:37:53.0757 0x02d8  AxInstSV - ok
12:37:53.0832 0x02d8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:37:53.0938 0x02d8  b06bdrv - ok
12:37:53.0985 0x02d8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:37:54.0061 0x02d8  b57nd60a - ok
12:37:54.0275 0x02d8  [ B44879610F2DC4A046B14BEFA3AE72DE, B9C17872E0DA23A495B6EC4D4C249AA96F82409DD83B6A17F557D9171D1D7089 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
12:37:54.0486 0x02d8  BCM43XX - ok
12:37:54.0518 0x02d8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:37:54.0583 0x02d8  BDESVC - ok
12:37:54.0637 0x02d8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:37:54.0737 0x02d8  Beep - ok
12:37:54.0831 0x02d8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:37:54.0940 0x02d8  BFE - ok
12:37:55.0038 0x02d8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
12:37:55.0148 0x02d8  BITS - ok
12:37:55.0180 0x02d8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:37:55.0214 0x02d8  blbdrive - ok
12:37:55.0269 0x02d8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:37:55.0337 0x02d8  bowser - ok
12:37:55.0373 0x02d8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:37:55.0454 0x02d8  BrFiltLo - ok
12:37:55.0472 0x02d8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:37:55.0490 0x02d8  BrFiltUp - ok
12:37:55.0523 0x02d8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:37:55.0587 0x02d8  BridgeMP - ok
12:37:55.0663 0x02d8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:37:55.0730 0x02d8  Browser - ok
12:37:55.0780 0x02d8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:37:55.0876 0x02d8  Brserid - ok
12:37:55.0912 0x02d8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:37:55.0965 0x02d8  BrSerWdm - ok
12:37:55.0989 0x02d8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:37:56.0047 0x02d8  BrUsbMdm - ok
12:37:56.0068 0x02d8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:37:56.0108 0x02d8  BrUsbSer - ok
12:37:56.0207 0x02d8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
12:37:56.0305 0x02d8  BthEnum - ok
12:37:56.0342 0x02d8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:37:56.0394 0x02d8  BTHMODEM - ok
12:37:56.0447 0x02d8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:37:56.0508 0x02d8  BthPan - ok
12:37:56.0569 0x02d8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:37:56.0681 0x02d8  BTHPORT - ok
12:37:56.0717 0x02d8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:37:56.0814 0x02d8  bthserv - ok
12:37:56.0850 0x02d8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:37:56.0887 0x02d8  BTHUSB - ok
12:37:56.0925 0x02d8  [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
12:37:56.0951 0x02d8  btusbflt - ok
12:37:56.0967 0x02d8  catchme - ok
12:37:57.0000 0x02d8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:37:57.0071 0x02d8  cdfs - ok
12:37:57.0140 0x02d8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:37:57.0180 0x02d8  cdrom - ok
12:37:57.0245 0x02d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:37:57.0305 0x02d8  CertPropSvc - ok
12:37:57.0349 0x02d8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:37:57.0384 0x02d8  circlass - ok
12:37:57.0433 0x02d8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:37:57.0454 0x02d8  CLFS - ok
12:37:57.0514 0x02d8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:37:57.0533 0x02d8  clr_optimization_v2.0.50727_32 - ok
12:37:57.0557 0x02d8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:37:57.0576 0x02d8  clr_optimization_v2.0.50727_64 - ok
12:37:57.0694 0x02d8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:37:57.0771 0x02d8  clr_optimization_v4.0.30319_32 - ok
12:37:57.0779 0x02d8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:37:57.0802 0x02d8  clr_optimization_v4.0.30319_64 - ok
12:37:57.0850 0x02d8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:37:57.0881 0x02d8  CmBatt - ok
12:37:57.0919 0x02d8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:37:57.0933 0x02d8  cmdide - ok
12:37:58.0009 0x02d8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:37:58.0086 0x02d8  CNG - ok
12:37:58.0136 0x02d8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:37:58.0152 0x02d8  Compbatt - ok
12:37:58.0205 0x02d8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:37:58.0261 0x02d8  CompositeBus - ok
12:37:58.0283 0x02d8  COMSysApp - ok
12:37:58.0308 0x02d8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:37:58.0333 0x02d8  crcdisk - ok
12:37:58.0391 0x02d8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:37:58.0455 0x02d8  CryptSvc - ok
12:37:58.0514 0x02d8  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
12:37:58.0534 0x02d8  CVirtA - ok
12:37:58.0678 0x02d8  [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
12:37:58.0750 0x02d8  CVPND - ok
12:37:58.0771 0x02d8  [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
12:37:58.0797 0x02d8  CVPNDRVA - ok
12:37:58.0872 0x02d8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:37:58.0958 0x02d8  DcomLaunch - ok
12:37:59.0033 0x02d8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:37:59.0156 0x02d8  defragsvc - ok
12:37:59.0193 0x02d8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:37:59.0252 0x02d8  DfsC - ok
12:37:59.0323 0x02d8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:37:59.0426 0x02d8  Dhcp - ok
12:37:59.0458 0x02d8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:37:59.0526 0x02d8  discache - ok
12:37:59.0560 0x02d8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:37:59.0578 0x02d8  Disk - ok
12:37:59.0652 0x02d8  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
12:37:59.0682 0x02d8  DNE - ok
12:37:59.0736 0x02d8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:37:59.0803 0x02d8  Dnscache - ok
12:37:59.0864 0x02d8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:37:59.0996 0x02d8  dot3svc - ok
12:38:00.0062 0x02d8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:38:00.0127 0x02d8  Dot4 - ok
12:38:00.0175 0x02d8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:38:00.0217 0x02d8  Dot4Print - ok
12:38:00.0282 0x02d8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:38:00.0328 0x02d8  dot4usb - ok
12:38:00.0392 0x02d8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:38:00.0481 0x02d8  DPS - ok
12:38:00.0519 0x02d8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:38:00.0556 0x02d8  drmkaud - ok
12:38:00.0629 0x02d8  [ 61E894FE1E9CC720C909E6E343351794, 2C8540ED0A2C7028B242289078B4C2D8678D26FB7429AB3B33C136BB47B178C3 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:38:00.0682 0x02d8  DsiWMIService - ok
12:38:00.0753 0x02d8  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:38:00.0801 0x02d8  dtsoftbus01 - ok
12:38:00.0867 0x02d8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:38:00.0946 0x02d8  DXGKrnl - ok
12:38:00.0968 0x02d8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:38:01.0028 0x02d8  EapHost - ok
12:38:01.0181 0x02d8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:38:01.0396 0x02d8  ebdrv - ok
12:38:01.0463 0x02d8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
12:38:01.0527 0x02d8  EFS - ok
12:38:01.0631 0x02d8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:38:01.0752 0x02d8  ehRecvr - ok
12:38:01.0789 0x02d8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:38:01.0872 0x02d8  ehSched - ok
12:38:01.0945 0x02d8  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
12:38:01.0976 0x02d8  ElbyCDFL - ok
12:38:01.0995 0x02d8  [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
12:38:02.0020 0x02d8  ElbyCDIO - ok
12:38:02.0086 0x02d8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:38:02.0150 0x02d8  elxstor - ok
12:38:02.0287 0x02d8  [ 49EEF52BFB986A2B5D70F4EC12637D7B, C42C93EC36B4BD0AFF4248AD571F56FB5F39D5C57B93C01EBB34997A262E41A9 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:38:02.0347 0x02d8  ePowerSvc - ok
12:38:02.0425 0x02d8  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
12:38:02.0475 0x02d8  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
12:38:05.0195 0x02d8  Detect skipped due to KSN trusted
12:38:05.0195 0x02d8  EpsonBidirectionalService - ok
12:38:05.0223 0x02d8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:38:05.0271 0x02d8  ErrDev - ok
12:38:05.0335 0x02d8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:38:05.0440 0x02d8  EventSystem - ok
12:38:05.0480 0x02d8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:38:05.0558 0x02d8  exfat - ok
12:38:05.0585 0x02d8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:38:05.0655 0x02d8  fastfat - ok
12:38:05.0743 0x02d8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:38:05.0830 0x02d8  Fax - ok
12:38:05.0857 0x02d8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:38:05.0876 0x02d8  fdc - ok
12:38:05.0906 0x02d8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:38:05.0992 0x02d8  fdPHost - ok
12:38:06.0013 0x02d8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:38:06.0066 0x02d8  FDResPub - ok
12:38:06.0107 0x02d8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:38:06.0125 0x02d8  FileInfo - ok
12:38:06.0143 0x02d8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:38:06.0239 0x02d8  Filetrace - ok
12:38:06.0333 0x02d8  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:38:06.0445 0x02d8  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
12:38:09.0155 0x02d8  Detect skipped due to KSN trusted
12:38:09.0155 0x02d8  FLEXnet Licensing Service - ok
12:38:09.0228 0x02d8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:38:09.0258 0x02d8  flpydisk - ok
12:38:09.0308 0x02d8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:38:09.0356 0x02d8  FltMgr - ok
12:38:09.0461 0x02d8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:38:09.0541 0x02d8  FontCache - ok
12:38:09.0623 0x02d8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:38:09.0650 0x02d8  FontCache3.0.0.0 - ok
12:38:09.0680 0x02d8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:38:09.0701 0x02d8  FsDepends - ok
12:38:09.0750 0x02d8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:38:09.0779 0x02d8  Fs_Rec - ok
12:38:09.0848 0x02d8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:38:09.0884 0x02d8  fvevol - ok
12:38:09.0906 0x02d8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:38:09.0936 0x02d8  gagp30kx - ok
12:38:10.0015 0x02d8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:38:10.0110 0x02d8  gpsvc - ok
12:38:10.0225 0x02d8  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
12:38:10.0278 0x02d8  Greg_Service - ok
12:38:10.0389 0x02d8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:10.0409 0x02d8  gupdate - ok
12:38:10.0432 0x02d8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:10.0450 0x02d8  gupdatem - ok
12:38:10.0524 0x02d8  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:38:10.0557 0x02d8  gusvc - ok
12:38:10.0584 0x02d8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:38:10.0659 0x02d8  hcw85cir - ok
12:38:10.0741 0x02d8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:38:10.0840 0x02d8  HdAudAddService - ok
12:38:10.0877 0x02d8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:38:10.0925 0x02d8  HDAudBus - ok
12:38:10.0978 0x02d8  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:38:10.0998 0x02d8  HECIx64 - ok
12:38:11.0026 0x02d8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:38:11.0064 0x02d8  HidBatt - ok
12:38:11.0093 0x02d8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:38:11.0140 0x02d8  HidBth - ok
12:38:11.0176 0x02d8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:38:11.0204 0x02d8  HidIr - ok
12:38:11.0230 0x02d8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:38:11.0287 0x02d8  hidserv - ok
12:38:11.0353 0x02d8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:38:11.0418 0x02d8  HidUsb - ok
12:38:11.0481 0x02d8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:38:11.0573 0x02d8  hkmsvc - ok
12:38:11.0636 0x02d8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:38:11.0724 0x02d8  HomeGroupListener - ok
12:38:11.0770 0x02d8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:38:11.0821 0x02d8  HomeGroupProvider - ok
12:38:11.0884 0x02d8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:38:11.0916 0x02d8  HpSAMD - ok
12:38:12.0062 0x02d8  [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:38:12.0152 0x02d8  HPSLPSVC - ok
12:38:12.0219 0x02d8  [ CF44B25AE808765D7308F412AD492DDB, 97A16ACCD6D624B2A57DDA913C8005320FF91542C0EF7F39456741D99D7B2725 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
12:38:12.0283 0x02d8  HTCAND64 - ok
12:38:12.0324 0x02d8  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
12:38:12.0346 0x02d8  htcnprot - ok
12:38:12.0440 0x02d8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:38:12.0553 0x02d8  HTTP - ok
12:38:12.0614 0x02d8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:38:12.0631 0x02d8  hwpolicy - ok
12:38:12.0684 0x02d8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:38:12.0724 0x02d8  i8042prt - ok
12:38:12.0788 0x02d8  [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:38:12.0817 0x02d8  iaStor - ok
12:38:12.0878 0x02d8  [ 48362E5DB5CB2C000C514EE1F3890ACD, 561FB7BE085A624770832B0138DA1B9859981BCC66540A8F98D9F7D5B8EE6707 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:38:12.0900 0x02d8  IAStorDataMgrSvc - ok
12:38:12.0958 0x02d8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:38:13.0022 0x02d8  iaStorV - ok
12:38:13.0120 0x02d8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:38:13.0233 0x02d8  idsvc - ok
12:38:13.0292 0x02d8  IEEtwCollectorService - ok
12:38:13.0341 0x02d8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:38:13.0367 0x02d8  iirsp - ok
12:38:13.0458 0x02d8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:38:13.0547 0x02d8  IKEEXT - ok
12:38:13.0614 0x02d8  [ C48567D80AD357613CD0EEADE18780AE, AFFAB3C915C5B48A39F7F8F9438A3085DBEBA1E431DD35861A5A08EA1CBE4D37 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
12:38:13.0685 0x02d8  Impcd - ok
12:38:13.0819 0x02d8  [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:38:13.0978 0x02d8  IntcAzAudAddService - ok
12:38:14.0037 0x02d8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:38:14.0065 0x02d8  intelide - ok
12:38:14.0105 0x02d8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:38:14.0143 0x02d8  intelppm - ok
12:38:14.0209 0x02d8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:38:14.0277 0x02d8  IPBusEnum - ok
12:38:14.0326 0x02d8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:14.0408 0x02d8  IpFilterDriver - ok
12:38:14.0453 0x02d8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:38:14.0541 0x02d8  iphlpsvc - ok
12:38:14.0588 0x02d8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:38:14.0638 0x02d8  IPMIDRV - ok
12:38:14.0679 0x02d8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:38:14.0765 0x02d8  IPNAT - ok
12:38:14.0796 0x02d8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:38:14.0897 0x02d8  IRENUM - ok
12:38:14.0959 0x02d8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:38:14.0987 0x02d8  isapnp - ok
12:38:15.0053 0x02d8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:38:15.0110 0x02d8  iScsiPrt - ok
12:38:15.0149 0x02d8  [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
12:38:15.0165 0x02d8  IviRegMgr - ok
12:38:15.0228 0x02d8  [ C9B4ECC187581E5BF3F76648884B7829, D4DDFDD92FEFDFAF293633C2B3860C37D7DC59965170E55AD181EFAFCFD1DB13 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
12:38:15.0275 0x02d8  k57nd60a - ok
12:38:15.0299 0x02d8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:38:15.0317 0x02d8  kbdclass - ok
12:38:15.0365 0x02d8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:38:15.0419 0x02d8  kbdhid - ok
12:38:15.0453 0x02d8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
12:38:15.0474 0x02d8  KeyIso - ok
12:38:15.0518 0x02d8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:38:15.0549 0x02d8  KSecDD - ok
12:38:15.0564 0x02d8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:38:15.0587 0x02d8  KSecPkg - ok
12:38:15.0617 0x02d8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:38:15.0696 0x02d8  ksthunk - ok
12:38:15.0741 0x02d8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:38:15.0871 0x02d8  KtmRm - ok
12:38:15.0939 0x02d8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:38:16.0037 0x02d8  LanmanServer - ok
12:38:16.0089 0x02d8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:38:16.0167 0x02d8  LanmanWorkstation - ok
12:38:16.0207 0x02d8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:38:16.0249 0x02d8  lltdio - ok
12:38:16.0289 0x02d8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:38:16.0345 0x02d8  lltdsvc - ok
12:38:16.0365 0x02d8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:38:16.0400 0x02d8  lmhosts - ok
12:38:16.0491 0x02d8  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:38:16.0538 0x02d8  LMS - ok
12:38:16.0575 0x02d8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:38:16.0605 0x02d8  LSI_FC - ok
12:38:16.0625 0x02d8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:38:16.0643 0x02d8  LSI_SAS - ok
12:38:16.0655 0x02d8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:38:16.0672 0x02d8  LSI_SAS2 - ok
12:38:16.0694 0x02d8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:38:16.0713 0x02d8  LSI_SCSI - ok
12:38:16.0731 0x02d8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:38:16.0796 0x02d8  luafv - ok
12:38:16.0861 0x02d8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:38:16.0925 0x02d8  Mcx2Svc - ok
12:38:16.0945 0x02d8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:38:16.0965 0x02d8  megasas - ok
12:38:17.0010 0x02d8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:38:17.0059 0x02d8  MegaSR - ok
12:38:17.0163 0x02d8  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:38:17.0193 0x02d8  Microsoft Office Groove Audit Service - ok
12:38:17.0219 0x02d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:38:17.0303 0x02d8  MMCSS - ok
12:38:17.0336 0x02d8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:38:17.0398 0x02d8  Modem - ok
12:38:17.0427 0x02d8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:38:17.0467 0x02d8  monitor - ok
12:38:17.0534 0x02d8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:38:17.0567 0x02d8  mouclass - ok
12:38:17.0602 0x02d8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:38:17.0634 0x02d8  mouhid - ok
12:38:17.0706 0x02d8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:38:17.0731 0x02d8  mountmgr - ok
12:38:17.0827 0x02d8  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:38:17.0865 0x02d8  MozillaMaintenance - ok
12:38:17.0914 0x02d8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:38:17.0951 0x02d8  mpio - ok
12:38:17.0984 0x02d8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:38:18.0041 0x02d8  mpsdrv - ok
12:38:18.0118 0x02d8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:38:18.0205 0x02d8  MpsSvc - ok
12:38:18.0253 0x02d8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:38:18.0324 0x02d8  MRxDAV - ok
12:38:18.0375 0x02d8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:18.0454 0x02d8  mrxsmb - ok
12:38:18.0487 0x02d8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:18.0554 0x02d8  mrxsmb10 - ok
12:38:18.0579 0x02d8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:18.0649 0x02d8  mrxsmb20 - ok
12:38:18.0683 0x02d8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:38:18.0703 0x02d8  msahci - ok
12:38:18.0724 0x02d8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:38:18.0744 0x02d8  msdsm - ok
12:38:18.0764 0x02d8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:38:18.0812 0x02d8  MSDTC - ok
12:38:18.0849 0x02d8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:38:18.0891 0x02d8  Msfs - ok
12:38:18.0897 0x02d8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:38:18.0957 0x02d8  mshidkmdf - ok
12:38:18.0994 0x02d8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:38:19.0010 0x02d8  msisadrv - ok
12:38:19.0034 0x02d8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:38:19.0106 0x02d8  MSiSCSI - ok
12:38:19.0109 0x02d8  msiserver - ok
12:38:19.0145 0x02d8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:38:19.0182 0x02d8  MSKSSRV - ok
12:38:19.0192 0x02d8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:19.0273 0x02d8  MSPCLOCK - ok
12:38:19.0293 0x02d8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:38:19.0379 0x02d8  MSPQM - ok
12:38:19.0428 0x02d8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:38:19.0485 0x02d8  MsRPC - ok
12:38:19.0548 0x02d8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:38:19.0578 0x02d8  mssmbios - ok
12:38:19.0653 0x02d8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:38:19.0737 0x02d8  MSTEE - ok
12:38:19.0764 0x02d8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:38:19.0806 0x02d8  MTConfig - ok
12:38:19.0835 0x02d8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:38:19.0855 0x02d8  Mup - ok
12:38:19.0912 0x02d8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:38:19.0985 0x02d8  napagent - ok
12:38:20.0051 0x02d8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:38:20.0139 0x02d8  NativeWifiP - ok
12:38:20.0229 0x02d8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:38:20.0265 0x02d8  NDIS - ok
12:38:20.0283 0x02d8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:38:20.0325 0x02d8  NdisCap - ok
12:38:20.0351 0x02d8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:20.0410 0x02d8  NdisTapi - ok
12:38:20.0476 0x02d8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:20.0585 0x02d8  Ndisuio - ok
12:38:20.0621 0x02d8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:20.0683 0x02d8  NdisWan - ok
12:38:20.0726 0x02d8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:38:20.0817 0x02d8  NDProxy - ok
12:38:20.0880 0x02d8  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:38:20.0905 0x02d8  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:38:23.0632 0x02d8  Detect skipped due to KSN trusted
12:38:23.0633 0x02d8  Net Driver HPZ12 - ok
12:38:23.0687 0x02d8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:38:23.0776 0x02d8  NetBIOS - ok
12:38:23.0827 0x02d8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:38:23.0899 0x02d8  NetBT - ok
12:38:23.0926 0x02d8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
12:38:23.0939 0x02d8  Netlogon - ok
12:38:23.0983 0x02d8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:38:24.0052 0x02d8  Netman - ok
12:38:24.0126 0x02d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0149 0x02d8  NetMsmqActivator - ok
12:38:24.0157 0x02d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0167 0x02d8  NetPipeActivator - ok
12:38:24.0183 0x02d8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:38:24.0273 0x02d8  netprofm - ok
12:38:24.0279 0x02d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0289 0x02d8  NetTcpActivator - ok
12:38:24.0295 0x02d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:24.0306 0x02d8  NetTcpPortSharing - ok
12:38:24.0577 0x02d8  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
12:38:24.0963 0x02d8  NETw5s64 - ok
12:38:25.0011 0x02d8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:38:25.0040 0x02d8  nfrd960 - ok
12:38:25.0091 0x02d8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:38:25.0138 0x02d8  NlaSvc - ok
12:38:25.0158 0x02d8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:38:25.0199 0x02d8  Npfs - ok
12:38:25.0225 0x02d8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:38:25.0294 0x02d8  nsi - ok
12:38:25.0320 0x02d8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:38:25.0389 0x02d8  nsiproxy - ok
12:38:25.0490 0x02d8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:38:25.0605 0x02d8  Ntfs - ok
12:38:25.0691 0x02d8  [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:38:25.0726 0x02d8  NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
12:38:28.0428 0x02d8  Detect skipped due to KSN trusted
12:38:28.0428 0x02d8  NTI IScheduleSvc - ok
12:38:28.0530 0x02d8  [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:38:28.0557 0x02d8  NTIBackupSvc - ok
12:38:28.0580 0x02d8  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
12:38:28.0600 0x02d8  NTIDrvr - ok
12:38:28.0618 0x02d8  [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:38:28.0671 0x02d8  NTISchedulerSvc - ok
12:38:28.0712 0x02d8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:38:28.0798 0x02d8  Null - ok
12:38:28.0827 0x02d8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:38:28.0852 0x02d8  nvraid - ok
12:38:28.0900 0x02d8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:38:28.0927 0x02d8  nvstor - ok
12:38:28.0988 0x02d8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:38:29.0025 0x02d8  nv_agp - ok
12:38:29.0123 0x02d8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:38:29.0187 0x02d8  odserv - ok
12:38:29.0228 0x02d8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:38:29.0273 0x02d8  ohci1394 - ok
12:38:29.0352 0x02d8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:29.0387 0x02d8  ose - ok
12:38:29.0427 0x02d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:38:29.0529 0x02d8  p2pimsvc - ok
12:38:29.0569 0x02d8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:38:29.0626 0x02d8  p2psvc - ok
12:38:29.0658 0x02d8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:38:29.0678 0x02d8  Parport - ok
12:38:29.0716 0x02d8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:38:29.0749 0x02d8  partmgr - ok
12:38:29.0810 0x02d8  [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:38:29.0853 0x02d8  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
12:38:32.0893 0x02d8  Detect skipped due to KSN trusted
12:38:32.0893 0x02d8  PassThru Service - ok
12:38:32.0973 0x02d8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:38:33.0033 0x02d8  PcaSvc - ok
12:38:33.0083 0x02d8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:38:33.0113 0x02d8  pci - ok
12:38:33.0163 0x02d8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:38:33.0183 0x02d8  pciide - ok
12:38:33.0233 0x02d8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:38:33.0283 0x02d8  pcmcia - ok
12:38:33.0303 0x02d8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:38:33.0323 0x02d8  pcw - ok
12:38:33.0353 0x02d8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:38:33.0453 0x02d8  PEAUTH - ok
12:38:33.0563 0x02d8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:38:33.0613 0x02d8  PerfHost - ok
12:38:33.0693 0x02d8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:38:33.0853 0x02d8  pla - ok
12:38:33.0943 0x02d8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:38:34.0023 0x02d8  PlugPlay - ok
12:38:34.0053 0x02d8  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:38:34.0073 0x02d8  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:38:36.0783 0x02d8  Detect skipped due to KSN trusted
12:38:36.0783 0x02d8  Pml Driver HPZ12 - ok
12:38:36.0863 0x02d8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:38:36.0923 0x02d8  PNRPAutoReg - ok
12:38:36.0963 0x02d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:38:36.0983 0x02d8  PNRPsvc - ok
12:38:37.0063 0x02d8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:38:37.0133 0x02d8  PolicyAgent - ok
12:38:37.0183 0x02d8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:38:37.0233 0x02d8  Power - ok
12:38:37.0303 0x02d8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:38:37.0403 0x02d8  PptpMiniport - ok
12:38:37.0443 0x02d8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:38:37.0483 0x02d8  Processor - ok
12:38:37.0513 0x02d8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:38:37.0563 0x02d8  ProfSvc - ok
12:38:37.0573 0x02d8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:37.0583 0x02d8  ProtectedStorage - ok
12:38:37.0653 0x02d8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:38:37.0723 0x02d8  Psched - ok
12:38:37.0763 0x02d8  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:38:37.0783 0x02d8  PSI_SVC_2 - ok
12:38:37.0863 0x02d8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:38:37.0943 0x02d8  ql2300 - ok
12:38:37.0973 0x02d8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:38:37.0993 0x02d8  ql40xx - ok
12:38:38.0043 0x02d8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:38:38.0123 0x02d8  QWAVE - ok
12:38:38.0143 0x02d8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:38:38.0203 0x02d8  QWAVEdrv - ok
12:38:38.0223 0x02d8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:38:38.0283 0x02d8  RasAcd - ok
12:38:38.0343 0x02d8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:38:38.0403 0x02d8  RasAgileVpn - ok
12:38:38.0423 0x02d8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:38:38.0493 0x02d8  RasAuto - ok
12:38:38.0533 0x02d8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:38.0623 0x02d8  Rasl2tp - ok
12:38:38.0703 0x02d8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:38:38.0813 0x02d8  RasMan - ok
12:38:38.0853 0x02d8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:38.0913 0x02d8  RasPppoe - ok
12:38:38.0953 0x02d8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:38:39.0013 0x02d8  RasSstp - ok
12:38:39.0053 0x02d8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:38:39.0123 0x02d8  rdbss - ok
12:38:39.0153 0x02d8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:38:39.0203 0x02d8  rdpbus - ok
12:38:39.0243 0x02d8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:39.0323 0x02d8  RDPCDD - ok
12:38:39.0353 0x02d8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:38:39.0403 0x02d8  RDPENCDD - ok
12:38:39.0433 0x02d8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:38:39.0463 0x02d8  RDPREFMP - ok
12:38:39.0523 0x02d8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:38:39.0593 0x02d8  RDPWD - ok
12:38:39.0653 0x02d8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:38:39.0683 0x02d8  rdyboost - ok
12:38:39.0723 0x02d8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:38:39.0793 0x02d8  RemoteAccess - ok
12:38:39.0843 0x02d8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:38:39.0933 0x02d8  RemoteRegistry - ok
12:38:39.0993 0x02d8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:38:40.0053 0x02d8  RFCOMM - ok
12:38:40.0083 0x02d8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:38:40.0143 0x02d8  RpcEptMapper - ok
12:38:40.0163 0x02d8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:38:40.0213 0x02d8  RpcLocator - ok
12:38:40.0273 0x02d8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:38:40.0323 0x02d8  RpcSs - ok
12:38:40.0373 0x02d8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:38:40.0443 0x02d8  rspndr - ok
12:38:40.0533 0x02d8  [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
12:38:40.0573 0x02d8  RSUSBSTOR - ok
12:38:40.0633 0x02d8  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
12:38:40.0683 0x02d8  RS_Service - ok
12:38:40.0733 0x02d8  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:38:40.0773 0x02d8  RTHDMIAzAudService - ok
12:38:40.0793 0x02d8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
12:38:40.0803 0x02d8  SamSs - ok
12:38:40.0853 0x02d8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:38:40.0893 0x02d8  sbp2port - ok
12:38:40.0933 0x02d8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:38:41.0043 0x02d8  SCardSvr - ok
12:38:41.0083 0x02d8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:38:41.0163 0x02d8  scfilter - ok
12:38:41.0243 0x02d8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:38:41.0343 0x02d8  Schedule - ok
12:38:41.0373 0x02d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:38:41.0413 0x02d8  SCPolicySvc - ok
12:38:41.0463 0x02d8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:38:41.0563 0x02d8  SDRSVC - ok
12:38:41.0593 0x02d8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:38:41.0663 0x02d8  secdrv - ok
12:38:41.0693 0x02d8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:38:41.0763 0x02d8  seclogon - ok
12:38:41.0793 0x02d8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
12:38:41.0833 0x02d8  SENS - ok
12:38:41.0843 0x02d8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:38:41.0873 0x02d8  SensrSvc - ok
12:38:41.0923 0x02d8  [ 2437720D4480523562360B2B6B5864A7, 314725F4786B3E660D6C58AF611ABD41D9938CEF5A7F19762632DF51CB3A52D5 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
12:38:41.0993 0x02d8  Ser2pl - ok
12:38:42.0023 0x02d8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:38:42.0063 0x02d8  Serenum - ok
12:38:42.0083 0x02d8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:38:42.0133 0x02d8  Serial - ok
12:38:42.0163 0x02d8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:38:42.0223 0x02d8  sermouse - ok
12:38:42.0263 0x02d8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:38:42.0343 0x02d8  SessionEnv - ok
12:38:42.0383 0x02d8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:38:42.0423 0x02d8  sffdisk - ok
12:38:42.0453 0x02d8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:38:42.0503 0x02d8  sffp_mmc - ok
12:38:42.0523 0x02d8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:38:42.0583 0x02d8  sffp_sd - ok
12:38:42.0613 0x02d8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:38:42.0653 0x02d8  sfloppy - ok
12:38:42.0703 0x02d8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:38:42.0793 0x02d8  SharedAccess - ok
12:38:42.0853 0x02d8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:42.0913 0x02d8  ShellHWDetection - ok
12:38:42.0943 0x02d8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:38:42.0953 0x02d8  SiSRaid2 - ok
12:38:42.0983 0x02d8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:38:43.0003 0x02d8  SiSRaid4 - ok
12:38:43.0263 0x02d8  [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:38:43.0413 0x02d8  Skype C2C Service - ok
12:38:43.0513 0x02d8  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:38:43.0593 0x02d8  SkypeUpdate - ok
12:38:43.0613 0x02d8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:38:43.0653 0x02d8  Smb - ok
12:38:43.0683 0x02d8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:38:43.0723 0x02d8  SNMPTRAP - ok
12:38:43.0753 0x02d8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:38:43.0783 0x02d8  spldr - ok
12:38:43.0843 0x02d8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:38:43.0913 0x02d8  Spooler - ok
12:38:44.0103 0x02d8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:38:44.0333 0x02d8  sppsvc - ok
12:38:44.0373 0x02d8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:38:44.0433 0x02d8  sppuinotify - ok
12:38:44.0473 0x02d8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:38:44.0553 0x02d8  srv - ok
12:38:44.0583 0x02d8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:38:44.0643 0x02d8  srv2 - ok
12:38:44.0673 0x02d8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:38:44.0723 0x02d8  srvnet - ok
12:38:44.0793 0x02d8  [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
12:38:44.0823 0x02d8  ssadbus - ok
12:38:44.0853 0x02d8  [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:38:44.0873 0x02d8  ssadmdfl - ok
12:38:44.0903 0x02d8  [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
12:38:44.0933 0x02d8  ssadmdm - ok
12:38:44.0973 0x02d8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:38:45.0053 0x02d8  SSDPSRV - ok
12:38:45.0073 0x02d8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:38:45.0113 0x02d8  SstpSvc - ok
12:38:45.0143 0x02d8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:38:45.0173 0x02d8  stexstor - ok
12:38:45.0223 0x02d8  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
12:38:45.0283 0x02d8  StillCam - ok
12:38:45.0363 0x02d8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:38:45.0463 0x02d8  stisvc - ok
12:38:45.0503 0x02d8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:38:45.0523 0x02d8  swenum - ok
12:38:45.0563 0x02d8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:38:45.0673 0x02d8  swprv - ok
12:38:45.0733 0x02d8  [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:38:45.0783 0x02d8  SynTP - ok
12:38:45.0903 0x02d8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:38:46.0033 0x02d8  SysMain - ok
12:38:46.0083 0x02d8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:46.0123 0x02d8  TabletInputService - ok
12:38:46.0173 0x02d8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:38:46.0283 0x02d8  TapiSrv - ok
12:38:46.0303 0x02d8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:38:46.0353 0x02d8  TBS - ok
12:38:46.0473 0x02d8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:38:46.0643 0x02d8  Tcpip - ok
12:38:46.0773 0x02d8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:38:46.0823 0x02d8  TCPIP6 - ok
12:38:46.0863 0x02d8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:38:46.0893 0x02d8  tcpipreg - ok
12:38:46.0933 0x02d8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:38:47.0023 0x02d8  TDPIPE - ok
12:38:47.0063 0x02d8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:38:47.0113 0x02d8  TDTCP - ok
12:38:47.0153 0x02d8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:38:47.0223 0x02d8  tdx - ok
12:38:47.0493 0x02d8  [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
12:38:47.0713 0x02d8  TeamViewer8 - ok
12:38:47.0773 0x02d8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:38:47.0783 0x02d8  TermDD - ok
12:38:47.0853 0x02d8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:38:47.0923 0x02d8  TermService - ok
12:38:47.0953 0x02d8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:38:47.0983 0x02d8  Themes - ok
12:38:48.0023 0x02d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:38:48.0073 0x02d8  THREADORDER - ok
12:38:48.0183 0x02d8  [ F620772888B6E3EDEF5C3E71E3D447F0, 67CFC8E94ACCA0B31E7D2062D587C1BD37911F95A02C8CCB1B4A3E0EBDADC8B0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
12:38:48.0213 0x02d8  TomTomHOMEService - ok
12:38:48.0243 0x02d8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:38:48.0323 0x02d8  TrkWks - ok
12:38:48.0403 0x02d8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:48.0483 0x02d8  TrustedInstaller - ok
12:38:48.0523 0x02d8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:48.0583 0x02d8  tssecsrv - ok
12:38:48.0653 0x02d8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:38:48.0723 0x02d8  TsUsbFlt - ok
12:38:48.0783 0x02d8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:38:48.0873 0x02d8  tunnel - ok
12:38:48.0913 0x02d8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:38:48.0933 0x02d8  uagp35 - ok
12:38:48.0943 0x02d8  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:38:48.0953 0x02d8  UBHelper - ok
12:38:49.0003 0x02d8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:38:49.0073 0x02d8  udfs - ok
12:38:49.0103 0x02d8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:38:49.0123 0x02d8  UI0Detect - ok
12:38:49.0153 0x02d8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:38:49.0173 0x02d8  uliagpkx - ok
12:38:49.0233 0x02d8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:38:49.0273 0x02d8  umbus - ok
12:38:49.0313 0x02d8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:38:49.0363 0x02d8  UmPass - ok
12:38:49.0503 0x02d8  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:49.0623 0x02d8  UNS - ok
12:38:49.0683 0x02d8  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:38:49.0733 0x02d8  Updater Service - ok
12:38:49.0763 0x02d8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:38:49.0853 0x02d8  upnphost - ok
12:38:49.0883 0x02d8  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:49.0923 0x02d8  usbccgp - ok
12:38:49.0973 0x02d8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:38:50.0053 0x02d8  usbcir - ok
12:38:50.0093 0x02d8  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:38:50.0143 0x02d8  usbehci - ok
12:38:50.0203 0x02d8  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:38:50.0263 0x02d8  usbhub - ok
12:38:50.0303 0x02d8  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:38:50.0343 0x02d8  usbohci - ok
12:38:50.0383 0x02d8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:38:50.0433 0x02d8  usbprint - ok
12:38:50.0493 0x02d8  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:38:50.0533 0x02d8  usbscan - ok
12:38:50.0603 0x02d8  [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
12:38:50.0643 0x02d8  usbser - ok
12:38:50.0663 0x02d8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:50.0733 0x02d8  USBSTOR - ok
12:38:50.0773 0x02d8  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:38:50.0843 0x02d8  usbuhci - ok
12:38:50.0913 0x02d8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:38:50.0983 0x02d8  usbvideo - ok
12:38:51.0033 0x02d8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
12:38:51.0093 0x02d8  usb_rndisx - ok
12:38:51.0123 0x02d8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:38:51.0173 0x02d8  UxSms - ok
12:38:51.0183 0x02d8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
12:38:51.0193 0x02d8  VaultSvc - ok
12:38:51.0223 0x02d8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:38:51.0233 0x02d8  vdrvroot - ok
12:38:51.0293 0x02d8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:38:51.0363 0x02d8  vds - ok
12:38:51.0383 0x02d8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:51.0403 0x02d8  vga - ok
12:38:51.0413 0x02d8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:38:51.0493 0x02d8  VgaSave - ok
12:38:51.0553 0x02d8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:38:51.0593 0x02d8  vhdmp - ok
12:38:51.0633 0x02d8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:38:51.0643 0x02d8  viaide - ok
12:38:51.0663 0x02d8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:38:51.0683 0x02d8  volmgr - ok
12:38:51.0743 0x02d8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:38:51.0793 0x02d8  volmgrx - ok
12:38:51.0813 0x02d8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:38:51.0843 0x02d8  volsnap - ok
12:38:51.0883 0x02d8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:38:51.0903 0x02d8  vsmraid - ok
12:38:52.0023 0x02d8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:38:52.0183 0x02d8  VSS - ok
12:38:52.0213 0x02d8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:38:52.0253 0x02d8  vwifibus - ok
12:38:52.0273 0x02d8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:38:52.0293 0x02d8  vwififlt - ok
12:38:52.0323 0x02d8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:38:52.0363 0x02d8  vwifimp - ok
12:38:52.0423 0x02d8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:38:52.0503 0x02d8  W32Time - ok
12:38:52.0533 0x02d8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:38:52.0573 0x02d8  WacomPen - ok
12:38:52.0643 0x02d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:38:52.0713 0x02d8  WANARP - ok
12:38:52.0723 0x02d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:38:52.0753 0x02d8  Wanarpv6 - ok
12:38:52.0853 0x02d8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:38:52.0963 0x02d8  WatAdminSvc - ok
12:38:53.0073 0x02d8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:38:53.0183 0x02d8  wbengine - ok
12:38:53.0223 0x02d8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:38:53.0253 0x02d8  WbioSrvc - ok
12:38:53.0323 0x02d8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:38:53.0423 0x02d8  wcncsvc - ok
12:38:53.0443 0x02d8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:53.0523 0x02d8  WcsPlugInService - ok
12:38:53.0543 0x02d8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:38:53.0573 0x02d8  Wd - ok
12:38:53.0653 0x02d8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:38:53.0773 0x02d8  Wdf01000 - ok
12:38:53.0783 0x02d8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:38:53.0923 0x02d8  WdiServiceHost - ok
12:38:53.0943 0x02d8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:38:53.0963 0x02d8  WdiSystemHost - ok
12:38:54.0003 0x02d8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:38:54.0033 0x02d8  WebClient - ok
12:38:54.0073 0x02d8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:38:54.0143 0x02d8  Wecsvc - ok
12:38:54.0163 0x02d8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:38:54.0223 0x02d8  wercplsupport - ok
12:38:54.0243 0x02d8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:38:54.0293 0x02d8  WerSvc - ok
12:38:54.0333 0x02d8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:54.0393 0x02d8  WfpLwf - ok
12:38:54.0423 0x02d8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:38:54.0433 0x02d8  WIMMount - ok
12:38:54.0463 0x02d8  WinDefend - ok
12:38:54.0463 0x02d8  WinHttpAutoProxySvc - ok
12:38:54.0533 0x02d8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:38:54.0603 0x02d8  Winmgmt - ok
12:38:54.0723 0x02d8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:38:54.0943 0x02d8  WinRM - ok
12:38:55.0013 0x02d8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:55.0073 0x02d8  WinUsb - ok
12:38:55.0143 0x02d8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:38:55.0223 0x02d8  Wlansvc - ok
12:38:55.0413 0x02d8  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:38:55.0543 0x02d8  wlidsvc - ok
12:38:55.0603 0x02d8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:38:55.0643 0x02d8  WmiAcpi - ok
12:38:55.0693 0x02d8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:38:55.0753 0x02d8  wmiApSrv - ok
12:38:55.0793 0x02d8  WMPNetworkSvc - ok
12:38:55.0813 0x02d8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:38:55.0863 0x02d8  WPCSvc - ok
12:38:55.0903 0x02d8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:38:55.0953 0x02d8  WPDBusEnum - ok
12:38:55.0983 0x02d8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:38:56.0053 0x02d8  ws2ifsl - ok
12:38:56.0093 0x02d8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:38:56.0123 0x02d8  wscsvc - ok
12:38:56.0193 0x02d8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
12:38:56.0243 0x02d8  WSDPrintDevice - ok
12:38:56.0273 0x02d8  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
12:38:56.0303 0x02d8  WSDScan - ok
12:38:56.0303 0x02d8  WSearch - ok
12:38:56.0413 0x02d8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:38:56.0523 0x02d8  wuauserv - ok
12:38:56.0573 0x02d8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:38:56.0653 0x02d8  WudfPf - ok
12:38:56.0703 0x02d8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:56.0753 0x02d8  WUDFRd - ok
12:38:56.0793 0x02d8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:38:56.0853 0x02d8  wudfsvc - ok
12:38:56.0903 0x02d8  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:38:56.0973 0x02d8  WwanSvc - ok
12:38:57.0003 0x02d8  ================ Scan global ===============================
12:38:57.0033 0x02d8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:57.0083 0x02d8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:57.0113 0x02d8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:57.0153 0x02d8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:57.0173 0x02d8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:57.0183 0x02d8  [ Global ] - ok
12:38:57.0183 0x02d8  ================ Scan MBR ==================================
12:38:57.0203 0x02d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:38:57.0623 0x02d8  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
12:38:57.0623 0x02d8  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:39:11.0333 0x02d8  ================ Scan VBR ==================================
12:39:11.0333 0x02d8  [ A494A22B5EFEED048E8B225C0B4F343E ] \Device\Harddisk0\DR0\Partition1
12:39:11.0333 0x02d8  \Device\Harddisk0\DR0\Partition1 - ok
12:39:11.0403 0x02d8  [ 25F5849B729BA047868E7BFDFFD3EFF8 ] \Device\Harddisk0\DR0\Partition2
12:39:11.0403 0x02d8  \Device\Harddisk0\DR0\Partition2 - ok
12:39:11.0403 0x02d8  Waiting for KSN requests completion. In queue: 173
12:39:12.0553 0x02d8  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
12:39:12.0573 0x02d8  Win FW state via NFP2: enabled
12:39:15.0253 0x02d8  ============================================================
12:39:15.0253 0x02d8  Scan finished
12:39:15.0253 0x02d8  ============================================================
12:39:15.0263 0x13fc  Detected object count: 1
12:39:15.0263 0x13fc  Actual detected object count: 1
13:00:38.0714 0x13fc  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:00:38.0714 0x13fc  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
13:00:49.0764 0x08a0  Deinitialize success
         

Alt 06.12.2013, 08:50   #13
schrauber
/// the machine
/// TB-Ausbilder
 

BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Was für ne Auswahl hast Du bei den Funden?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.12.2013, 11:37   #14
pace123
 
BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



skip, move to quarantine und delete

Alt 07.12.2013, 10:37   #15
schrauber
/// the machine
/// TB-Ausbilder
 

BOO/TDss.O Virus gefunden - Standard

BOO/TDss.O Virus gefunden



Delete, dann weiter, Logfile posten. Dann frischen Scan mit TDSSKiller machen, Logfile posten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu BOO/TDss.O Virus gefunden
acer, adware.installbrain, android/trojansms.bosm.e, boo/tdss.o, browser, cdrom, desktop, detected, dxgkrnl, fontcache, harddisk, laufwerk, monitor, policyagent, programm, pup.funmoods, pup.optional.babylon.a, pup.optional.filescout.a, riskware.tool.ck, system32, trustedinstaller, tunnel, win32/kryptik.uws, win32/olmasco.o, win32/olmasco.q, win64/olmasco.ad, win64/olmasco.v, win64/olmasco.x, windows, wlansvc, wsearch



Ähnliche Themen: BOO/TDss.O Virus gefunden


  1. Nach Avira Update: Win 7- BOO/TDss.O wurde im Masterbootsektor gefunden
    Log-Analyse und Auswertung - 22.01.2014 (23)
  2. BOO /TDss.O im Masterbootsektor gefunden nach Installation von Windows 7 auf einer zweiten internen Festplatte
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (33)
  3. Win Vista: Avira meldet 'BOO/TDss.O' gefunden
    Log-Analyse und Auswertung - 03.01.2014 (32)
  4. Virus oder unerwünschtes Programm ' BOO/TDss.O' wurde von Antivir gefunden
    Log-Analyse und Auswertung - 19.02.2012 (29)
  5. BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery
    Plagegeister aller Art und deren Bekämpfung - 03.11.2011 (36)
  6. Bootsektor-Virus Boo/TDss.M gefunden, Rechner nur im abgesicherten Modus verwendbar
    Log-Analyse und Auswertung - 18.10.2011 (2)
  7. Boo/TDss.A nach Entfernen(?) von Alureon.A gefunden
    Log-Analyse und Auswertung - 20.06.2011 (15)
  8. Haxdoor.hm und Win32.TDSS.rtk von Spybot gefunden
    Plagegeister aller Art und deren Bekämpfung - 24.05.2011 (20)
  9. BOO/TDss.M im Masterbootsektor gefunden - wie entfernen?
    Log-Analyse und Auswertung - 20.05.2011 (26)
  10. BOO/TDss.M gefunden
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (5)
  11. Mit Malwarebite (bzw. Antivir) Trojaner TR/Drop.TDss.wav und Malware (?) gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.01.2011 (23)
  12. Backdoorprogramm BDS/TDSS.3020846 gefunden u.a.
    Log-Analyse und Auswertung - 23.11.2010 (10)
  13. Rootkit.TDSS/ Trojan.Downloader gefunden - .exe-Anwendungen sind blockiert!
    Log-Analyse und Auswertung - 04.11.2010 (21)
  14. TR/TDss.bckj.7' und TR/FraudPack.auiv' gefunden! AntiVir
    Log-Analyse und Auswertung - 08.05.2010 (2)
  15. Trojan.TDss!K - Packed.Win32.Tdss!IK - und wer weiß was noch alles!
    Plagegeister aller Art und deren Bekämpfung - 09.12.2009 (1)
  16. win32.tdss.rtk von s&d gefunden
    Plagegeister aller Art und deren Bekämpfung - 22.09.2009 (11)
  17. Backdoor.TDSS.asz und TDSS.atb gefunden
    Mülltonne - 28.11.2008 (0)

Zum Thema BOO/TDss.O Virus gefunden - Hi, ich wurden von avira auf folgendes hingewiesen: Code: Alles auswählen Aufklappen ATTFilter Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden. Ausgeführte Aktion: - BOO/TDss.O Virus gefunden...
Archiv
Du betrachtest: BOO/TDss.O Virus gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.