Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Antivir zeigt viele laufenden Prozesse als Virus an

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.04.2014, 19:11   #1
PhilMcDevil
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Hallo !

Seit ein paar Tagen startet Antivir direkt nach dem Start des Computers einen Scan und zeigt mir dann mehrere Prozesse als Viren an. Soweit ich weiß sind einige davon auch Windowsprozesse/Daten. Wenn ich die Prozesse in Quarantäne lege oder lösche, stürzt der PC direkt ab, ich kann ihn jedoch wieder normal starten. Woher weiß ich jetzt ob es wirklich Viren sind, und wenn ja, wie kriege ich sie vom PC ?

Ich hoffe ihr könnt mir schnell helfen,

MFG

PhilMcDevil

Alt 19.04.2014, 19:17   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweise: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Das dauert dann zwar ein paar Stunden länger, garantiert aber, dass Du kompetente Hilfe und geprüfte Antworten bekommst. Siehe hier...

Ich bedanke mich für Deine Geduld!



Schritt 1 (Scan mit FRST)
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.


Kannst DU bitte wenn möglich auch die Logfiles von Avira mit den Funden posten oder einen Screenshot?
__________________

__________________

Alt 19.04.2014, 19:58   #3
PhilMcDevil
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2014
Ran by Philip (administrator) on PHILIP-PC on 19-04-2014 19:53:20
Running from C:\Users\Philip\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avscan.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
() C:\Users\Philip\Downloads\FRST64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8321568 2009-11-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-01-13] (Softthinks)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [Facebook Update] => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-27] (Facebook Inc.)
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [Spotify Web Helper] => C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-15] (Spotify Ltd)
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {8e41c074-87b3-11e0-a0e7-00262d1cb7b6} - I:\Autorun.exe
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {9c53062c-9805-11e0-a906-00262d1cb7b6} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {ac588f44-b7d8-11e2-b3ed-00262d1cb7b6} - J:\autorun.exe
HKU\S-1-5-21-1762897763-1593096696-3758382223-1001\...\MountPoints2: {f76e5f60-0be8-11e2-b5cc-00262d1cb7b6} - I:\LaunchU3.exe -a
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs:  c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss_gin2g&mntrId=26D100262D1CB7B6&affID=119292&tsp=4930
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {E491B4A4-BC58-49B8-BE46-84D7FA1DF57A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=26D100262D1CB7B6&affID=119292&tsp=4930
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {51B79B53-627C-4DDA-9A17-6B306B77196A} URL = 
SearchScopes: HKCU - {E491B4A4-BC58-49B8-BE46-84D7FA1DF57A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - {F1347901-060E-4775-8679-390DA5814695} URL = 
SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip
FF user.js: detected! => C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://battlelog.battlefield.com/bf3/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Philip\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Philip\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\116 [2013-07-04]
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\122 [2013-07-15]
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\125 [2013-07-23]
FF Extension: LyricsSpeaker - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\128 [2013-08-23]
FF Extension: Delta Toolbar - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\ffxtlbr@delta.com [2013-07-01]
FF Extension: WebCake - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\plugin@getwebcake.com [2013-07-01]
FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-08-23]
FF Extension: WEB.DE MailCheck - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\toolbar@web.de.xpi [2013-10-31]
FF Extension: Adblock Plus - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\8ati92f2.Philip\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-10]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-04-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-04-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-04-10]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-28]
FF HKCU\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\Philip\AppData\Roaming\5018
FF Extension: Java String Helper - C:\Users\Philip\AppData\Roaming\5018 [2011-06-14]
FF HKCU\...\Firefox\Extensions: [lspeaker@lyricsspeaker.net] - C:\Program Files (x86)\LyricsSpeaker\128.xpi
FF Extension: LyricsSpeaker - C:\Program Files (x86)\LyricsSpeaker\128.xpi [2013-08-23]

==================== Services (Whitelisted) =================

S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2011-06-16] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-27] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-27] (DealPly Technologies Ltd)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [173344 2007-03-06] (Labtec Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-08] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S2 SystemStoreService; "C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe"  -displayname "System Store" -servicename "SystemStoreService" [X]

==================== Drivers (Whitelisted) ====================

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-05-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-08] (DT Soft Ltd)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658432 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19456 2009-07-06] (Hauppauge Computer Works, Inc.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-05-19] ()
S3 LVcKap64; C:\Windows\System32\DRIVERS\LVcKap64.sys [1029024 2007-03-06] (Labtec Inc.)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2496928 2007-03-06] (Labtec Inc.)
S3 LVUSBS64; C:\Windows\System32\DRIVERS\LVUSBS64.sys [58400 2007-03-06] (Labtec Inc.)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561V64.SYS [468000 2007-03-06] (Labtec Inc.)
R2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [12528 2013-06-30] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 ALSysIO; \??\C:\Users\Philip\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 19:53 - 2014-04-19 19:53 - 00023353 _____ () C:\Users\Philip\Downloads\FRST.txt
2014-04-19 19:52 - 2014-04-19 19:53 - 00000000 ____D () C:\FRST
2014-04-19 19:51 - 2014-04-19 19:52 - 02055680 _____ (Farbar) C:\Users\Philip\Desktop\FRST64.exe
2014-04-19 10:58 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-19 10:58 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-19 10:58 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-19 10:58 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-19 10:57 - 2014-04-19 10:58 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-15 11:53 - 2014-04-15 11:54 - 00000000 ____D () C:\Users\Philip\Desktop\Abitur
2014-04-10 16:40 - 2014-04-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-19 19:53 - 2014-04-19 19:53 - 00023353 _____ () C:\Users\Philip\Downloads\FRST.txt
2014-04-19 19:53 - 2014-04-19 19:52 - 00000000 ____D () C:\FRST
2014-04-19 19:52 - 2014-04-19 19:51 - 02055680 _____ (Farbar) C:\Users\Philip\Desktop\FRST64.exe
2014-04-19 19:52 - 2011-05-17 15:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-19 19:23 - 2013-09-27 21:18 - 00000906 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2014-04-19 19:23 - 2012-03-30 12:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-19 19:18 - 2013-09-27 21:18 - 00000294 _____ () C:\Windows\Tasks\Dealply.job
2014-04-19 19:10 - 2011-10-03 22:54 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-19 17:44 - 2011-06-08 20:40 - 00000000 ____D () C:\ProgramData\Origin
2014-04-19 17:43 - 2011-06-14 18:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-19 17:15 - 2013-01-27 15:10 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job
2014-04-19 16:59 - 2011-05-23 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-04-19 16:24 - 2013-09-27 21:18 - 00000902 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2014-04-19 16:24 - 2011-10-03 22:54 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-19 16:23 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-19 16:23 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-19 16:20 - 2009-07-14 19:58 - 09089640 _____ () C:\Windows\system32\perfh007.dat
2014-04-19 16:20 - 2009-07-14 19:58 - 02768438 _____ () C:\Windows\system32\perfc007.dat
2014-04-19 16:20 - 2009-07-14 07:13 - 00006458 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-19 16:19 - 2012-06-15 14:03 - 01536689 ____N () C:\Windows\WindowsUpdate.log
2014-04-19 16:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-19 12:57 - 2012-02-20 17:13 - 00000000 ___RD () C:\Users\Philip\Desktop\Ordner
2014-04-19 11:11 - 2011-05-18 21:42 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-04-19 10:58 - 2014-04-19 10:57 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-19 10:58 - 2013-10-03 20:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 10:58 - 2010-03-18 13:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-18 16:01 - 2012-04-17 17:41 - 00000000 ____D () C:\Users\Philip\AppData\Roaming\Spotify
2014-04-18 14:15 - 2013-01-27 15:10 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job
2014-04-18 00:51 - 2011-05-17 16:04 - 00000000 ____D () C:\Users\Philip\AppData\Roaming\Skype
2014-04-16 15:05 - 2011-05-17 16:51 - 00000000 ____D () C:\ProgramData\Apple
2014-04-16 13:02 - 2012-04-17 17:42 - 00000000 ____D () C:\Users\Philip\AppData\Local\Spotify
2014-04-15 20:05 - 2013-04-17 19:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-15 11:54 - 2014-04-15 11:53 - 00000000 ____D () C:\Users\Philip\Desktop\Abitur
2014-04-14 20:13 - 2014-04-19 10:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-19 10:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-19 10:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-19 10:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-10 17:22 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-10 16:40 - 2014-04-10 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 20:05 - 2011-10-03 22:54 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-07 20:05 - 2011-10-03 22:54 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 16:18 - 2013-12-19 17:18 - 00000137 _____ () C:\Users\Philip\AppData\Roaming\WB.CFG
2014-03-29 20:46 - 2010-03-18 13:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2010-03-18 22:06] - [2010-03-18 22:06] - 2868736 ____A (Microsoft Corporation) 6D4F9E4B640B413C6F73414327484C80

C:\Windows\SysWOW64\explorer.exe
[2010-03-18 22:06] - [2010-03-18 22:06] - 2613248 ____A (Microsoft Corporation) FC89FACA0473641CB625EDA9277D0885

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!


LastRegBack: 2014-04-19 19:29

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2014
Ran by Philip at 2014-04-19 19:53:58
Running from C:\Users\Philip\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader 9.5.3 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{1D420647-DF79-D93E-66E1-6B053F1F9BE0}) (Version: 2.0.4224.34064 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{D726D186-0BA7-8BC4-6273-A9AED17C7B8A}) (Version: 2.0.4532.34673 - Advanced Micro Devices, Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23268 - Ask.com) <==== ATTENTION
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.3.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.02 - Broadcom Corporation)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1209.2335.42329 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2009.1209.2334.42329 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2009.1209.2335.42329 - ATI) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source v17 (HKLM-x32\...\Counter-Strike: Source v17) (Version:  - )
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CycoreFX HD-64 1.7 for After Effects (HKLM-x32\...\CycoreFX HD-64 1.7 for After Effects) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTION
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.34 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.74 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
Der Herr der Ringe® - Die Eroberung™ (HKLM-x32\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
ffdshow [rev 2202] [2008-10-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free DVD Creator version 2.0 (HKLM-x32\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Free Video to DVD Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FXAA Post Process Injector (HKLM-x32\...\FXAA Post Process Injector) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
HWiNFO64 Version 4.24 (HKLM\...\HWiNFO64_is1) (Version: 4.24 - Martin Malík - REALiX)
iCloud (HKLM\...\{89BDAE1A-7B8E-4A0E-A169-02F7F366451D}) (Version: 2.1.0.39 - Apple Inc.)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kingdoms of Amalur: Reckoning - Demo (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
K-Lite Mega Codec Pack 9.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.0 - )
Labtec WebCam (HKLM\...\{FA4DA5D7-5140-4024-BADD-FCB540833E5D}) (Version: 10.51.1130 - Labtec, Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Little Fighter 2 version 2.0a (HKLM-x32\...\Little Fighter 2) (Version: version 2.0a - )
LyricsSpeaker (HKLM-x32\...\lspeaker@lyricsspeaker.net) (Version:  - LyricsSpeaker LTD) <==== ATTENTION
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5977 - Realtek Semiconductor Corp.)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SOE Web Installer (HKCU\...\SOE Web Installer) (Version: 1.0.3.170 - Sony Online Entertainment)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Incorporated)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Toolbar (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode Version 3.1.6.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.9 - XMedia Recode)

==================== Restore Points  =========================

07-04-2014 18:29:14 Geplanter Prüfpunkt
17-04-2014 12:09:37 Geplanter Prüfpunkt
19-04-2014 08:56:22 Installed Java 7 Update 55

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0099E1E5-9B86-4FCB-A7F6-4BD5D05C64E7} - System32\Tasks\{A406987F-3F4C-49A7-A287-24551A9594A9} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {0213C5ED-2D34-4EAD-ABDB-4CB74225AA2D} - System32\Tasks\{28E75563-13A6-4254-8B72-BB4157562C9C} => C:\Users\Philip\Downloads\webcam1051deu_x64.exe
Task: {05C1F3A1-4B9D-423D-B3C3-528BF7FA8E85} - System32\Tasks\{DBAD9574-D40E-4C5C-BF14-AB7EE2FB5477} => D:\_ISDEL.EXE
Task: {0D7ED96B-366D-4F5B-8867-FEE0A9DD5570} - System32\Tasks\{EAE55B9B-D7E3-45C6-80BD-7E5CC68678D8} => C:\Program Files (x86)\Electronic Arts\Burnout Paradise\BurnoutLauncher.exe
Task: {0E61AC01-50AB-46A4-85EE-767176085F8D} - System32\Tasks\{B322BD7A-B257-4E3C-B0E9-500B60459896} => Firefox.exe 
Task: {172B81B0-418A-4ED2-9629-999968EA481A} - System32\Tasks\{339B9848-2240-4216-B66F-E77F1BF99E51} => C:\Program Files (x86)\Call of Duty\CoDSP.exe [2003-10-30] ()
Task: {2150CC91-8BED-492F-9F42-1D0B67CB8E71} - System32\Tasks\{EE26D74C-73AD-456E-AF8D-70C5CA3A9AE2} => C:\Users\Philip\Desktop\***\Xpadder\Xpadder.exe
Task: {22479661-BAFA-4F7E-B2A6-E5AAAF098D3F} - System32\Tasks\{D0EDE78D-A43A-4F20-8562-BF134BDBE8F6} => C:\Users\Philip\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
Task: {24B79D1D-86B3-4A2B-9723-69B54DD76785} - System32\Tasks\{4B6380BE-EA5F-4567-A815-2B97EF2648AF} => D:\_ISDEL.EXE
Task: {2929858A-3F02-42BD-AD4A-6AD117D85C7E} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {295B845D-C1CC-4B24-B2E9-C025FF793BB6} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {2ABD5925-608E-4E5F-81B4-AB9403C05988} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {2B5C5DFA-14E5-4146-A870-01B5060C5DDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {2D021799-9AE0-4FED-84EB-389C6FF4C39B} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Safari\1Click.exe
Task: {2D65B94D-65CC-44C3-B3EC-5E7471FAFD75} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-05-29] () <==== ATTENTION
Task: {2DA9CBE9-5784-4784-BFEB-DA9792FF1EAA} - System32\Tasks\{EBD97FBF-CE8C-41F3-BC03-64C1160C3D54} => D:\_ISDEL.EXE
Task: {340D9D15-6C85-424D-8413-E442C593E546} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {349C0DE6-713E-497C-9CA7-D6F9CECAD891} - System32\Tasks\Dealply => C:\Users\Philip\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe [2013-09-27] () <==== ATTENTION
Task: {43CBA4BC-EA97-4038-842D-92DC51E36A89} - System32\Tasks\{AFCCA13B-6683-402F-9AD9-98203F9A9EF3} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {463F7FD2-4934-484B-B15E-CF9CA5C8097A} - System32\Tasks\{0BDA5E34-7DC4-4A5D-B017-8470CC5F80AF} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {4C7ED2FF-B91B-452A-A3B7-A7734902B3B2} - System32\Tasks\BrowserDefendert
Task: {53483F72-5404-4D63-9390-D610BB5F19F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5697979B-FEF7-4021-A43E-C3DBC3955D3A} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-23] ()
Task: {580FEA43-CE45-4CFA-8E22-F8BE8094A077} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5CF0C940-18C1-49F8-A8E5-FE84DB7EB891} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-27] (DealPly Technologies Ltd) <==== ATTENTION
Task: {6B41705E-A9F1-44A2-92CA-0E16978C2A75} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-27] (DealPly Technologies Ltd) <==== ATTENTION
Task: {74E2AFA8-A481-43D7-AA80-E1CE43815649} - System32\Tasks\{88549521-5DA0-4AA4-BBC2-3429EBA6EC43} => D:\_ISDEL.EXE
Task: {788C7039-5C32-4B08-ADF8-AB70F2417D99} - System32\Tasks\Google Updater and Installer => C:\Users\Philip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {827C6551-75F2-49F7-86A0-0CEB6267277A} - System32\Tasks\{42305BEC-5A2F-400E-B430-22D1CBFDE48D} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {83263FEC-94C6-4033-9D70-6B537FB87A79} - System32\Tasks\JavaUpdateSched => C:\Windows\System32\jusched.exe [2010-03-18] (Sun Microsystems, Inc.)
Task: {90754EB8-CB92-490D-A552-A0FF188CD72F} - System32\Tasks\{A398B4A3-513D-4839-9DA2-6711B9DF118F} => Firefox.exe 
Task: {917A5E7D-A34C-4F36-BC6E-BA5EDA8A9636} - System32\Tasks\{55B1E58B-7D30-434C-8814-99BB8A404BB7} => Firefox.exe 
Task: {91876DDF-1A2E-45FA-8660-60EC7912DA98} - System32\Tasks\{213989E0-3C20-44C4-8734-3D4F319DFE88} => Firefox.exe 
Task: {98BAD724-F4AA-4ECD-8E98-284BF6B108DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {99377543-CA83-425B-A2D1-3B2C398EA15C} - System32\Tasks\{8877A725-1921-4B7B-9838-9FFA8A3A4175} => D:\_ISDEL.EXE
Task: {9CC41521-CA2B-4A1F-8444-B0A322BE8BEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9D39864D-A9C5-464D-9024-CF516FD4D7A0} - System32\Tasks\{C157E6D4-2A46-401B-B244-C2893079D826} => Firefox.exe 
Task: {9DBDCD30-B958-4104-9226-CFB2C010866C} - System32\Tasks\{9DDB1B82-3DF6-4829-AE8D-EF5C090169A5} => D:\SETUP.EXE
Task: {9F031F4D-8C0E-4FB1-985A-F5959EDB81D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-03] (Google Inc.)
Task: {9FA80E47-961A-4A84-A6AB-368ED1FE94F2} - System32\Tasks\{D4448B81-CC1B-480A-AFDF-F94309F17813} => D:\_ISDEL.EXE
Task: {A4BAF711-0B99-4372-A9EA-945B23F0F5D0} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {A956EF08-5DCC-47F0-A6CB-A4DC673446EA} - System32\Tasks\{732325CA-8798-431C-BBEF-2095A65F1828} => D:\SETUP.EXE
Task: {AD847B47-6996-41B9-BC5B-59B294189393} - System32\Tasks\{8183A7B3-F7D8-4D5C-837E-E358125DAB75} => C:\Users\Philip\Downloads\SoftonicDownloader_fuer_sonicstage.exe [2013-06-24] (Softonic                                        )
Task: {B1658FAD-FFD3-4AA1-8077-A8DE51194D3F} - System32\Tasks\{DA0BCC55-4B5F-4A68-A1AC-CB853AF4DD04} => C:\Users\Philip\Desktop\Minecraft-Beta-by-Deutschland2Orbit.exe
Task: {B9902F32-72DE-484E-8D55-948E7DABB2AD} - System32\Tasks\{499AF17F-67AF-4D0D-978C-87E24C4644DB} => Firefox.exe 
Task: {BE9F6BA8-FB43-46E5-A1BA-54541160FFCB} - System32\Tasks\{DC011BCD-0A67-4D3A-95AF-347D7118AEBE} => D:\SETUP.EXE
Task: {C481A97C-21BD-469E-813D-AAAFC8271EC4} - System32\Tasks\{FDAF1706-86BF-4F0A-AAC9-F554A1278D9F} => D:\SETUP.EXE
Task: {C5A1C017-3ABA-47DB-9428-1C782DEE4BA5} - System32\Tasks\LyricsSpeaker Update => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe <==== ATTENTION
Task: {DC72AF65-2C74-4B57-99BE-FA2A44C2156F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-27] (Facebook Inc.)
Task: {E4D32404-08AE-4DCC-89D8-D85726394C07} - System32\Tasks\{CB306D73-D4A5-4C9E-B046-3D69F817BC25} => D:\SETUP.EXE
Task: {EECFDD11-93A8-484C-8F92-AFB883983DE4} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {F3F81F65-2AD4-4E58-B8C2-648E272CEE0C} - System32\Tasks\{512AF1ED-5EA6-4AE4-BECB-FDB76F6F9328} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {F40DC4E7-8883-4728-84A5-4720C14C0415} - System32\Tasks\{6B56370F-D515-4E08-86E0-2C8154E6FB42} => C:\Users\Philip\Desktop\Need For Speed 3\setup.exe
Task: {F4CE2786-5462-481D-9E31-9447BCF1CAF4} - System32\Tasks\{6BB9C277-EBFF-4895-83CE-AE553C07320E} => Firefox.exe 
Task: {F795D2D4-C2AC-48E6-BFFB-3AB960870473} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03] (Adobe Systems Incorporated)
Task: {FE21CDC3-5F38-442E-B63E-513A1666EC5D} - System32\Tasks\{672D2BF0-FA32-4E89-B98C-5AF98918C167} => D:\Setup.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Philip\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001Core.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1762897763-1593096696-3758382223-1001UA.job => C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsSpeaker Update.job => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-11-21 17:44 - 2013-11-18 16:32 - 01958880 ____N () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll
2013-05-08 15:20 - 2013-05-08 15:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-11-28 17:37 - 2012-11-28 17:37 - 00954256 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-05-26 21:44 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-03-18 13:32 - 2011-01-13 20:39 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2013-03-28 22:30 - 2013-03-28 22:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: SftService => 2
MSCONFIG\startupfolder: C:^Users^Philip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe                                                                                                                                                                                                                
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Philip\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                      
MSCONFIG\startupreg: Facebook Update => "C:\Users\Philip\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver                                                                                                                                                                                     
MSCONFIG\startupreg: LogitechCommunicationsManager => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"                                                                                                                                                                                         
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files (x86)\Labtec\WebCam\WebCam10.exe" /hide                                                                                                                                                                                                                
MSCONFIG\startupreg: LVCOMSX => "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe"                                                                                                                                                                                                       
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Okfas => C:\Users\Philip\AppData\Roaming\Ubusc\tuixu.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"                                                                                                                                                                                          
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Userinit => C:\Users\Philip\AppData\Roaming\appconf32.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: AODDriver4.2
Description: AODDriver4.2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2014 07:36:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (04/19/2014 06:30:57 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/19/2014 04:57:27 PM) (Source: Application Hang) (User: )
Description: Programm WebKit2WebProcess.exe, Version 7534.57.2.4 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f98

Startzeit: 01cf5bdf86710dd6

Endzeit: 13

Anwendungspfad: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe

Berichts-ID: ea31eeec-c7d2-11e3-8239-00262d1cb7b6

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2014 04:16:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (04/19/2014 00:08:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WebKit2WebProcess.exe, Version: 7534.57.2.4, Zeitstempel: 0x4f97642d
Name des fehlerhaften Moduls: WebKit.dll, Version: 7534.57.2.4, Zeitstempel: 0x4f976417
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001f5f03
ID des fehlerhaften Prozesses: 0xdd0
Startzeit der fehlerhaften Anwendung: 0xWebKit2WebProcess.exe0
Pfad der fehlerhaften Anwendung: WebKit2WebProcess.exe1
Pfad des fehlerhaften Moduls: WebKit2WebProcess.exe2
Berichtskennung: WebKit2WebProcess.exe3

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (04/19/2014 07:49:44 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/19/2014 06:20:05 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2014 06:09:41 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2014 04:28:56 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/19/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/19/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/19/2014 04:24:17 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422

Error: (04/19/2014 04:18:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/19/2014 04:18:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================
Error: (04/19/2014 07:36:21 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (04/19/2014 06:30:57 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/19/2014 04:57:27 PM) (Source: Application Hang)(User: )
Description: WebKit2WebProcess.exe7534.57.2.4f9801cf5bdf86710dd613C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exeea31eeec-c7d2-11e3-8239-00262d1cb7b6

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/19/2014 04:20:03 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/19/2014 04:16:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (04/19/2014 00:08:07 PM) (Source: Application Error)(User: )
Description: WebKit2WebProcess.exe7534.57.2.44f97642dWebKit.dll7534.57.2.44f976417c0000005001f5f03dd001cf5bad66a122adC:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exeC:\Program Files (x86)\Safari\Apple Application Support\WebKit.dll80844098-c7aa-11e3-8b4c-00262d1cb7b6

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/19/2014 10:58:51 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2014-04-19 19:49:44.413
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:52:40.701
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:41:09.984
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:17:04.646
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 18:10:26.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 17:39:52.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 16:38:41.273
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 16:24:10.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 16:15:53.013
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-19 13:30:15.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\wininet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 6142.98 MB
Available physical RAM: 3669.34 MB
Total Pagefile: 12284.1 MB
Available Pagefile: 9363.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:585.42 GB) (Free:90.3 GB) NTFS
Drive j: (Far Cry 3) (CDROM) (Total:7.7 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: B8000000)
Partition 1: (Not Active) - (Size=71 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 19.04.2014, 20:03   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Kannst Du mir bitte wenn möglich auch noch die Funde in den Avira-Logs posten? Das geht so...

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 19.04.2014, 20:04   #5
PhilMcDevil
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Name:  Unbenannt.PNG
Hits: 218
Größe:  14,3 KB

Name:  Unbenannt1.PNG
Hits: 241
Größe:  14,9 KB

Name:  Unbenannt2.PNG
Hits: 205
Größe:  5,5 KB


Alt 19.04.2014, 20:13   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



OK.
Melde mich wieder mit weiteren Anweisungen. (Wahrscheinlich morgen schon)...
Bis dahin bitte keine Veränderungen etc. am PC vornehmen.
__________________
--> Antivir zeigt viele laufenden Prozesse als Virus an

Alt 19.04.2014, 20:14   #7
PhilMcDevil
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Ich kann die Funde nicht posten, die Datei ist zu groß. Und das obwohl ich nur die von heut nachmittag genommen habe..

Ok wenn die Bilder reichen dann ist gut. Ok und dankeschön schonmal für die Hilfe

Alt 19.04.2014, 20:15   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Schon OK!
Siehe das Posting davor....
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 20.04.2014, 18:44   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Hallo,
machst Du mit dem PC Onlinebanking, Paypal, ebay etc.? Der Firefox scheint mit einem Keylogger infiziert zu sein.

Lesestoff:
Banking-Trojaner
Wenn du mit diesem Computer beispielsweise Onlinebanking machst, dann solltest Du zumindest dein Passwort von deiner Bank ändern lassen, wenn Du ein ansonsten sicheres Verfahren wie beispielsweise "chip-TAN-comfort" nutzt. Hast Du noch alte TAN-Bögen auf Papierbasis? Dann ist es höchste Zeit Dich bei Deiner Bank zu melden und notfalls das Konto temporär sperren zu lassen. Der Sperrnotruf 116 116 von www.sperr-notruf.de kann Tag und Nacht dafür benutzt werden.


Zur Bestätigung einer anderen Infektion müssen wir noch einen Kontrollscan durchführen:

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 20.04.2014, 20:01   #10
PhilMcDevil
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Firefox benutze ich eigentlich eh nie, also sollte das nicht allzu schlimm sein oder?

19:52:51.0864 0x0db4 TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
19:53:41.0455 0x0db4 ============================================================
19:53:41.0455 0x0db4 Current date / time: 2014/04/20 19:53:41.0455
19:53:41.0455 0x0db4 SystemInfo:
19:53:41.0455 0x0db4
19:53:41.0455 0x0db4 OS Version: 6.1.7600 ServicePack: 0.0
19:53:41.0455 0x0db4 Product type: Workstation
19:53:41.0455 0x0db4 ComputerName: PHILIP-PC
19:53:41.0455 0x0db4 UserName: Philip
19:53:41.0455 0x0db4 Windows directory: C:\Windows
19:53:41.0455 0x0db4 System windows directory: C:\Windows
19:53:41.0455 0x0db4 Running under WOW64
19:53:41.0455 0x0db4 Processor architecture: Intel x64
19:53:41.0455 0x0db4 Number of processors: 4
19:53:41.0455 0x0db4 Page size: 0x1000
19:53:41.0455 0x0db4 Boot type: Normal boot
19:53:41.0455 0x0db4 ============================================================
19:53:42.0727 0x0db4 KLMD registered as C:\Windows\system32\drivers\63803899.sys
19:53:42.0894 0x0db4 System UUID: {BA202CF7-87B9-432A-F42B-5009CAF5A2C4}
19:53:43.0476 0x0db4 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:53:43.0497 0x0db4 ============================================================
19:53:43.0497 0x0db4 \Device\Harddisk0\DR0:
19:53:43.0497 0x0db4 MBR partitions:
19:53:43.0497 0x0db4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x155F000
19:53:43.0497 0x0db4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1582800, BlocksNum 0x492D5000
19:53:43.0497 0x0db4 ============================================================
19:53:43.0525 0x0db4 C: <-> \Device\Harddisk0\DR0\Partition2
19:53:43.0525 0x0db4 ============================================================
19:53:43.0525 0x0db4 Initialize success
19:53:43.0525 0x0db4 ============================================================
19:55:53.0700 0x101c ============================================================
19:55:53.0700 0x101c Scan started
19:55:53.0700 0x101c Mode: Manual; SigCheck; TDLFS;
19:55:53.0700 0x101c ============================================================
19:55:53.0700 0x101c KSN ping started
19:56:07.0428 0x101c KSN ping finished: true
19:56:08.0223 0x101c ================ Scan system memory ========================
19:56:08.0223 0x101c System memory - ok
19:56:08.0223 0x101c ================ Scan services =============================
19:56:08.0364 0x101c [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:56:08.0473 0x101c 1394ohci - ok
19:56:08.0520 0x101c [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:56:08.0535 0x101c ACPI - ok
19:56:08.0551 0x101c [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:56:08.0613 0x101c AcpiPmi - ok
19:56:08.0691 0x101c [ F84C9DEE4698DF3C1D76801B7B1B55D7, 071A3938ED7B9E20E30E873011C8039382C7EFE90D39EC8C0F3E457B2873406E ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:56:08.0722 0x101c Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
19:56:11.0468 0x101c Detect skipped due to KSN trusted
19:56:11.0468 0x101c Adobe LM Service - ok
19:56:11.0593 0x101c [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:11.0608 0x101c AdobeFlashPlayerUpdateSvc - ok
19:56:11.0655 0x101c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:56:11.0702 0x101c adp94xx - ok
19:56:11.0733 0x101c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:56:11.0764 0x101c adpahci - ok
19:56:11.0780 0x101c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:56:11.0780 0x101c adpu320 - ok
19:56:11.0811 0x101c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:11.0936 0x101c AeLookupSvc - ok
19:56:12.0030 0x101c [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
19:56:12.0092 0x101c AFD - ok
19:56:12.0123 0x101c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:56:12.0139 0x101c agp440 - ok
19:56:12.0154 0x101c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:56:12.0201 0x101c ALG - ok
19:56:12.0248 0x101c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:56:12.0248 0x101c aliide - ok
19:56:12.0342 0x101c ALSysIO - ok
19:56:12.0373 0x101c [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:56:12.0466 0x101c AMD External Events Utility - ok
19:56:12.0513 0x101c AMD FUEL Service - ok
19:56:12.0544 0x101c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:56:12.0544 0x101c amdide - ok
19:56:12.0576 0x101c [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:56:12.0607 0x101c amdiox64 - ok
19:56:12.0622 0x101c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:56:12.0654 0x101c AmdK8 - ok
19:56:12.0997 0x101c [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:56:13.0449 0x101c amdkmdag - ok
19:56:13.0527 0x101c [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:56:13.0558 0x101c amdkmdap - ok
19:56:13.0590 0x101c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:56:13.0621 0x101c AmdPPM - ok
19:56:13.0652 0x101c [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:56:13.0668 0x101c amdsata - ok
19:56:13.0699 0x101c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:56:13.0714 0x101c amdsbs - ok
19:56:13.0730 0x101c [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
19:56:13.0730 0x101c amdxata - ok
19:56:13.0808 0x101c [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:56:13.0824 0x101c AntiVirSchedulerService - ok
19:56:13.0855 0x101c [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:56:13.0870 0x101c AntiVirService - ok
19:56:13.0917 0x101c [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:56:13.0964 0x101c AntiVirWebService - ok
19:56:13.0995 0x101c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:56:13.0995 0x101c AODDriver4.01 - ok
19:56:14.0026 0x101c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:56:14.0026 0x101c AODDriver4.1 - ok
19:56:14.0042 0x101c [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:56:14.0042 0x101c AODDriver4.2 - ok
19:56:14.0073 0x101c [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
19:56:14.0136 0x101c AppID - ok
19:56:14.0182 0x101c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:56:14.0214 0x101c AppIDSvc - ok
19:56:14.0260 0x101c [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:14.0338 0x101c Appinfo - ok
19:56:14.0385 0x101c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:56:14.0385 0x101c Apple Mobile Device - ok
19:56:14.0416 0x101c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:56:14.0416 0x101c arc - ok
19:56:14.0432 0x101c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:56:14.0448 0x101c arcsas - ok
19:56:14.0510 0x101c aspnet_state - ok
19:56:14.0541 0x101c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:14.0604 0x101c AsyncMac - ok
19:56:14.0619 0x101c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:56:14.0619 0x101c atapi - ok
19:56:14.0666 0x101c [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:56:14.0744 0x101c AtiHDAudioService - ok
19:56:14.0791 0x101c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:56:14.0791 0x101c AtiHdmiService - ok
19:56:14.0838 0x101c [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:56:14.0838 0x101c AtiPcie - ok
19:56:14.0869 0x101c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:56:14.0900 0x101c atksgt - ok
19:56:14.0931 0x101c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:15.0009 0x101c AudioEndpointBuilder - ok
19:56:15.0040 0x101c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:56:15.0087 0x101c AudioSrv - ok
19:56:15.0134 0x101c [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:56:15.0134 0x101c avgntflt - ok
19:56:15.0165 0x101c [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:56:15.0181 0x101c avipbb - ok
19:56:15.0212 0x101c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:56:15.0212 0x101c avkmgr - ok
19:56:15.0228 0x101c [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:56:15.0337 0x101c AxInstSV - ok
19:56:15.0384 0x101c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:56:15.0430 0x101c b06bdrv - ok
19:56:15.0462 0x101c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:15.0508 0x101c b57nd60a - ok
19:56:15.0540 0x101c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:56:15.0602 0x101c BDESVC - ok
19:56:15.0633 0x101c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:15.0680 0x101c Beep - ok
19:56:15.0742 0x101c [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
19:56:15.0805 0x101c BFE - ok
19:56:15.0867 0x101c [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
19:56:15.0945 0x101c BITS - ok
19:56:15.0992 0x101c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:16.0008 0x101c blbdrive - ok
19:56:16.0070 0x101c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:16.0086 0x101c Bonjour Service - ok
19:56:16.0148 0x101c [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:16.0195 0x101c bowser - ok
19:56:16.0226 0x101c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:56:16.0257 0x101c BrFiltLo - ok
19:56:16.0304 0x101c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:56:16.0351 0x101c BrFiltUp - ok
19:56:16.0398 0x101c [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
19:56:16.0444 0x101c Browser - ok
19:56:16.0460 0x101c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:56:16.0522 0x101c Brserid - ok
19:56:16.0538 0x101c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:16.0554 0x101c BrSerWdm - ok
19:56:16.0554 0x101c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:16.0600 0x101c BrUsbMdm - ok
19:56:16.0632 0x101c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:16.0663 0x101c BrUsbSer - ok
19:56:16.0694 0x101c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:56:16.0725 0x101c BTHMODEM - ok
19:56:16.0788 0x101c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:56:16.0834 0x101c bthserv - ok
19:56:16.0866 0x101c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:16.0912 0x101c cdfs - ok
19:56:16.0944 0x101c [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:16.0959 0x101c cdrom - ok
19:56:16.0975 0x101c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:17.0006 0x101c CertPropSvc - ok
19:56:17.0022 0x101c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:56:17.0068 0x101c circlass - ok
19:56:17.0100 0x101c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:56:17.0115 0x101c CLFS - ok
19:56:17.0146 0x101c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:17.0162 0x101c clr_optimization_v2.0.50727_32 - ok
19:56:17.0224 0x101c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:17.0224 0x101c clr_optimization_v2.0.50727_64 - ok
19:56:17.0302 0x101c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:17.0302 0x101c clr_optimization_v4.0.30319_32 - ok
19:56:17.0349 0x101c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:17.0365 0x101c clr_optimization_v4.0.30319_64 - ok
19:56:17.0380 0x101c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:17.0396 0x101c CmBatt - ok
19:56:17.0412 0x101c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:56:17.0427 0x101c cmdide - ok
19:56:17.0443 0x101c [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
19:56:17.0474 0x101c CNG - ok
19:56:17.0490 0x101c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:56:17.0505 0x101c Compbatt - ok
19:56:17.0521 0x101c [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:56:17.0568 0x101c CompositeBus - ok
19:56:17.0568 0x101c COMSysApp - ok
19:56:17.0599 0x101c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:56:17.0614 0x101c crcdisk - ok
19:56:17.0692 0x101c [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:17.0739 0x101c CryptSvc - ok
19:56:17.0770 0x101c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:17.0848 0x101c DcomLaunch - ok
19:56:17.0911 0x101c dealplylive - ok
19:56:17.0911 0x101c dealplylivem - ok
19:56:17.0958 0x101c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:56:18.0020 0x101c defragsvc - ok
19:56:18.0067 0x101c [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:18.0098 0x101c DfsC - ok
19:56:18.0114 0x101c [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:56:18.0192 0x101c Dhcp - ok
19:56:18.0207 0x101c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:56:18.0238 0x101c discache - ok
19:56:18.0270 0x101c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:56:18.0270 0x101c Disk - ok
19:56:18.0316 0x101c [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:18.0363 0x101c Dnscache - ok
19:56:18.0394 0x101c [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:18.0441 0x101c dot3svc - ok
19:56:18.0488 0x101c [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
19:56:18.0535 0x101c DPS - ok
19:56:18.0566 0x101c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:18.0582 0x101c drmkaud - ok
19:56:18.0628 0x101c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:56:18.0660 0x101c dtsoftbus01 - ok
19:56:18.0706 0x101c [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:18.0738 0x101c DXGKrnl - ok
19:56:18.0784 0x101c EagleX64 - ok
19:56:18.0800 0x101c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:18.0847 0x101c EapHost - ok
19:56:18.0956 0x101c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:56:19.0112 0x101c ebdrv - ok
19:56:19.0159 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
19:56:19.0190 0x101c EFS - ok
19:56:19.0268 0x101c [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:19.0362 0x101c ehRecvr - ok
19:56:19.0377 0x101c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:56:19.0393 0x101c ehSched - ok
19:56:19.0440 0x101c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:56:19.0471 0x101c elxstor - ok
19:56:19.0486 0x101c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:56:19.0518 0x101c ErrDev - ok
19:56:19.0564 0x101c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:56:19.0611 0x101c EventSystem - ok
19:56:19.0627 0x101c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:19.0689 0x101c exfat - ok
19:56:19.0720 0x101c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:19.0752 0x101c fastfat - ok
19:56:19.0798 0x101c [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
19:56:19.0876 0x101c Fax - ok
19:56:19.0892 0x101c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:19.0923 0x101c fdc - ok
19:56:19.0954 0x101c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:20.0001 0x101c fdPHost - ok
19:56:20.0032 0x101c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:20.0048 0x101c FDResPub - ok
19:56:20.0064 0x101c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:20.0079 0x101c FileInfo - ok
19:56:20.0079 0x101c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:20.0126 0x101c Filetrace - ok
19:56:20.0157 0x101c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:20.0173 0x101c flpydisk - ok
19:56:20.0220 0x101c [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:20.0235 0x101c FltMgr - ok
19:56:20.0282 0x101c [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
19:56:20.0344 0x101c FontCache - ok
19:56:20.0391 0x101c [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:20.0391 0x101c FontCache3.0.0.0 - ok
19:56:20.0407 0x101c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:56:20.0422 0x101c FsDepends - ok
19:56:20.0438 0x101c [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:20.0438 0x101c Fs_Rec - ok
19:56:20.0485 0x101c [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:56:20.0500 0x101c fvevol - ok
19:56:20.0516 0x101c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:56:20.0516 0x101c gagp30kx - ok
19:56:20.0563 0x101c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:56:20.0578 0x101c GEARAspiWDM - ok
19:56:20.0625 0x101c [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:20.0688 0x101c gpsvc - ok
19:56:20.0750 0x101c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:20.0750 0x101c gupdate - ok
19:56:20.0781 0x101c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:20.0781 0x101c gupdatem - ok
19:56:20.0797 0x101c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:56:20.0828 0x101c hcw85cir - ok
19:56:20.0890 0x101c [ 2249B35899312A3AE137B23636B31763, 84E242456CFECB9F198836B818514C011F80F2879C29A1C5A277C1F9B96D3C5A ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
19:56:20.0968 0x101c hcw95bda - ok
19:56:20.0984 0x101c [ 3688D4B84E9F98F70A71D5B4B720940E, 67F6571C9613CED4CD3A9A7123122273C6274E012EB6AD5BE16BBDE458981AAB ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
19:56:21.0015 0x101c hcw95rc - ok
19:56:21.0062 0x101c [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:21.0078 0x101c HDAudBus - ok
19:56:21.0093 0x101c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:56:21.0109 0x101c HidBatt - ok
19:56:21.0124 0x101c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:56:21.0140 0x101c HidBth - ok
19:56:21.0156 0x101c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:56:21.0187 0x101c HidIr - ok
19:56:21.0234 0x101c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:56:21.0280 0x101c hidserv - ok
19:56:21.0312 0x101c [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:21.0358 0x101c HidUsb - ok
19:56:21.0390 0x101c [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:21.0436 0x101c hkmsvc - ok
19:56:21.0483 0x101c [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:21.0546 0x101c HomeGroupListener - ok
19:56:21.0577 0x101c [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:21.0608 0x101c HomeGroupProvider - ok
19:56:21.0655 0x101c [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:56:21.0655 0x101c HpSAMD - ok
19:56:21.0702 0x101c [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:21.0764 0x101c HTTP - ok
19:56:21.0780 0x101c [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:56:21.0795 0x101c hwpolicy - ok
19:56:21.0811 0x101c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:21.0826 0x101c i8042prt - ok
19:56:21.0858 0x101c [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
19:56:21.0889 0x101c iaStorV - ok
19:56:21.0936 0x101c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:56:21.0967 0x101c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:56:24.0868 0x101c Detect skipped due to KSN trusted
19:56:24.0868 0x101c IDriverT - ok
19:56:24.0962 0x101c [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:25.0009 0x101c idsvc - ok
19:56:25.0024 0x101c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:56:25.0040 0x101c iirsp - ok
19:56:25.0071 0x101c [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:25.0134 0x101c IKEEXT - ok
19:56:25.0212 0x101c [ 9526F32B8A76F8DC25A1587400E30084, 9EA361DFAD88B3482863541644C5077B02B331167A20C5FE12420CBC88A3AE3D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:56:25.0290 0x101c IntcAzAudAddService - ok
19:56:25.0305 0x101c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:56:25.0321 0x101c intelide - ok
19:56:25.0336 0x101c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:25.0352 0x101c intelppm - ok
19:56:25.0368 0x101c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:25.0414 0x101c IPBusEnum - ok
19:56:25.0446 0x101c [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:25.0508 0x101c IpFilterDriver - ok
19:56:25.0555 0x101c [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:25.0617 0x101c iphlpsvc - ok
19:56:25.0648 0x101c [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:56:25.0680 0x101c IPMIDRV - ok
19:56:25.0742 0x101c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:56:25.0773 0x101c IPNAT - ok
19:56:25.0820 0x101c [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:56:25.0836 0x101c iPod Service - ok
19:56:25.0867 0x101c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:25.0882 0x101c IRENUM - ok
19:56:25.0882 0x101c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:56:25.0882 0x101c isapnp - ok
19:56:25.0914 0x101c [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:56:25.0929 0x101c iScsiPrt - ok
19:56:25.0960 0x101c [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
19:56:25.0992 0x101c k57nd60a - ok
19:56:26.0007 0x101c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:26.0007 0x101c kbdclass - ok
19:56:26.0038 0x101c [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:26.0070 0x101c kbdhid - ok
19:56:26.0101 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
19:56:26.0101 0x101c KeyIso - ok
19:56:26.0148 0x101c [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:26.0163 0x101c KSecDD - ok
19:56:26.0179 0x101c [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:56:26.0194 0x101c KSecPkg - ok
19:56:26.0194 0x101c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:56:26.0241 0x101c ksthunk - ok
19:56:26.0288 0x101c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:26.0335 0x101c KtmRm - ok
19:56:26.0382 0x101c [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
19:56:26.0460 0x101c LanmanServer - ok
19:56:26.0491 0x101c [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:26.0538 0x101c LanmanWorkstation - ok
19:56:26.0584 0x101c libusb0 - ok
19:56:26.0600 0x101c libusbd - ok
19:56:26.0631 0x101c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:56:26.0631 0x101c lirsgt - ok
19:56:26.0662 0x101c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:26.0694 0x101c lltdio - ok
19:56:26.0725 0x101c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:26.0787 0x101c lltdsvc - ok
19:56:26.0818 0x101c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:26.0865 0x101c lmhosts - ok
19:56:26.0896 0x101c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:56:26.0912 0x101c LSI_FC - ok
19:56:26.0943 0x101c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:56:26.0959 0x101c LSI_SAS - ok
19:56:26.0959 0x101c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:56:26.0974 0x101c LSI_SAS2 - ok
19:56:26.0990 0x101c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:56:27.0006 0x101c LSI_SCSI - ok
19:56:27.0021 0x101c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:27.0084 0x101c luafv - ok
19:56:27.0162 0x101c [ 5D43CC3ECD4F2E733460A6E4AF576128, 96B0EBD1DF2C7C27DE10C009AE14A6C5B7CDF39D103019110597C27F4CB32E85 ] LVcKap64 C:\Windows\system32\DRIVERS\LVcKap64.sys
19:56:27.0193 0x101c LVcKap64 - ok
19:56:27.0318 0x101c [ 2404A511B682BFD8790E663A3E432473, 39984AEFEE7DF92035465D1F0B342B048637B84521C7F7859D4F489CFD861F07 ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
19:56:27.0396 0x101c LVMVDrv - ok
19:56:27.0489 0x101c [ 25F430702E3923F9DFB6B9A4D1DD9C29, 5112751DF03D89C1CCA362F5940FE0F4FC352CBE6F945E51F11D2A6A509BC19C ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
19:56:27.0505 0x101c LVSrvLauncher - ok
19:56:27.0505 0x101c [ 6F9B043FD18C17D7E719382608817C72, 612A2284AAD9E0DB2C9B1E4513B7127D8BA83D4DD0CD7234682D0285782551AD ] LVUSBS64 C:\Windows\system32\DRIVERS\LVUSBS64.sys
19:56:27.0520 0x101c LVUSBS64 - ok
19:56:27.0536 0x101c [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:27.0583 0x101c Mcx2Svc - ok
19:56:27.0614 0x101c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:56:27.0630 0x101c megasas - ok
19:56:27.0661 0x101c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:56:27.0676 0x101c MegaSR - ok
19:56:27.0692 0x101c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:56:27.0754 0x101c MMCSS - ok
19:56:27.0786 0x101c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:56:27.0817 0x101c Modem - ok
19:56:27.0848 0x101c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:27.0864 0x101c monitor - ok
19:56:27.0895 0x101c [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
19:56:27.0910 0x101c MotioninJoyXFilter - ok
19:56:27.0926 0x101c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:27.0942 0x101c mouclass - ok
19:56:27.0973 0x101c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:28.0020 0x101c mouhid - ok
19:56:28.0051 0x101c [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:56:28.0051 0x101c mountmgr - ok
19:56:28.0144 0x101c [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:28.0144 0x101c MozillaMaintenance - ok
19:56:28.0160 0x101c [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:56:28.0176 0x101c mpio - ok
19:56:28.0207 0x101c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:28.0238 0x101c mpsdrv - ok
19:56:28.0269 0x101c [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:28.0332 0x101c MpsSvc - ok
19:56:28.0347 0x101c [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:28.0363 0x101c MRxDAV - ok
19:56:28.0394 0x101c [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:28.0425 0x101c mrxsmb - ok
19:56:28.0441 0x101c [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:28.0503 0x101c mrxsmb10 - ok
19:56:28.0534 0x101c [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:28.0581 0x101c mrxsmb20 - ok
19:56:28.0612 0x101c [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:56:28.0628 0x101c msahci - ok
19:56:28.0644 0x101c [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:56:28.0659 0x101c msdsm - ok
19:56:28.0675 0x101c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:56:28.0722 0x101c MSDTC - ok
19:56:28.0737 0x101c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:28.0768 0x101c Msfs - ok
19:56:28.0784 0x101c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:56:28.0831 0x101c mshidkmdf - ok
19:56:28.0846 0x101c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:56:28.0862 0x101c msisadrv - ok
19:56:28.0878 0x101c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:28.0924 0x101c MSiSCSI - ok
19:56:28.0924 0x101c msiserver - ok
19:56:28.0971 0x101c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:29.0002 0x101c MSKSSRV - ok
19:56:29.0034 0x101c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:29.0096 0x101c MSPCLOCK - ok
19:56:29.0112 0x101c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:29.0158 0x101c MSPQM - ok
19:56:29.0190 0x101c [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:29.0221 0x101c MsRPC - ok
19:56:29.0236 0x101c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:29.0252 0x101c mssmbios - ok
19:56:29.0252 0x101c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:29.0283 0x101c MSTEE - ok
19:56:29.0299 0x101c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:56:29.0330 0x101c MTConfig - ok
19:56:29.0346 0x101c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:29.0361 0x101c Mup - ok
19:56:29.0408 0x101c [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
19:56:29.0470 0x101c napagent - ok
19:56:29.0517 0x101c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:29.0533 0x101c NativeWifiP - ok
19:56:29.0595 0x101c [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:29.0611 0x101c NDIS - ok
19:56:29.0642 0x101c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:29.0689 0x101c NdisCap - ok
19:56:29.0736 0x101c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:29.0782 0x101c NdisTapi - ok
19:56:29.0814 0x101c [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:29.0860 0x101c Ndisuio - ok
19:56:29.0892 0x101c [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:29.0954 0x101c NdisWan - ok
19:56:29.0985 0x101c [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:30.0032 0x101c NDProxy - ok
19:56:30.0079 0x101c [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
19:56:30.0079 0x101c Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
19:56:32.0824 0x101c Detect skipped due to KSN trusted
19:56:32.0824 0x101c Netaapl - ok
19:56:32.0856 0x101c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:32.0902 0x101c NetBIOS - ok
19:56:32.0934 0x101c [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:56:32.0965 0x101c NetBT - ok
19:56:32.0980 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
19:56:32.0980 0x101c Netlogon - ok
19:56:33.0012 0x101c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:56:33.0074 0x101c Netman - ok
19:56:33.0121 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0136 0x101c NetMsmqActivator - ok
19:56:33.0152 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0152 0x101c NetPipeActivator - ok
19:56:33.0183 0x101c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:56:33.0246 0x101c netprofm - ok
19:56:33.0277 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0277 0x101c NetTcpActivator - ok
19:56:33.0292 0x101c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:33.0292 0x101c NetTcpPortSharing - ok
19:56:33.0308 0x101c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:56:33.0324 0x101c nfrd960 - ok
19:56:33.0339 0x101c [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:33.0402 0x101c NlaSvc - ok
19:56:33.0433 0x101c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:33.0480 0x101c Npfs - ok
19:56:33.0511 0x101c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:56:33.0542 0x101c nsi - ok
19:56:33.0542 0x101c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:33.0589 0x101c nsiproxy - ok
19:56:33.0667 0x101c [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:33.0729 0x101c Ntfs - ok
19:56:33.0745 0x101c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:56:33.0792 0x101c Null - ok
19:56:33.0823 0x101c nvlddmkm - ok
19:56:33.0838 0x101c [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
19:56:33.0854 0x101c nvraid - ok
19:56:33.0870 0x101c [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
19:56:33.0870 0x101c nvstor - ok
19:56:33.0901 0x101c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:56:33.0916 0x101c nv_agp - ok
19:56:33.0916 0x101c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:56:33.0932 0x101c ohci1394 - ok
19:56:33.0963 0x101c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:56:34.0041 0x101c p2pimsvc - ok
19:56:34.0057 0x101c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:34.0104 0x101c p2psvc - ok
19:56:34.0119 0x101c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:56:34.0166 0x101c Parport - ok
19:56:34.0213 0x101c [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:34.0228 0x101c partmgr - ok
19:56:34.0260 0x101c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:34.0306 0x101c PcaSvc - ok
19:56:34.0369 0x101c PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
19:56:34.0384 0x101c [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
19:56:34.0384 0x101c pci - ok
19:56:34.0400 0x101c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:56:34.0416 0x101c pciide - ok
19:56:34.0431 0x101c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:56:34.0447 0x101c pcmcia - ok
19:56:34.0462 0x101c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:56:34.0478 0x101c pcw - ok
19:56:34.0494 0x101c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:34.0587 0x101c PEAUTH - ok
19:56:34.0665 0x101c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:56:34.0696 0x101c PerfHost - ok
19:56:34.0759 0x101c [ DD797B8B2B295AFBDCD9F35CF62B5DCC, 1716C0B9F9282BC3D3D07F3C96FD457E8188B6029F0181BECFD32CE59F77FC31 ] PID_0928 C:\Windows\system32\DRIVERS\LV561V64.SYS
19:56:34.0790 0x101c PID_0928 - ok
19:56:34.0837 0x101c [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
19:56:34.0946 0x101c pla - ok
19:56:35.0024 0x101c [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:35.0086 0x101c PlugPlay - ok
19:56:35.0118 0x101c PnkBstrA - ok
19:56:35.0133 0x101c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:56:35.0149 0x101c PNRPAutoReg - ok
19:56:35.0164 0x101c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:56:35.0180 0x101c PNRPsvc - ok
19:56:35.0227 0x101c [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:35.0289 0x101c PolicyAgent - ok
19:56:35.0320 0x101c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:56:35.0383 0x101c Power - ok
19:56:35.0414 0x101c [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:35.0476 0x101c PptpMiniport - ok
19:56:35.0508 0x101c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:56:35.0523 0x101c Processor - ok
19:56:35.0539 0x101c [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:35.0586 0x101c ProfSvc - ok
19:56:35.0586 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:35.0601 0x101c ProtectedStorage - ok
19:56:35.0617 0x101c [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:56:35.0664 0x101c Psched - ok
19:56:35.0695 0x101c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:56:35.0710 0x101c PxHlpa64 - ok
19:56:35.0773 0x101c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:56:35.0851 0x101c ql2300 - ok
19:56:35.0882 0x101c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:56:35.0898 0x101c ql40xx - ok
19:56:35.0944 0x101c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:56:35.0960 0x101c QWAVE - ok
19:56:35.0976 0x101c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:35.0991 0x101c QWAVEdrv - ok
19:56:35.0991 0x101c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:36.0022 0x101c RasAcd - ok
19:56:36.0069 0x101c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:36.0132 0x101c RasAgileVpn - ok
19:56:36.0163 0x101c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:56:36.0210 0x101c RasAuto - ok
19:56:36.0225 0x101c [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:36.0272 0x101c Rasl2tp - ok
19:56:36.0303 0x101c [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
19:56:36.0366 0x101c RasMan - ok
19:56:36.0397 0x101c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:36.0428 0x101c RasPppoe - ok
19:56:36.0459 0x101c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:36.0506 0x101c RasSstp - ok
19:56:36.0537 0x101c [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:36.0584 0x101c rdbss - ok
19:56:36.0600 0x101c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:36.0615 0x101c rdpbus - ok
19:56:36.0631 0x101c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:36.0662 0x101c RDPCDD - ok
19:56:36.0678 0x101c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:36.0709 0x101c RDPENCDD - ok
19:56:36.0709 0x101c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:56:36.0756 0x101c RDPREFMP - ok
19:56:36.0802 0x101c [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:36.0834 0x101c RDPWD - ok
19:56:36.0865 0x101c [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:56:36.0865 0x101c rdyboost - ok
19:56:36.0896 0x101c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:36.0943 0x101c RemoteAccess - ok
19:56:36.0974 0x101c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:37.0021 0x101c RemoteRegistry - ok
19:56:37.0068 0x101c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:56:37.0114 0x101c RpcEptMapper - ok
19:56:37.0146 0x101c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:56:37.0177 0x101c RpcLocator - ok
19:56:37.0208 0x101c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
19:56:37.0255 0x101c RpcSs - ok
19:56:37.0255 0x101c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:37.0302 0x101c rspndr - ok
19:56:37.0333 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
19:56:37.0333 0x101c SamSs - ok
19:56:37.0364 0x101c [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:56:37.0364 0x101c sbp2port - ok
19:56:37.0380 0x101c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:37.0442 0x101c SCardSvr - ok
19:56:37.0473 0x101c [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:56:37.0504 0x101c scfilter - ok
19:56:37.0582 0x101c [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
19:56:37.0660 0x101c Schedule - ok
19:56:37.0676 0x101c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:37.0707 0x101c SCPolicySvc - ok
19:56:37.0723 0x101c [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:37.0770 0x101c SDRSVC - ok
19:56:37.0879 0x101c [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:56:37.0894 0x101c SeaPort - ok
19:56:37.0926 0x101c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] SecDrv C:\Windows\system32\drivers\SECDRV.SYS
19:56:37.0972 0x101c SecDrv - ok
19:56:38.0004 0x101c [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
19:56:38.0066 0x101c seclogon - ok
19:56:38.0097 0x101c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:56:38.0144 0x101c SENS - ok
19:56:38.0160 0x101c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:56:38.0222 0x101c SensrSvc - ok
19:56:38.0222 0x101c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:56:38.0269 0x101c Serenum - ok
19:56:38.0316 0x101c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:56:38.0347 0x101c Serial - ok
19:56:38.0362 0x101c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:56:38.0394 0x101c sermouse - ok
19:56:38.0440 0x101c [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:38.0472 0x101c SessionEnv - ok
19:56:38.0503 0x101c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:56:38.0534 0x101c sffdisk - ok
19:56:38.0565 0x101c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:56:38.0612 0x101c sffp_mmc - ok
19:56:38.0643 0x101c [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:56:38.0659 0x101c sffp_sd - ok
19:56:38.0674 0x101c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:56:38.0706 0x101c sfloppy - ok
19:56:38.0799 0x101c [ 16A5CC62F79A32A974B55110A898945C, 9CCC56C44A1C19418F96CD4B16EAC476DDD5CEAB7CAD9DF2FD062013AE6B2244 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:56:38.0830 0x101c SftService - ok
19:56:38.0877 0x101c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:38.0940 0x101c SharedAccess - ok
19:56:38.0971 0x101c [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:39.0002 0x101c ShellHWDetection - ok
19:56:39.0018 0x101c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:56:39.0033 0x101c SiSRaid2 - ok
19:56:39.0049 0x101c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:56:39.0049 0x101c SiSRaid4 - ok
19:56:39.0220 0x101c [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:56:39.0314 0x101c Skype C2C Service - ok
19:56:39.0376 0x101c [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:39.0376 0x101c SkypeUpdate - ok
19:56:39.0408 0x101c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:39.0439 0x101c Smb - ok
19:56:39.0470 0x101c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:39.0501 0x101c SNMPTRAP - ok
19:56:39.0532 0x101c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:39.0548 0x101c spldr - ok
19:56:39.0610 0x101c [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
19:56:39.0657 0x101c Spooler - ok
19:56:39.0766 0x101c [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
19:56:39.0907 0x101c sppsvc - ok
19:56:39.0938 0x101c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:56:39.0985 0x101c sppuinotify - ok
19:56:40.0047 0x101c [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:40.0110 0x101c srv - ok
19:56:40.0141 0x101c [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:40.0203 0x101c srv2 - ok
19:56:40.0234 0x101c [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:40.0266 0x101c srvnet - ok
19:56:40.0281 0x101c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:40.0312 0x101c SSDPSRV - ok
19:56:40.0328 0x101c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:40.0359 0x101c SstpSvc - ok
19:56:40.0437 0x101c [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:56:40.0468 0x101c Steam Client Service - ok
19:56:40.0484 0x101c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:56:40.0500 0x101c stexstor - ok
19:56:40.0531 0x101c [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:40.0593 0x101c stisvc - ok
19:56:40.0624 0x101c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:56:40.0640 0x101c swenum - ok
19:56:40.0671 0x101c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:56:40.0718 0x101c swprv - ok
19:56:40.0780 0x101c [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
19:56:40.0858 0x101c SysMain - ok
19:56:40.0890 0x101c SystemStoreService - ok
19:56:40.0905 0x101c [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:40.0921 0x101c TabletInputService - ok
19:56:40.0936 0x101c [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
19:56:40.0968 0x101c tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
19:56:43.0698 0x101c Detect skipped due to KSN trusted
19:56:43.0698 0x101c tap0901t - ok
19:56:43.0729 0x101c [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:43.0776 0x101c TapiSrv - ok
19:56:43.0776 0x101c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:56:43.0807 0x101c TBS - ok
19:56:43.0869 0x101c [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:43.0932 0x101c Tcpip - ok
19:56:44.0010 0x101c [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:44.0056 0x101c TCPIP6 - ok
19:56:44.0072 0x101c [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:44.0119 0x101c tcpipreg - ok
19:56:44.0134 0x101c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:44.0212 0x101c TDPIPE - ok
19:56:44.0228 0x101c [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:44.0259 0x101c TDTCP - ok
19:56:44.0275 0x101c [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:44.0306 0x101c tdx - ok
19:56:44.0306 0x101c [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:56:44.0322 0x101c TermDD - ok
19:56:44.0353 0x101c [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
19:56:44.0431 0x101c TermService - ok
19:56:44.0446 0x101c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:56:44.0478 0x101c Themes - ok
19:56:44.0524 0x101c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:44.0556 0x101c THREADORDER - ok
19:56:44.0602 0x101c [ 199C2E87D9A5EC58D0BCD94E893BF629, A3CE21A62BB3D31FEE36E517D7ED7B86E41D4A80F22A51B9821AC57991014DC9 ] TIEHDUSB C:\Windows\system32\DRIVERS\tiehdusb.sys
19:56:44.0649 0x101c TIEHDUSB - ok
19:56:44.0665 0x101c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:56:44.0696 0x101c TrkWks - ok
19:56:44.0743 0x101c [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:44.0774 0x101c TrustedInstaller - ok
19:56:44.0805 0x101c [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:44.0836 0x101c tssecsrv - ok
19:56:44.0868 0x101c [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:44.0899 0x101c tunnel - ok
19:56:44.0977 0x101c [ 97D6177C2DCCDA2BA25F053B3C75D74E, DFB449E51978433F21BD85E42C5012DE64992CC0101FD9FFA6BA418233C6E70A ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
19:56:45.0039 0x101c TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
19:56:47.0769 0x101c Detect skipped due to KSN trusted
19:56:47.0769 0x101c TunngleService - ok
19:56:47.0785 0x101c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:56:47.0800 0x101c uagp35 - ok
19:56:47.0832 0x101c [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:47.0878 0x101c udfs - ok
19:56:47.0910 0x101c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:47.0925 0x101c UI0Detect - ok
19:56:47.0941 0x101c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:56:47.0956 0x101c uliagpkx - ok
19:56:47.0972 0x101c [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:56:48.0019 0x101c umbus - ok
19:56:48.0050 0x101c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:56:48.0081 0x101c UmPass - ok
19:56:48.0112 0x101c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:56:48.0159 0x101c upnphost - ok
19:56:48.0206 0x101c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:56:48.0253 0x101c USBAAPL64 - ok
19:56:48.0268 0x101c [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:48.0284 0x101c usbccgp - ok
19:56:48.0315 0x101c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:56:48.0362 0x101c usbcir - ok
19:56:48.0378 0x101c [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:56:48.0409 0x101c usbehci - ok
19:56:48.0456 0x101c [ 7CC1C95896D60E868AA6DD2DD2F97EAD, 8A6BCA8A8C209EBDC31E8992AA925DDEE469E2E32A30AE1F7E3D1E09B9327DDC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:56:48.0502 0x101c usbhub - ok
19:56:48.0534 0x101c [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:56:48.0549 0x101c usbohci - ok
19:56:48.0596 0x101c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:48.0596 0x101c usbprint - ok
19:56:48.0612 0x101c [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:48.0643 0x101c USBSTOR - ok
19:56:48.0674 0x101c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:48.0705 0x101c usbuhci - ok
19:56:48.0768 0x101c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:56:48.0814 0x101c UxSms - ok
19:56:48.0846 0x101c [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
19:56:48.0861 0x101c VaultSvc - ok
19:56:48.0877 0x101c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:56:48.0877 0x101c vdrvroot - ok
19:56:48.0908 0x101c [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
19:56:48.0939 0x101c vds - ok
19:56:48.0955 0x101c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:48.0970 0x101c vga - ok
19:56:48.0986 0x101c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:49.0033 0x101c VgaSave - ok
19:56:49.0064 0x101c [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:56:49.0080 0x101c vhdmp - ok
19:56:49.0080 0x101c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:56:49.0095 0x101c viaide - ok
19:56:49.0111 0x101c [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:56:49.0126 0x101c volmgr - ok
19:56:49.0142 0x101c [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:49.0158 0x101c volmgrx - ok
19:56:49.0220 0x101c [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:56:49.0236 0x101c volsnap - ok
19:56:49.0251 0x101c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:56:49.0267 0x101c vsmraid - ok
19:56:49.0329 0x101c [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
19:56:49.0407 0x101c VSS - ok
19:56:49.0454 0x101c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:56:49.0485 0x101c vwifibus - ok
19:56:49.0548 0x101c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:56:49.0579 0x101c W32Time - ok
19:56:49.0594 0x101c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:56:49.0626 0x101c WacomPen - ok
19:56:49.0672 0x101c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:56:49.0704 0x101c WANARP - ok
19:56:49.0719 0x101c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:49.0750 0x101c Wanarpv6 - ok
19:56:49.0797 0x101c [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
19:56:49.0922 0x101c wbengine - ok
19:56:49.0938 0x101c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:56:49.0953 0x101c WbioSrvc - ok
19:56:50.0000 0x101c [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:50.0047 0x101c wcncsvc - ok
19:56:50.0062 0x101c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:50.0094 0x101c WcsPlugInService - ok
19:56:50.0094 0x101c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:56:50.0094 0x101c Wd - ok
19:56:50.0156 0x101c [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:50.0187 0x101c Wdf01000 - ok
19:56:50.0203 0x101c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:50.0234 0x101c WdiServiceHost - ok
19:56:50.0250 0x101c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:50.0265 0x101c WdiSystemHost - ok
19:56:50.0281 0x101c [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
19:56:50.0312 0x101c WebClient - ok
19:56:50.0343 0x101c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:50.0390 0x101c Wecsvc - ok
19:56:50.0421 0x101c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:50.0452 0x101c wercplsupport - ok
19:56:50.0468 0x101c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:50.0499 0x101c WerSvc - ok
19:56:50.0515 0x101c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:50.0546 0x101c WfpLwf - ok
19:56:50.0593 0x101c [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:56:50.0608 0x101c WimFltr - ok
19:56:50.0608 0x101c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:56:50.0624 0x101c WIMMount - ok
19:56:50.0624 0x101c WinDefend - ok
19:56:50.0640 0x101c WinHttpAutoProxySvc - ok
19:56:50.0686 0x101c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:50.0718 0x101c Winmgmt - ok
19:56:50.0842 0x101c [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
19:56:50.0842 0x101c WinRing0_1_2_0 - ok
19:56:50.0905 0x101c [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:51.0030 0x101c WinRM - ok
19:56:51.0076 0x101c [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:51.0092 0x101c WinUsb - ok
19:56:51.0123 0x101c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:51.0186 0x101c Wlansvc - ok
19:56:51.0326 0x101c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:51.0420 0x101c wlidsvc - ok
19:56:51.0451 0x101c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:56:51.0466 0x101c WmiAcpi - ok
19:56:51.0529 0x101c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:51.0544 0x101c wmiApSrv - ok
19:56:51.0576 0x101c WMPNetworkSvc - ok
19:56:51.0591 0x101c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:51.0607 0x101c WPCSvc - ok
19:56:51.0622 0x101c [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:51.0638 0x101c WPDBusEnum - ok
19:56:51.0654 0x101c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:51.0685 0x101c ws2ifsl - ok
19:56:51.0716 0x101c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:56:51.0732 0x101c wscsvc - ok
19:56:51.0732 0x101c WSearch - ok
19:56:51.0810 0x101c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:51.0903 0x101c wuauserv - ok
19:56:51.0919 0x101c [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:56:51.0950 0x101c WudfPf - ok
19:56:51.0981 0x101c [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:52.0028 0x101c WUDFRd - ok
19:56:52.0059 0x101c [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:52.0090 0x101c wudfsvc - ok
19:56:52.0122 0x101c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:56:52.0153 0x101c WwanSvc - ok
19:56:52.0184 0x101c [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:56:52.0200 0x101c xusb21 - ok
19:56:52.0215 0x101c ================ Scan global ===============================
19:56:52.0231 0x101c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:56:52.0293 0x101c [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
19:56:52.0309 0x101c [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
19:56:52.0324 0x101c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:56:52.0371 0x101c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:56:52.0387 0x101c [ Global ] - ok
19:56:52.0387 0x101c ================ Scan MBR ==================================
19:56:52.0387 0x101c [ DE1996B5390BAC8242E23168F828C750 ] \Device\Harddisk0\DR0
19:56:52.0387 0x101c Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:56:52.0418 0x101c \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 ( 0 )
19:56:52.0418 0x101c \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
19:56:55.0132 0x101c \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
19:56:55.0132 0x101c \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:56:57.0816 0x101c ================ Scan VBR ==================================
19:56:57.0816 0x101c [ 7BCFCB3DD65651198987D67DED5CFE2A ] \Device\Harddisk0\DR0\Partition1
19:56:57.0816 0x101c \Device\Harddisk0\DR0\Partition1 - ok
19:56:57.0831 0x101c [ 3E1BC4CE00F50D398178CADB64968F3C ] \Device\Harddisk0\DR0\Partition2
19:56:57.0831 0x101c \Device\Harddisk0\DR0\Partition2 - ok
19:56:57.0878 0x101c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
19:56:57.0878 0x101c Win FW state via NFP2: disabled
19:57:00.0561 0x101c ============================================================
19:57:00.0561 0x101c Scan finished
19:57:00.0561 0x101c ============================================================
19:57:00.0561 0x1324 Detected object count: 2
19:57:00.0561 0x1324 Actual detected object count: 2
19:57:13.0993 0x1324 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user
19:57:13.0993 0x1324 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip
19:57:14.0008 0x1324 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:57:14.0008 0x1324 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:58:17.0210 0x1028 Deinitialize success

Alt 20.04.2014, 20:07   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Gut gemacht mit dem Scan!

Zitat:
Zitat von PhilMcDevil Beitrag anzeigen
Firefox benutze ich eigentlich eh nie, also sollte das nicht allzu schlimm sein oder?
Naja, das mag ich jetzt nicht abschließend evaluieren, aber wenn Du damit keine sensiblen Logins machst, ist das schon mal nicht schlecht...

Melde mich wieder...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 21.04.2014, 20:21   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Hi...

Frage: Hast Du Backups von Deinen wichtigen Dateien und Daten?


Lesestoff:
Rootkit-Warnung
Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für Dich?
  • Entscheide bitte ganz bewußt, ob du mit der Bereinigung fortfahren möchtest. Ein einmal derartig kompromittiertes System kann man niemals mit 100%iger Sicherheit wieder absichern. Auch wenn wir gute Chancen haben, Deinen Computer zu bereinigen, kann es dennoch möglich sein, dass uns am Ende nur die Neuinstallation bleibt.
  • Hast Du ansonsten sensible Daten auf Deinem Computer, dann solltest Du auch darüber nachdenken, wie Du damit umgehst, da sie sich praktisch "jeder" ansehen konnte.
Teile mir also mit, ob Du eine Bereinigung versuchen möchtest oder nicht...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 21.04.2014, 21:02   #13
PhilMcDevil
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Back-Ups habe ich leider nicht..
Also wenn ich die Bereinigung weitermache, kann es sein dass ich alles Neu installieren muss ?
Das würde ich zwar gerne verhindern, aber ich möchte auch nicht wirklich den Virus auf dem PC lassen. Also werde ich es mit der Bereinigung versuchen.

Alt 21.04.2014, 21:12   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an





OK!

Zitat:
Also wenn ich die Bereinigung weitermache, kann es sein dass ich alles Neu installieren muss ?
Es ist so gemeint: Entweder Du installierst gleich neu oder Du installierst neu, wenn alle Bereinigungsversuche nicht funktionieren oder was schief geht!

Alles klar?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 21.04.2014, 21:13   #15
PhilMcDevil
 
Antivir zeigt viele laufenden Prozesse als Virus an - Standard

Antivir zeigt viele laufenden Prozesse als Virus an



Achso, in dem Fall will ich erst versuchen den PC zu bereinigen

Antwort

Themen zu Antivir zeigt viele laufenden Prozesse als Virus an
antivir, antivir meldung, compu, computers, direkt nach dem start, hoffe, laufe, laufenden, mehrere prozesse, prozesse, quara, rootkit.win32.tdss.tdl4, scan, schnell, starten., startet, tagen, tdss file system, viren, virus ?, wirklich



Ähnliche Themen: Antivir zeigt viele laufenden Prozesse als Virus an


  1. Zu viele Prozesse
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (10)
  2. Avira zeigt alle laufenden Prozesse als Trojaner an
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (1)
  3. Sehr viele Prozesse (88-92)
    Log-Analyse und Auswertung - 09.11.2013 (5)
  4. Antivir zeigt virus an!
    Plagegeister aller Art und deren Bekämpfung - 03.03.2013 (4)
  5. Internet ist extrem langsam. Antivir zeigt den Virus EXP/2011-3544.DP.1 an.
    Log-Analyse und Auswertung - 30.05.2012 (1)
  6. Zu viele laufende Prozesse
    Plagegeister aller Art und deren Bekämpfung - 08.01.2012 (7)
  7. WinXP Host Datei befallen // Antivir startet nicht // viele unbekannte Prozesse
    Log-Analyse und Auswertung - 29.09.2011 (5)
  8. System langsam, zu viele Prozesse
    Log-Analyse und Auswertung - 24.01.2011 (28)
  9. Zu viele Prozesse. Hijackthis log
    Log-Analyse und Auswertung - 25.10.2010 (3)
  10. Antivir zeigt winlogon,svchost und mehr als virus!
    Plagegeister aller Art und deren Bekämpfung - 10.09.2009 (1)
  11. viele unbekannte neue Prozesse
    Log-Analyse und Auswertung - 18.02.2009 (2)
  12. Zu viele Prozesse?
    Log-Analyse und Auswertung - 27.03.2008 (5)
  13. Zu viele Prozesse?
    Log-Analyse und Auswertung - 13.11.2007 (9)
  14. Antivir Zeigt Virus andere Programme nicht (log prüfen)
    Log-Analyse und Auswertung - 06.07.2006 (5)
  15. AntiVir zeigt ständig Virus an
    Plagegeister aller Art und deren Bekämpfung - 27.09.2005 (10)
  16. PC lahmt / Viele Prozesse im Taskmanager
    Antiviren-, Firewall- und andere Schutzprogramme - 23.06.2005 (4)
  17. Hilfe mein Antivir zeigt mir nen virus
    Log-Analyse und Auswertung - 20.11.2004 (14)

Zum Thema Antivir zeigt viele laufenden Prozesse als Virus an - Hallo ! Seit ein paar Tagen startet Antivir direkt nach dem Start des Computers einen Scan und zeigt mir dann mehrere Prozesse als Viren an. Soweit ich weiß sind einige - Antivir zeigt viele laufenden Prozesse als Virus an...
Archiv
Du betrachtest: Antivir zeigt viele laufenden Prozesse als Virus an auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.