| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste versionWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.06.2014, 19:21
| #16 |
| /// TB-Ausbilder /// Anleitungs-Guru  |  popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Über den Bootmanager versuchen. Einfach F8 drücken während der PC startet...
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
12.06.2014, 20:20
| #17 |
 | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Sorry, ich hatte nicht kapiert, dass es zwei Möglichkeiten waren...
__________________Also ich habe jetzt gebootet und das FRST ausgeführt. Hier das FRST-File: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02 Ran by SYSTEM on MININT-Q6EBOL2 on 12-06-2014 21:13:12 Running from G:\ Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1110096 2011-06-30] (Dritek System Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM-x32\...\Winlogon: [Userinit] userinit.exeC:\Users\Silke\AppData\Roaming\appConf32.exe, [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] () HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] () HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] () AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [266448 2013-05-12] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [214448 2013-05-12] (NVIDIA Corporation) Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter Startup: C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> (No File) ==================== Services (Whitelisted) ================= S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG) S2 FA_MINISCH; C:\Program Files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe [40978 2010-02-26] (Fortinet Inc.) S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG) S4 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments, Inc.) S4 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-17] (National Instruments Corporation) S4 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-17] (National Instruments Corporation) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-11] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-11] (Malwarebytes Corporation) S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2009-06-15] (National Instruments Corporation) S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-17] (National Instruments Corporation) S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2009-06-23] (Macrovision Corporation) S4 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-03] (National Instruments Corporation) S4 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [740968 2009-06-23] (National Instruments Corporation) S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation) S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] ==================== Drivers (Whitelisted) ==================== S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-03] (Avira Operations GmbH & Co. KG) S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG) S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) S3 Fortidrv2; C:\Windows\System32\DRIVERS\fortidrv.sys [28264 2010-01-04] (Fortinet Inc) S2 Fortips; C:\Windows\system32\drivers\fortips.sys [119912 2010-02-26] (Fortinet Inc) S3 ft_vnic; C:\Windows\System32\DRIVERS\ftvnic.sys [16928 2009-02-16] (Fortinet Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-11] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-11] (Malwarebytes Corporation) S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-05-12] (NVIDIA Corporation) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-18] (MCCI Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-12 11:09 - 2014-06-12 11:09 - 02081792 _____ (Farbar) C:\Users\Silke\Downloads\FRST64.exe 2014-06-12 11:05 - 2014-06-12 11:07 - 00000000 ____D () C:\Users\Silke\Desktop\Usb stick 2014-06-12 00:35 - 2014-06-12 00:35 - 00000000 ____D () C:\Users\Silke\AppData\Local\Adobe 2014-06-12 00:25 - 2014-06-12 00:25 - 00000000 ____D () C:\ProgramData\Sun 2014-06-12 00:25 - 2014-06-12 00:25 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-12 00:25 - 2014-06-12 00:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-12 00:25 - 2014-06-12 00:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-12 00:25 - 2014-06-12 00:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-12 00:25 - 2014-06-12 00:24 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-12 00:24 - 2014-06-12 00:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-12 00:23 - 2014-06-12 00:23 - 00918952 _____ (Oracle Corporation) C:\Users\Silke\Downloads\jxpiinstall.exe 2014-06-12 00:20 - 2014-06-12 00:41 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 00:19 - 2014-06-12 11:04 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-12 00:19 - 2014-06-12 10:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-12 00:19 - 2014-06-12 00:28 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-12 00:19 - 2014-06-12 00:28 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-12 00:19 - 2014-06-12 00:19 - 01057176 _____ (Adobe) C:\Users\Silke\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe 2014-06-12 00:07 - 2014-06-12 00:07 - 00448512 _____ (OldTimer Tools) C:\Users\Silke\Desktop\TFC.exe 2014-06-11 00:10 - 2014-06-12 09:02 - 00048256 _____ () C:\Users\Silke\Desktop\Addition.txt 2014-06-11 00:09 - 2014-06-12 09:02 - 00048472 _____ () C:\Users\Silke\Desktop\FRST.txt 2014-06-11 00:09 - 2014-06-11 00:09 - 00000000 ____D () C:\Users\Silke\Desktop\FRST-OlderVersion 2014-06-10 20:15 - 2014-05-30 02:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-06-10 20:15 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-06-10 20:15 - 2014-05-30 02:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-06-10 20:15 - 2014-05-30 01:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-06-10 20:15 - 2014-05-30 01:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-06-10 20:15 - 2014-05-30 01:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-06-10 20:15 - 2014-05-30 01:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-06-10 20:15 - 2014-05-30 01:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-06-10 20:15 - 2014-05-30 01:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-06-10 20:15 - 2014-05-30 01:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-06-10 20:15 - 2014-05-30 01:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-06-10 20:15 - 2014-05-30 01:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-06-10 20:15 - 2014-05-30 01:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-06-10 20:15 - 2014-05-30 01:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-10 20:15 - 2014-05-30 01:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-06-10 20:15 - 2014-05-30 01:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-06-10 20:15 - 2014-05-30 01:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-06-10 20:15 - 2014-05-30 01:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-10 20:15 - 2014-05-30 00:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-06-10 20:15 - 2014-05-30 00:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-06-10 20:15 - 2014-05-30 00:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-06-10 20:15 - 2014-05-30 00:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-10 20:15 - 2014-05-30 00:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-06-10 20:15 - 2014-05-30 00:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-10 20:15 - 2014-05-30 00:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-10 20:15 - 2014-05-30 00:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-10 20:15 - 2014-05-30 00:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-06-10 20:15 - 2014-05-30 00:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-10 20:15 - 2014-05-30 00:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-10 20:15 - 2014-05-30 00:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-10 20:15 - 2014-05-30 00:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-06-10 20:15 - 2014-05-30 00:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-10 20:15 - 2014-05-30 00:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-10 20:15 - 2014-05-30 00:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-06-10 20:15 - 2014-05-30 00:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-06-10 20:15 - 2014-05-30 00:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-10 20:15 - 2014-05-30 00:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-10 20:15 - 2014-05-30 00:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-10 20:15 - 2014-05-30 00:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-10 20:15 - 2014-05-30 00:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-10 20:15 - 2014-05-29 23:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-10 20:15 - 2014-05-29 23:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-06-10 20:15 - 2014-05-29 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-10 20:15 - 2014-05-29 23:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-10 20:15 - 2014-05-29 23:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-10 20:15 - 2014-05-29 23:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-06-10 20:15 - 2014-05-29 23:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-10 20:15 - 2014-05-29 23:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-06-10 20:15 - 2014-05-29 23:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-10 20:15 - 2014-05-29 23:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-10 20:15 - 2014-05-29 23:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-06-10 20:15 - 2014-05-29 23:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-10 20:14 - 2014-06-08 01:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-06-10 20:14 - 2014-06-08 01:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-06-10 20:14 - 2014-04-24 18:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll 2014-06-10 20:14 - 2014-04-24 18:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-10 20:14 - 2014-04-04 18:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2014-06-10 20:14 - 2014-04-04 18:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS 2014-06-10 20:14 - 2014-03-26 06:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2014-06-10 20:14 - 2014-03-26 06:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2014-06-10 20:14 - 2014-03-26 06:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll 2014-06-10 20:14 - 2014-03-26 06:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll 2014-06-10 20:14 - 2014-03-26 06:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-10 20:14 - 2014-03-26 06:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-10 20:14 - 2014-03-26 06:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-10 20:14 - 2014-03-26 06:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-10 13:10 - 2014-06-10 13:10 - 02347384 _____ (ESET) C:\Users\Silke\Desktop\esetsmartinstaller_deu.exe 2014-06-10 13:10 - 2014-06-10 13:10 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-10 12:40 - 2014-06-12 11:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2014-06-10 12:40 - 2014-06-10 12:40 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-10 12:40 - 2014-06-10 12:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 12:40 - 2014-06-10 12:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-10 12:40 - 2014-05-11 21:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys 2014-06-10 12:40 - 2014-05-11 21:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys 2014-06-10 12:40 - 2014-05-11 21:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2014-06-10 12:38 - 2014-06-10 12:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Silke\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-10 12:28 - 2014-06-10 12:34 - 00000000 ____D () C:\AdwCleaner 2014-06-10 12:28 - 2010-08-29 22:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-10 12:22 - 2014-06-10 12:22 - 01333465 _____ () C:\Users\Silke\Desktop\adwcleaner_3.212.exe 2014-06-10 09:44 - 2014-06-10 11:28 - 00042027 _____ () C:\Users\Silke\Downloads\Addition.txt 2014-06-10 09:43 - 2014-06-12 21:13 - 00000000 ____D () C:\FRST 2014-06-10 09:43 - 2014-06-10 11:28 - 00035545 _____ () C:\Users\Silke\Downloads\FRST.txt 2014-06-10 09:42 - 2014-06-11 00:09 - 02081792 _____ (Farbar) C:\Users\Silke\Desktop\FRST64.exe 2014-06-02 10:22 - 2014-06-02 10:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieUserList 2014-06-02 10:22 - 2014-06-02 10:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieSiteList 2014-05-14 11:04 - 2014-03-24 18:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2014-05-14 11:04 - 2014-03-24 18:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 10:54 - 2014-04-11 18:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2014-05-14 10:54 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2014-05-14 10:54 - 2014-04-11 18:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2014-05-14 10:54 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2014-05-14 10:54 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe 2014-05-14 10:54 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll 2014-05-14 10:54 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll 2014-05-14 10:54 - 2014-04-11 18:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 10:54 - 2014-04-11 18:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 10:54 - 2014-03-04 01:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2014-05-14 10:54 - 2014-03-04 01:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll 2014-05-14 10:54 - 2014-03-04 01:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\System32\objsel.dll 2014-05-14 10:54 - 2014-03-04 01:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2014-05-14 10:54 - 2014-03-04 01:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2014-05-14 10:54 - 2014-03-04 01:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll 2014-05-14 10:54 - 2014-03-04 01:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll 2014-05-14 10:54 - 2014-03-04 01:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2014-05-14 10:54 - 2014-03-04 01:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\wincredprovider.dll 2014-05-14 10:54 - 2014-03-04 01:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe 2014-05-14 10:54 - 2014-03-04 01:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\cngprovider.dll 2014-05-14 10:54 - 2014-03-04 01:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\adprovider.dll 2014-05-14 10:54 - 2014-03-04 01:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\capiprovider.dll 2014-05-14 10:54 - 2014-03-04 01:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\dpapiprovider.dll 2014-05-14 10:54 - 2014-03-04 01:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\dimsroam.dll 2014-05-14 10:54 - 2014-03-04 01:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2014-05-14 10:54 - 2014-03-04 01:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 10:54 - 2014-03-04 01:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 10:54 - 2014-03-04 01:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 10:54 - 2014-03-04 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 10:54 - 2014-03-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-14 10:23 - 2014-06-12 11:04 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\DropboxMaster ==================== One Month Modified Files and Folders ======= 2014-06-12 21:13 - 2014-06-10 09:43 - 00000000 ____D () C:\FRST 2014-06-12 11:10 - 2013-05-22 08:07 - 00000000 ___RD () C:\Users\Silke\Dropbox 2014-06-12 11:10 - 2012-03-12 07:29 - 01483234 _____ () C:\Windows\WindowsUpdate.log 2014-06-12 11:10 - 2009-07-13 20:45 - 00016752 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-12 11:10 - 2009-07-13 20:45 - 00016752 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-12 11:09 - 2014-06-12 11:09 - 02081792 _____ (Farbar) C:\Users\Silke\Downloads\FRST64.exe 2014-06-12 11:09 - 2012-05-12 19:42 - 00000000 ____D () C:\Users\Silke\AppData\Local\Temp 2014-06-12 11:09 - 2012-03-12 16:23 - 00700134 _____ () C:\Windows\System32\perfh007.dat 2014-06-12 11:09 - 2012-03-12 16:23 - 00149984 _____ () C:\Windows\System32\perfc007.dat 2014-06-12 11:09 - 2009-07-13 21:13 - 01622236 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-06-12 11:07 - 2014-06-12 11:05 - 00000000 ____D () C:\Users\Silke\Desktop\Usb stick 2014-06-12 11:05 - 2014-06-10 12:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2014-06-12 11:04 - 2014-06-12 00:19 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-12 11:04 - 2014-05-14 10:23 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\DropboxMaster 2014-06-12 11:04 - 2013-05-22 08:05 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\Dropbox 2014-06-12 11:04 - 2013-03-26 11:01 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize.job 2014-06-12 11:04 - 2012-05-24 09:46 - 00055594 _____ () C:\Windows\setupact.log 2014-06-12 11:04 - 2012-03-12 07:35 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-12 11:04 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-12 10:33 - 2014-06-12 00:19 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-12 10:00 - 2012-05-12 13:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-12 09:02 - 2014-06-11 00:10 - 00048256 _____ () C:\Users\Silke\Desktop\Addition.txt 2014-06-12 09:02 - 2014-06-11 00:09 - 00048472 _____ () C:\Users\Silke\Desktop\FRST.txt 2014-06-12 01:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 00:41 - 2014-06-12 00:20 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 00:35 - 2014-06-12 00:35 - 00000000 ____D () C:\Users\Silke\AppData\Local\Adobe 2014-06-12 00:28 - 2014-06-12 00:19 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-12 00:28 - 2014-06-12 00:19 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-12 00:25 - 2014-06-12 00:25 - 00000000 ____D () C:\ProgramData\Sun 2014-06-12 00:25 - 2014-06-12 00:25 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-12 00:24 - 2014-06-12 00:25 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-12 00:24 - 2014-06-12 00:25 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-12 00:24 - 2014-06-12 00:25 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-12 00:24 - 2014-06-12 00:25 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-12 00:24 - 2014-06-12 00:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-12 00:23 - 2014-06-12 00:23 - 00918952 _____ (Oracle Corporation) C:\Users\Silke\Downloads\jxpiinstall.exe 2014-06-12 00:22 - 2012-05-12 13:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-12 00:22 - 2012-05-12 13:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-12 00:22 - 2011-11-08 04:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-12 00:20 - 2013-04-11 04:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-12 00:19 - 2014-06-12 00:19 - 01057176 _____ (Adobe) C:\Users\Silke\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe 2014-06-12 00:07 - 2014-06-12 00:07 - 00448512 _____ (OldTimer Tools) C:\Users\Silke\Desktop\TFC.exe 2014-06-12 00:05 - 2012-05-12 19:42 - 00000000 ____D () C:\users\Silke 2014-06-11 23:44 - 2012-09-21 08:43 - 00275566 _____ () C:\Windows\PFRO.log 2014-06-11 13:27 - 2013-07-15 00:35 - 00000000 ____D () C:\Windows\System32\MRT 2014-06-11 13:26 - 2012-05-12 13:15 - 95414520 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-06-11 13:24 - 2014-05-07 17:00 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-06-11 09:06 - 2013-06-16 10:09 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Temp 2014-06-11 00:09 - 2014-06-11 00:09 - 00000000 ____D () C:\Users\Silke\Desktop\FRST-OlderVersion 2014-06-11 00:09 - 2014-06-10 09:42 - 02081792 _____ (Farbar) C:\Users\Silke\Desktop\FRST64.exe 2014-06-10 13:10 - 2014-06-10 13:10 - 02347384 _____ (ESET) C:\Users\Silke\Desktop\esetsmartinstaller_deu.exe 2014-06-10 13:10 - 2014-06-10 13:10 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-10 12:59 - 2011-11-08 04:03 - 00000000 ____D () C:\Windows\oem 2014-06-10 12:40 - 2014-06-10 12:40 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-10 12:40 - 2014-06-10 12:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 12:40 - 2014-06-10 12:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-10 12:38 - 2014-06-10 12:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Silke\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-10 12:34 - 2014-06-10 12:28 - 00000000 ____D () C:\AdwCleaner 2014-06-10 12:34 - 2012-05-12 12:48 - 00000969 _____ () C:\Users\Silke\Desktop\Internet Explorer.lnk 2014-06-10 12:22 - 2014-06-10 12:22 - 01333465 _____ () C:\Users\Silke\Desktop\adwcleaner_3.212.exe 2014-06-10 11:28 - 2014-06-10 09:44 - 00042027 _____ () C:\Users\Silke\Downloads\Addition.txt 2014-06-10 11:28 - 2014-06-10 09:43 - 00035545 _____ () C:\Users\Silke\Downloads\FRST.txt 2014-06-10 09:06 - 2013-07-26 14:02 - 00000047 _____ () C:\Users\Silke\AppData\Roaming\WB.CFG 2014-06-08 01:13 - 2014-06-10 20:14 - 00506368 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-06-08 01:08 - 2014-06-10 20:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-06-03 04:25 - 2013-03-26 11:36 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys 2014-06-03 04:25 - 2013-03-26 11:36 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys 2014-06-02 10:22 - 2014-06-02 10:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieUserList 2014-06-02 10:22 - 2014-06-02 10:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieSiteList 2014-05-30 02:21 - 2014-06-10 20:15 - 23414784 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-05-30 02:02 - 2014-06-10 20:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-05-30 02:02 - 2014-06-10 20:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-05-30 01:45 - 2014-06-10 20:15 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-05-30 01:39 - 2014-06-10 20:15 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-05-30 01:39 - 2014-06-10 20:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-05-30 01:38 - 2014-06-10 20:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-05-30 01:28 - 2014-06-10 20:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-05-30 01:27 - 2014-06-10 20:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-05-30 01:24 - 2014-06-10 20:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-05-30 01:21 - 2014-06-10 20:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-05-30 01:21 - 2014-06-10 20:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-05-30 01:20 - 2014-06-10 20:15 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-05-30 01:18 - 2014-06-10 20:15 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 01:11 - 2014-06-10 20:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-05-30 01:08 - 2014-06-10 20:15 - 05782528 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-05-30 01:06 - 2014-06-10 20:15 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-05-30 01:02 - 2014-06-10 20:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 00:55 - 2014-06-10 20:15 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-05-30 00:49 - 2014-06-10 20:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-05-30 00:46 - 2014-06-10 20:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-05-30 00:44 - 2014-06-10 20:15 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 00:44 - 2014-06-10 20:15 - 00295424 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-05-30 00:43 - 2014-06-10 20:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 00:42 - 2014-06-10 20:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 00:38 - 2014-06-10 20:15 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 00:35 - 2014-06-10 20:15 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-05-30 00:34 - 2014-06-10 20:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 00:33 - 2014-06-10 20:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 00:30 - 2014-06-10 20:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 00:29 - 2014-06-10 20:15 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-05-30 00:28 - 2014-06-10 20:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 00:27 - 2014-06-10 20:15 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 00:24 - 2014-06-10 20:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-05-30 00:23 - 2014-06-10 20:15 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-05-30 00:16 - 2014-06-10 20:15 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 00:10 - 2014-06-10 20:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 00:06 - 2014-06-10 20:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 00:04 - 2014-06-10 20:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 00:02 - 2014-06-10 20:15 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-29 23:56 - 2014-06-10 20:15 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-29 23:56 - 2014-06-10 20:15 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-05-29 23:54 - 2014-06-10 20:15 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-29 23:50 - 2014-06-10 20:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-29 23:49 - 2014-06-10 20:15 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-29 23:43 - 2014-06-10 20:15 - 13522944 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-05-29 23:40 - 2014-06-10 20:15 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-29 23:30 - 2014-06-10 20:15 - 01398272 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-05-29 23:21 - 2014-06-10 20:15 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-29 23:15 - 2014-06-10 20:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-29 23:13 - 2014-06-10 20:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-05-29 23:13 - 2014-06-10 20:15 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-29 14:13 - 2013-05-22 08:07 - 00001021 _____ () C:\Users\Silke\Desktop\Dropbox.lnk 2014-05-14 12:00 - 2014-05-04 02:31 - 00000000 ____D () C:\Users\Silke\Desktop\Bachelorarbeit Some content of TEMP: ==================== C:\Users\Silke\AppData\Local\Temp\avgnt.exe C:\Users\Silke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvrvsfy.dll ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-05-20 11:31:48 Restore point made on: 2014-05-26 09:32:50 Restore point made on: 2014-05-31 00:55:37 Restore point made on: 2014-06-03 07:37:21 Restore point made on: 2014-06-10 10:48:51 Restore point made on: 2014-06-10 12:21:22 Restore point made on: 2014-06-10 20:11:37 Restore point made on: 2014-06-11 13:24:41 Restore point made on: 2014-06-12 00:24:45 ==================== Memory info =========================== Percentage of memory in use: 11% Total physical RAM: 8043.86 MB Available physical RAM: 7142.77 MB Total Pagefile: 8042.06 MB Available Pagefile: 7128.73 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:380.57 GB) NTFS Drive e: (PQSERVICE) (Fixed) (Total:13 GB) (Free:2.09 GB) NTFS Drive g: (INTENSO) (Removable) (Total:29.8 GB) (Free:29.8 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 67D5AB18) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 30 GB) (Disk ID: 00000000) Partition: GPT Partition Type. LastRegBack: 2014-06-10 10:41 ==================== End Of Log ============================ |
|
12.06.2014, 20:32
| #18 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Kein Problem! Das ist ja auch alles nicht so einfach...
__________________ Schritt 1   Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter HKLM-x32\...\Winlogon: [Userinit] userinit.exeC:\Users\Silke\AppData\Roaming\appConf32.exe, [X]
Schritt 2 PC wieder normal starten.  Bitte starte FRST erneut und drücke auf Scan. Bitte poste mir den Inhalt der FRST.txt.
__________________ |
|
12.06.2014, 20:49
| #19 |
| | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Hier das Fixlog vom USB-Stick: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 02
Ran by SYSTEM at 2014-06-12 21:42:32 Run:3
Running from G:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Winlogon: [Userinit] userinit.exeC:\Users\Silke\AppData\Roaming\appConf32.exe, [X]
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
==== End of Fixlog ====
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 Ran by Silke (administrator) on SILKE-PC on 12-06-2014 21:46:50 Running from C:\Users\Silke\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient VPN\FCCOMInt.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Dropbox, Inc.) C:\Users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1110096 2011-07-01] (Dritek System Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM-x32\...\Winlogon: [Userinit] userinit.exeC:\Users\Silke\AppData\Roaming\appConf32.exe, [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2032327208-3002283268-2618255439-1001\...\MountPoints2: {2969a6c8-60ab-11e2-83b6-047d7b793213} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2032327208-3002283268-2618255439-1001\...\MountPoints2: {a3613327-dda3-11e2-be74-00090ffe0001} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2032327208-3002283268-2618255439-1008\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] () AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [266448 2013-05-12] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [214448 2013-05-12] (NVIDIA Corporation) Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter Startup: C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {2E270E13-59CA-4E3F-907A-713010237A2A} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {39E6BC6C-ED11-4E21-B42C-0F2CB3E9E4C3} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie SearchScopes: HKCU - {BF6FFF60-F055-4EA7-8E54-7FB091694675} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {F9F0CE95-774E-474B-AFBB-E7BED31FBB9E} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Silke\AppData\Roaming\Mozilla\Firefox\Profiles\kqknjv4p.default FF NewTab: chrome://quick_start/content/index.html FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Fast Start - C:\Users\Silke\AppData\Roaming\Mozilla\Firefox\Profiles\kqknjv4p.default\Extensions\faststartff@gmail.com [2014-06-12] FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Google Docs) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-22] CHR Extension: (Google Drive) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-22] CHR Extension: (YouTube) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-22] CHR Extension: (Google-Suche) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-22] CHR Extension: (Google Wallet) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12] CHR Extension: (Google Mail) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-22] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG) R2 FA_MINISCH; C:\Program Files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe [40978 2010-02-26] (Fortinet Inc.) [File not signed] S4 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed] S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG) S4 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments, Inc.) S4 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-18] (National Instruments Corporation) S4 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-18] (National Instruments Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2009-06-15] (National Instruments Corporation) S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-18] (National Instruments Corporation) S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2009-06-23] (Macrovision Corporation) [File not signed] S4 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-04] (National Instruments Corporation) S4 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [740968 2009-06-23] (National Instruments Corporation) S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation) S4 OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [98304 2009-06-03] (OPC Foundation) [File not signed] S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [File not signed] S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) R3 Fortidrv2; C:\Windows\System32\DRIVERS\fortidrv.sys [28264 2010-01-04] (Fortinet Inc) R2 Fortips; C:\Windows\system32\drivers\fortips.sys [119912 2010-02-26] (Fortinet Inc) R3 ft_vnic; C:\Windows\System32\DRIVERS\ftvnic.sys [16928 2009-02-16] (Fortinet Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-12] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-05-12] (NVIDIA Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-12 21:09 - 2014-06-12 21:09 - 02081792 _____ (Farbar) C:\Users\Silke\Downloads\FRST64.exe 2014-06-12 21:05 - 2014-06-12 21:07 - 00000000 ____D () C:\Users\Silke\Desktop\Usb stick 2014-06-12 10:35 - 2014-06-12 10:35 - 00000000 ____D () C:\Users\Silke\AppData\Local\Adobe 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Sun 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-12 10:25 - 2014-06-12 10:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-12 10:25 - 2014-06-12 10:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-12 10:25 - 2014-06-12 10:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-12 10:25 - 2014-06-12 10:24 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-12 10:24 - 2014-06-12 10:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-12 10:23 - 2014-06-12 10:23 - 00918952 _____ (Oracle Corporation) C:\Users\Silke\Downloads\jxpiinstall.exe 2014-06-12 10:20 - 2014-06-12 10:41 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 10:20 - 2014-06-12 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-12 10:19 - 2014-06-12 21:43 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-12 10:19 - 2014-06-12 21:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-12 10:19 - 2014-06-12 10:28 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-12 10:19 - 2014-06-12 10:28 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-12 10:19 - 2014-06-12 10:19 - 01057176 _____ (Adobe) C:\Users\Silke\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe 2014-06-12 10:07 - 2014-06-12 10:07 - 00448512 _____ (OldTimer Tools) C:\Users\Silke\Desktop\TFC.exe 2014-06-11 10:10 - 2014-06-12 19:02 - 00048256 _____ () C:\Users\Silke\Desktop\Addition.txt 2014-06-11 10:09 - 2014-06-12 21:46 - 00016703 _____ () C:\Users\Silke\Desktop\FRST.txt 2014-06-11 10:09 - 2014-06-11 10:09 - 00000000 ____D () C:\Users\Silke\Desktop\FRST-OlderVersion 2014-06-11 06:15 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 06:15 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 06:15 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 06:15 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 06:15 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 06:15 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 06:15 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 06:15 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 06:15 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 06:15 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 06:15 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 06:15 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 06:15 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 06:15 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 06:15 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 06:15 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 06:15 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 06:15 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 06:15 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 06:15 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 06:15 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 06:15 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 06:15 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 06:15 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 06:15 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 06:15 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 06:15 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 06:15 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 06:15 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 06:15 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 06:15 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 06:15 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 06:15 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 06:15 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 06:15 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 06:15 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 06:15 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 06:15 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 06:15 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 06:15 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 06:15 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 06:15 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 06:15 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 06:15 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 06:15 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 06:15 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 06:15 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 06:15 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 06:15 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 06:15 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 06:15 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 06:15 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 06:14 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-11 06:14 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-11 06:14 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 06:14 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 06:14 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 06:14 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 06:14 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 06:14 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 06:14 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 06:14 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 06:14 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 06:14 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 06:14 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 06:14 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-10 23:10 - 2014-06-10 23:10 - 02347384 _____ (ESET) C:\Users\Silke\Desktop\esetsmartinstaller_deu.exe 2014-06-10 23:10 - 2014-06-10 23:10 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-10 22:40 - 2014-06-12 21:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-10 22:40 - 2014-06-10 22:40 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-10 22:40 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-10 22:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-10 22:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-10 22:38 - 2014-06-10 22:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Silke\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-10 22:28 - 2014-06-10 22:34 - 00000000 ____D () C:\AdwCleaner 2014-06-10 22:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-10 22:22 - 2014-06-10 22:22 - 01333465 _____ () C:\Users\Silke\Desktop\adwcleaner_3.212.exe 2014-06-10 19:44 - 2014-06-10 21:28 - 00042027 _____ () C:\Users\Silke\Downloads\Addition.txt 2014-06-10 19:43 - 2014-06-12 21:46 - 00000000 ____D () C:\FRST 2014-06-10 19:43 - 2014-06-10 21:28 - 00035545 _____ () C:\Users\Silke\Downloads\FRST.txt 2014-06-10 19:42 - 2014-06-11 10:09 - 02081792 _____ (Farbar) C:\Users\Silke\Desktop\FRST64.exe 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieUserList 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieSiteList 2014-05-14 21:04 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 21:04 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 20:54 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 20:54 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 20:54 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 20:54 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 20:54 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 20:54 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 20:54 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 20:54 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 20:54 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 20:54 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 20:54 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 20:54 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 20:54 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 20:54 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 20:54 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 20:54 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-14 20:23 - 2014-06-12 21:44 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\DropboxMaster ==================== One Month Modified Files and Folders ======= 2014-06-12 21:47 - 2014-06-11 10:09 - 00016703 _____ () C:\Users\Silke\Desktop\FRST.txt 2014-06-12 21:46 - 2014-06-10 22:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-12 21:46 - 2014-06-10 19:43 - 00000000 ____D () C:\FRST 2014-06-12 21:46 - 2012-05-13 05:42 - 00000000 ____D () C:\Users\Silke\AppData\Local\Temp 2014-06-12 21:45 - 2013-05-22 18:05 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\Dropbox 2014-06-12 21:44 - 2014-05-14 20:23 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\DropboxMaster 2014-06-12 21:44 - 2013-05-22 18:07 - 00000000 ___RD () C:\Users\Silke\Dropbox 2014-06-12 21:43 - 2014-06-12 10:19 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-12 21:43 - 2013-03-26 21:01 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize.job 2014-06-12 21:43 - 2012-05-24 19:46 - 00055706 _____ () C:\Windows\setupact.log 2014-06-12 21:43 - 2012-03-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-12 21:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-12 21:39 - 2012-03-12 17:29 - 01490211 _____ () C:\Windows\WindowsUpdate.log 2014-06-12 21:33 - 2014-06-12 10:19 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-12 21:24 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-12 21:24 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-12 21:21 - 2012-03-13 02:23 - 00700134 _____ () C:\Windows\system32\perfh007.dat 2014-06-12 21:21 - 2012-03-13 02:23 - 00149984 _____ () C:\Windows\system32\perfc007.dat 2014-06-12 21:21 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-12 21:09 - 2014-06-12 21:09 - 02081792 _____ (Farbar) C:\Users\Silke\Downloads\FRST64.exe 2014-06-12 21:07 - 2014-06-12 21:05 - 00000000 ____D () C:\Users\Silke\Desktop\Usb stick 2014-06-12 20:00 - 2012-05-12 23:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-12 19:02 - 2014-06-11 10:10 - 00048256 _____ () C:\Users\Silke\Desktop\Addition.txt 2014-06-12 11:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 10:41 - 2014-06-12 10:20 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 10:35 - 2014-06-12 10:35 - 00000000 ____D () C:\Users\Silke\AppData\Local\Adobe 2014-06-12 10:28 - 2014-06-12 10:19 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-12 10:28 - 2014-06-12 10:19 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Sun 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-12 10:24 - 2014-06-12 10:25 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-12 10:24 - 2014-06-12 10:25 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-12 10:24 - 2014-06-12 10:25 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-12 10:24 - 2014-06-12 10:25 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-12 10:24 - 2014-06-12 10:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-12 10:23 - 2014-06-12 10:23 - 00918952 _____ (Oracle Corporation) C:\Users\Silke\Downloads\jxpiinstall.exe 2014-06-12 10:22 - 2012-05-12 23:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-12 10:22 - 2012-05-12 23:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-12 10:22 - 2011-11-08 14:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-12 10:20 - 2014-06-12 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-12 10:20 - 2013-04-11 14:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-12 10:19 - 2014-06-12 10:19 - 01057176 _____ (Adobe) C:\Users\Silke\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe 2014-06-12 10:07 - 2014-06-12 10:07 - 00448512 _____ (OldTimer Tools) C:\Users\Silke\Desktop\TFC.exe 2014-06-12 10:05 - 2012-05-13 05:42 - 00000000 ____D () C:\Users\Silke 2014-06-12 09:44 - 2012-09-21 18:43 - 00275566 _____ () C:\Windows\PFRO.log 2014-06-11 23:27 - 2013-07-15 10:35 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 23:26 - 2012-05-12 23:15 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 23:24 - 2014-05-08 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-11 19:06 - 2013-06-16 20:09 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Temp 2014-06-11 10:09 - 2014-06-11 10:09 - 00000000 ____D () C:\Users\Silke\Desktop\FRST-OlderVersion 2014-06-11 10:09 - 2014-06-10 19:42 - 02081792 _____ (Farbar) C:\Users\Silke\Desktop\FRST64.exe 2014-06-10 23:10 - 2014-06-10 23:10 - 02347384 _____ (ESET) C:\Users\Silke\Desktop\esetsmartinstaller_deu.exe 2014-06-10 23:10 - 2014-06-10 23:10 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-10 22:59 - 2011-11-08 14:03 - 00000000 ____D () C:\Windows\oem 2014-06-10 22:40 - 2014-06-10 22:40 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-10 22:38 - 2014-06-10 22:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Silke\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-10 22:34 - 2014-06-10 22:28 - 00000000 ____D () C:\AdwCleaner 2014-06-10 22:34 - 2012-05-12 22:48 - 00000969 _____ () C:\Users\Silke\Desktop\Internet Explorer.lnk 2014-06-10 22:34 - 2012-05-12 22:46 - 00000999 _____ () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-10 22:22 - 2014-06-10 22:22 - 01333465 _____ () C:\Users\Silke\Desktop\adwcleaner_3.212.exe 2014-06-10 21:28 - 2014-06-10 19:44 - 00042027 _____ () C:\Users\Silke\Downloads\Addition.txt 2014-06-10 21:28 - 2014-06-10 19:43 - 00035545 _____ () C:\Users\Silke\Downloads\FRST.txt 2014-06-10 19:06 - 2013-07-27 00:02 - 00000047 _____ () C:\Users\Silke\AppData\Roaming\WB.CFG 2014-06-08 11:13 - 2014-06-11 06:14 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-11 06:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-03 14:25 - 2013-03-26 21:36 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-03 14:25 - 2013-03-26 21:36 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieUserList 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieSiteList 2014-05-30 12:21 - 2014-06-11 06:15 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-11 06:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-11 06:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-11 06:15 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-11 06:15 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-11 06:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-11 06:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-11 06:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-11 06:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-11 06:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-11 06:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-11 06:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-11 06:15 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-11 06:15 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-11 06:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-11 06:15 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-11 06:15 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-11 06:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-11 06:15 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-11 06:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-11 06:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-11 06:15 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-11 06:15 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-11 06:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-11 06:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-11 06:15 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-11 06:15 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-11 06:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-11 06:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-11 06:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-11 06:15 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-11 06:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-11 06:15 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-11 06:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-11 06:15 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-11 06:15 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-11 06:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-11 06:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-11 06:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-11 06:15 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-11 06:15 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-11 06:15 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-11 06:15 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-11 06:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-11 06:15 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-11 06:15 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-11 06:15 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-11 06:15 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-11 06:15 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-11 06:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-11 06:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-11 06:15 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-30 00:14 - 2012-05-12 22:46 - 00000000 ___RD () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-30 00:13 - 2013-05-22 18:07 - 00001021 _____ () C:\Users\Silke\Desktop\Dropbox.lnk 2014-05-30 00:13 - 2013-05-22 18:06 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-18 22:12 - 2012-05-12 22:46 - 00000000 ___RD () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-14 22:00 - 2014-05-04 12:31 - 00000000 ____D () C:\Users\Silke\Desktop\Bachelorarbeit 2014-05-14 20:25 - 2011-11-08 14:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk Some content of TEMP: ==================== C:\Users\Silke\AppData\Local\Temp\avgnt.exe C:\Users\Silke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjjlytq.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-10 20:41 ==================== End Of Log ============================ |
|
12.06.2014, 21:05
| #20 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Hast Du prima gemacht!  Allerdings gefällt mir das Log noch nicht... Daher melde ich mich wieder (morgen erst) mit weiteren Anweisungen... 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
13.06.2014, 09:41
| #21 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version OK, dann machen wir so weiter... Scan mit Combofix
__________________ --> popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version |
|
13.06.2014, 10:23
| #22 |
| | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Okay, das habe ich jetzt gemacht. Es gab keine Meckereien. Nur habe ich auch die zu erwartende Fehlermeldung: "Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde." nicht erhalten. Hier das Log-File: Code:
ATTFilter ComboFix 14-06-12.01 - Silke 13.06.2014 11:01:29.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8044.6042 [GMT 2:00]
ausgeführt von:: c:\users\Silke\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-05-13 bis 2014-06-13 ))))))))))))))))))))))))))))))
.
.
2014-06-13 08:55 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76520E1D-4EE8-4E5C-94CE-0D028D77A739}\mpengine.dll
2014-06-12 08:35 . 2014-06-12 08:35 -------- d-----w- c:\users\Silke\AppData\Local\Adobe
2014-06-12 08:25 . 2014-06-12 08:25 -------- d-----w- c:\programdata\Oracle
2014-06-12 08:25 . 2014-06-12 08:25 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-06-12 08:25 . 2014-06-12 08:24 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-12 08:24 . 2014-06-12 08:24 -------- d-----w- c:\program files (x86)\Java
2014-06-11 04:14 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-06-10 21:10 . 2014-06-10 21:10 -------- d-----w- c:\program files (x86)\ESET
2014-06-10 20:40 . 2014-06-13 08:52 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-10 20:40 . 2014-06-10 20:40 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-06-10 20:40 . 2014-06-10 20:40 -------- d-----w- c:\programdata\Malwarebytes
2014-06-10 20:40 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-10 20:40 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-10 20:40 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-10 20:28 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-10 20:28 . 2014-06-10 20:34 -------- d-----w- C:\AdwCleaner
2014-06-10 17:43 . 2014-06-12 19:47 -------- d-----w- C:\FRST
2014-06-02 18:22 . 2014-06-02 18:22 -------- d-sh--w- c:\users\Silke\AppData\Local\EmieUserList
2014-06-02 18:22 . 2014-06-02 18:22 -------- d-sh--w- c:\users\Silke\AppData\Local\EmieSiteList
2014-05-14 19:04 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-05-14 18:23 . 2014-06-13 08:49 -------- d-----w- c:\users\Silke\AppData\Roaming\DropboxMaster
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 08:22 . 2012-05-12 21:11 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-12 08:22 . 2011-11-08 12:22 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-11 21:26 . 2012-05-12 21:15 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-03 12:25 . 2013-03-26 19:36 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-06-03 12:25 . 2013-03-26 19:36 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}]
2011-12-28 12:21 128064 ----a-w- c:\program files (x86)\icq\Internet Explorer\icq.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1110096]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-03 737872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
c:\users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exec:\users\Silke\AppData\Roaming\appConf32.exe,"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R4 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
R4 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R4 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
R4 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 FA_MINISCH;FortiClient Mini Scheduler;c:\program files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe;c:\program files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe [x]
S2 Fortips;Fortips;c:\windows\system32\drivers\fortips.sys;c:\windows\SYSNATIVE\drivers\fortips.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 Fortidrv2;Fortinet Fortinet Packet Filter Service;c:\windows\system32\DRIVERS\fortidrv.sys;c:\windows\SYSNATIVE\DRIVERS\fortidrv.sys [x]
S3 ft_vnic;Fortinet network virtual adapter;c:\windows\system32\DRIVERS\ftvnic.sys;c:\windows\SYSNATIVE\DRIVERS\ftvnic.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 08:40 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-12 08:22]
.
2014-06-13 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-26 09:19]
.
2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12 08:19]
.
2014-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12 08:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-31 392216]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~4\Office10\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll
FF - ProfilePath - c:\users\Silke\AppData\Roaming\Mozilla\Firefox\Profiles\kqknjv4p.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Fortinet\FortiClient VPN\fccomint.exe
c:\users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-06-13 11:16:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-06-13 09:16
.
Vor Suchlauf: 11 Verzeichnis(se), 407.871.492.096 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 407.304.040.448 Bytes frei
.
- - End Of File - - E16BAB9C5B65FC1E407C9C666545B6F7
|
|
13.06.2014, 10:26
| #23 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Naja, ist doch gut wenn keine Fehlermeldung kommt. PC bitte mal neustarten und einen FRST-Scan machen. Bist ja schon in Übung...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
13.06.2014, 13:54
| #24 |
| | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Okay, das neue FRST-File: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 Ran by Silke (administrator) on SILKE-PC on 13-06-2014 14:51:33 Running from C:\Users\Silke\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient VPN\FCCOMInt.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Dropbox, Inc.) C:\Users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1110096 2011-07-01] (Dritek System Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM-x32\...\Winlogon: [Userinit] userinit.exeC:\Users\Silke\AppData\Roaming\appConf32.exe, [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2032327208-3002283268-2618255439-1008\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] () AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [266448 2013-05-12] (NVIDIA Corporation) AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [214448 2013-05-12] (NVIDIA Corporation) Startup: C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {2E270E13-59CA-4E3F-907A-713010237A2A} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {39E6BC6C-ED11-4E21-B42C-0F2CB3E9E4C3} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie SearchScopes: HKCU - {BF6FFF60-F055-4EA7-8E54-7FB091694675} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {F9F0CE95-774E-474B-AFBB-E7BED31FBB9E} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: WEB.DE Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Silke\AppData\Roaming\Mozilla\Firefox\Profiles\kqknjv4p.default FF NewTab: chrome://quick_start/content/index.html FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Fast Start - C:\Users\Silke\AppData\Roaming\Mozilla\Firefox\Profiles\kqknjv4p.default\Extensions\faststartff@gmail.com [2014-06-12] FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Google Docs) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-22] CHR Extension: (Google Drive) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-22] CHR Extension: (YouTube) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-22] CHR Extension: (Google-Suche) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-22] CHR Extension: (Google Wallet) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12] CHR Extension: (Google Mail) - C:\Users\Silke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-22] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-03] (Avira Operations GmbH & Co. KG) R2 FA_MINISCH; C:\Program Files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe [40978 2010-02-26] (Fortinet Inc.) [File not signed] S4 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed] S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG) S4 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments, Inc.) S4 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-18] (National Instruments Corporation) S4 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-18] (National Instruments Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2009-06-15] (National Instruments Corporation) S4 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-18] (National Instruments Corporation) S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2009-06-23] (Macrovision Corporation) [File not signed] S4 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-04] (National Instruments Corporation) S4 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [740968 2009-06-23] (National Instruments Corporation) S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation) S4 OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [98304 2009-06-03] (OPC Foundation) [File not signed] S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [File not signed] S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) R3 Fortidrv2; C:\Windows\System32\DRIVERS\fortidrv.sys [28264 2010-01-04] (Fortinet Inc) R2 Fortips; C:\Windows\system32\drivers\fortips.sys [119912 2010-02-26] (Fortinet Inc) R3 ft_vnic; C:\Windows\System32\DRIVERS\ftvnic.sys [16928 2009-02-16] (Fortinet Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-13] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-05-12] (NVIDIA Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-13 11:16 - 2014-06-13 11:16 - 00024005 _____ () C:\ComboFix.txt 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-06-13 11:00 - 2014-06-13 11:16 - 00000000 ____D () C:\Qoobox 2014-06-13 11:00 - 2014-06-13 11:14 - 00000000 ____D () C:\Windows\erdnt 2014-06-13 11:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-06-13 11:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-06-13 11:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-06-13 11:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-06-13 11:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-06-13 11:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-06-13 11:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-06-13 11:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-06-13 10:56 - 2014-06-13 10:56 - 05205897 ____R (Swearware) C:\Users\Silke\Desktop\ComboFix.exe 2014-06-12 21:09 - 2014-06-12 21:09 - 02081792 _____ (Farbar) C:\Users\Silke\Downloads\FRST64.exe 2014-06-12 21:05 - 2014-06-12 21:07 - 00000000 ____D () C:\Users\Silke\Desktop\Usb stick 2014-06-12 10:35 - 2014-06-12 10:35 - 00000000 ____D () C:\Users\Silke\AppData\Local\Adobe 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Sun 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-12 10:25 - 2014-06-12 10:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-12 10:25 - 2014-06-12 10:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-12 10:25 - 2014-06-12 10:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-12 10:25 - 2014-06-12 10:24 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-12 10:24 - 2014-06-12 10:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-12 10:23 - 2014-06-12 10:23 - 00918952 _____ (Oracle Corporation) C:\Users\Silke\Downloads\jxpiinstall.exe 2014-06-12 10:20 - 2014-06-12 10:41 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 10:20 - 2014-06-12 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-12 10:19 - 2014-06-13 14:49 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-12 10:19 - 2014-06-13 14:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-12 10:19 - 2014-06-12 10:28 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-12 10:19 - 2014-06-12 10:28 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-12 10:19 - 2014-06-12 10:19 - 01057176 _____ (Adobe) C:\Users\Silke\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe 2014-06-12 10:07 - 2014-06-12 10:07 - 00448512 _____ (OldTimer Tools) C:\Users\Silke\Desktop\TFC.exe 2014-06-11 10:10 - 2014-06-12 19:02 - 00048256 _____ () C:\Users\Silke\Desktop\Addition.txt 2014-06-11 10:09 - 2014-06-13 14:51 - 00016686 _____ () C:\Users\Silke\Desktop\FRST.txt 2014-06-11 10:09 - 2014-06-11 10:09 - 00000000 ____D () C:\Users\Silke\Desktop\FRST-OlderVersion 2014-06-11 06:15 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 06:15 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 06:15 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 06:15 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 06:15 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 06:15 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 06:15 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 06:15 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 06:15 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 06:15 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 06:15 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 06:15 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 06:15 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 06:15 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 06:15 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 06:15 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 06:15 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 06:15 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 06:15 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 06:15 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 06:15 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 06:15 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 06:15 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 06:15 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 06:15 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 06:15 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 06:15 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 06:15 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 06:15 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 06:15 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 06:15 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 06:15 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 06:15 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 06:15 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 06:15 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 06:15 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 06:15 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 06:15 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 06:15 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 06:15 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 06:15 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 06:15 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 06:15 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 06:15 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 06:15 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 06:15 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 06:15 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 06:15 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 06:15 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 06:15 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 06:15 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 06:15 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 06:14 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-11 06:14 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-11 06:14 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 06:14 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 06:14 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 06:14 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 06:14 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 06:14 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 06:14 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 06:14 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 06:14 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 06:14 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 06:14 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 06:14 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-10 23:10 - 2014-06-10 23:10 - 02347384 _____ (ESET) C:\Users\Silke\Desktop\esetsmartinstaller_deu.exe 2014-06-10 23:10 - 2014-06-10 23:10 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-10 22:40 - 2014-06-13 14:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-10 22:40 - 2014-06-10 22:40 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-10 22:40 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-10 22:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-10 22:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-10 22:38 - 2014-06-10 22:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Silke\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-10 22:28 - 2014-06-10 22:34 - 00000000 ____D () C:\AdwCleaner 2014-06-10 22:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-10 22:22 - 2014-06-10 22:22 - 01333465 _____ () C:\Users\Silke\Desktop\adwcleaner_3.212.exe 2014-06-10 19:44 - 2014-06-10 21:28 - 00042027 _____ () C:\Users\Silke\Downloads\Addition.txt 2014-06-10 19:43 - 2014-06-13 14:51 - 00000000 ____D () C:\FRST 2014-06-10 19:43 - 2014-06-10 21:28 - 00035545 _____ () C:\Users\Silke\Downloads\FRST.txt 2014-06-10 19:42 - 2014-06-11 10:09 - 02081792 _____ (Farbar) C:\Users\Silke\Desktop\FRST64.exe 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieUserList 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieSiteList 2014-05-14 21:04 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 21:04 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 20:54 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 20:54 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 20:54 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 20:54 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 20:54 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 20:54 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 20:54 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 20:54 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 20:54 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 20:54 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 20:54 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 20:54 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 20:54 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 20:54 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 20:54 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 20:54 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 20:54 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 20:54 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 20:54 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-14 20:23 - 2014-06-13 14:50 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\DropboxMaster ==================== One Month Modified Files and Folders ======= 2014-06-13 14:52 - 2014-06-11 10:09 - 00016686 _____ () C:\Users\Silke\Desktop\FRST.txt 2014-06-13 14:52 - 2014-06-10 22:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-13 14:52 - 2012-05-13 05:42 - 00000000 ____D () C:\Users\Silke\AppData\Local\Temp 2014-06-13 14:51 - 2014-06-10 19:43 - 00000000 ____D () C:\FRST 2014-06-13 14:50 - 2014-05-14 20:23 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\DropboxMaster 2014-06-13 14:50 - 2013-05-22 18:07 - 00000000 ___RD () C:\Users\Silke\Dropbox 2014-06-13 14:50 - 2013-05-22 18:05 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\Dropbox 2014-06-13 14:49 - 2014-06-12 10:19 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-13 14:49 - 2013-03-26 21:01 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize.job 2014-06-13 14:49 - 2012-05-24 19:46 - 00055874 _____ () C:\Windows\setupact.log 2014-06-13 14:49 - 2012-03-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-13 14:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-13 14:48 - 2012-03-12 17:29 - 01543827 _____ () C:\Windows\WindowsUpdate.log 2014-06-13 14:33 - 2014-06-12 10:19 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-13 14:00 - 2012-05-12 23:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-13 11:18 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-13 11:18 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-13 11:16 - 2014-06-13 11:16 - 00024005 _____ () C:\ComboFix.txt 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-06-13 11:16 - 2014-06-13 11:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-06-13 11:16 - 2014-06-13 11:00 - 00000000 ____D () C:\Qoobox 2014-06-13 11:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-06-13 11:14 - 2014-06-13 11:00 - 00000000 ____D () C:\Windows\erdnt 2014-06-13 11:14 - 2012-03-13 02:23 - 00700134 _____ () C:\Windows\system32\perfh007.dat 2014-06-13 11:14 - 2012-03-13 02:23 - 00149984 _____ () C:\Windows\system32\perfc007.dat 2014-06-13 11:14 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-13 11:08 - 2012-09-21 18:43 - 00276112 _____ () C:\Windows\PFRO.log 2014-06-13 11:08 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-06-13 10:56 - 2014-06-13 10:56 - 05205897 ____R (Swearware) C:\Users\Silke\Desktop\ComboFix.exe 2014-06-12 21:09 - 2014-06-12 21:09 - 02081792 _____ (Farbar) C:\Users\Silke\Downloads\FRST64.exe 2014-06-12 21:07 - 2014-06-12 21:05 - 00000000 ____D () C:\Users\Silke\Desktop\Usb stick 2014-06-12 19:02 - 2014-06-11 10:10 - 00048256 _____ () C:\Users\Silke\Desktop\Addition.txt 2014-06-12 11:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 10:41 - 2014-06-12 10:20 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 10:35 - 2014-06-12 10:35 - 00000000 ____D () C:\Users\Silke\AppData\Local\Adobe 2014-06-12 10:28 - 2014-06-12 10:19 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-12 10:28 - 2014-06-12 10:19 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Sun 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-12 10:25 - 2014-06-12 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-12 10:24 - 2014-06-12 10:25 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-12 10:24 - 2014-06-12 10:25 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-12 10:24 - 2014-06-12 10:25 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-12 10:24 - 2014-06-12 10:25 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-12 10:24 - 2014-06-12 10:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-12 10:23 - 2014-06-12 10:23 - 00918952 _____ (Oracle Corporation) C:\Users\Silke\Downloads\jxpiinstall.exe 2014-06-12 10:22 - 2012-05-12 23:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-12 10:22 - 2012-05-12 23:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-12 10:22 - 2011-11-08 14:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-12 10:20 - 2014-06-12 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-12 10:20 - 2013-04-11 14:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-12 10:19 - 2014-06-12 10:19 - 01057176 _____ (Adobe) C:\Users\Silke\Downloads\install_flashplayer14x32_ltr5x64d_awc_aih.exe 2014-06-12 10:07 - 2014-06-12 10:07 - 00448512 _____ (OldTimer Tools) C:\Users\Silke\Desktop\TFC.exe 2014-06-12 10:05 - 2012-05-13 05:42 - 00000000 ____D () C:\Users\Silke 2014-06-11 23:27 - 2013-07-15 10:35 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 23:26 - 2012-05-12 23:15 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 23:24 - 2014-05-08 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-11 10:09 - 2014-06-11 10:09 - 00000000 ____D () C:\Users\Silke\Desktop\FRST-OlderVersion 2014-06-11 10:09 - 2014-06-10 19:42 - 02081792 _____ (Farbar) C:\Users\Silke\Desktop\FRST64.exe 2014-06-10 23:10 - 2014-06-10 23:10 - 02347384 _____ (ESET) C:\Users\Silke\Desktop\esetsmartinstaller_deu.exe 2014-06-10 23:10 - 2014-06-10 23:10 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-10 22:59 - 2011-11-08 14:03 - 00000000 ____D () C:\Windows\oem 2014-06-10 22:40 - 2014-06-10 22:40 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-10 22:40 - 2014-06-10 22:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-10 22:38 - 2014-06-10 22:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Silke\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-10 22:34 - 2014-06-10 22:28 - 00000000 ____D () C:\AdwCleaner 2014-06-10 22:34 - 2012-05-12 22:48 - 00000969 _____ () C:\Users\Silke\Desktop\Internet Explorer.lnk 2014-06-10 22:34 - 2012-05-12 22:46 - 00000999 _____ () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-10 22:22 - 2014-06-10 22:22 - 01333465 _____ () C:\Users\Silke\Desktop\adwcleaner_3.212.exe 2014-06-10 21:28 - 2014-06-10 19:44 - 00042027 _____ () C:\Users\Silke\Downloads\Addition.txt 2014-06-10 21:28 - 2014-06-10 19:43 - 00035545 _____ () C:\Users\Silke\Downloads\FRST.txt 2014-06-10 19:06 - 2013-07-27 00:02 - 00000047 _____ () C:\Users\Silke\AppData\Roaming\WB.CFG 2014-06-08 11:13 - 2014-06-11 06:14 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-11 06:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-03 14:25 - 2013-03-26 21:36 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-03 14:25 - 2013-03-26 21:36 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieUserList 2014-06-02 20:22 - 2014-06-02 20:22 - 00000000 __SHD () C:\Users\Silke\AppData\Local\EmieSiteList 2014-05-30 12:21 - 2014-06-11 06:15 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-11 06:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-11 06:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-11 06:15 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-11 06:15 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-11 06:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-11 06:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-11 06:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-11 06:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-11 06:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-11 06:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-11 06:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-11 06:15 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-11 06:15 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-11 06:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-11 06:15 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-11 06:15 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-11 06:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-11 06:15 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-11 06:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-11 06:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-11 06:15 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-11 06:15 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-11 06:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-11 06:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-11 06:15 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-11 06:15 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-11 06:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-11 06:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-11 06:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-11 06:15 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-11 06:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-11 06:15 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-11 06:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-11 06:15 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-11 06:15 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-11 06:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-11 06:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-11 06:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-11 06:15 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-11 06:15 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-11 06:15 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-11 06:15 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-11 06:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-11 06:15 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-11 06:15 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-11 06:15 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-11 06:15 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-11 06:15 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-11 06:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-11 06:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-11 06:15 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-30 00:14 - 2012-05-12 22:46 - 00000000 ___RD () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-30 00:13 - 2013-05-22 18:07 - 00001021 _____ () C:\Users\Silke\Desktop\Dropbox.lnk 2014-05-30 00:13 - 2013-05-22 18:06 - 00000000 ____D () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-18 22:12 - 2012-05-12 22:46 - 00000000 ___RD () C:\Users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-14 22:00 - 2014-05-04 12:31 - 00000000 ____D () C:\Users\Silke\Desktop\Bachelorarbeit 2014-05-14 20:25 - 2011-11-08 14:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk Some content of TEMP: ==================== C:\Users\Silke\AppData\Local\Temp\avgnt.exe C:\Users\Silke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkhryee.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-10 20:41 ==================== End Of Log ============================ |
|
13.06.2014, 14:08
| #25 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Melde mich abends wieder muss jetzt zur Arbeit...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
13.06.2014, 15:42
| #26 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Combofix-Skript
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
14.06.2014, 18:56
| #27 |
| | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Okay, das habe ich jetzt soweit durchgeführt. Habe allerdings folgende Fehlermeldung erhalten: "Die Anweisung in 0x6ea1bdf verweist auf den Speicher 0x00000020. Der Vorgang read konnte nicht durchgeführt werden." Hier das entstandene Log-File: Code:
ATTFilter ComboFix 14-06-13.01 - Silke 14.06.2014 19:32:28.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8044.6020 [GMT 2:00]
ausgeführt von:: c:\users\Silke\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Silke\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-05-14 bis 2014-06-14 ))))))))))))))))))))))))))))))
.
.
2014-06-14 17:37 . 2014-06-14 17:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-14 17:37 . 2014-06-14 17:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-13 08:55 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76520E1D-4EE8-4E5C-94CE-0D028D77A739}\mpengine.dll
2014-06-12 08:35 . 2014-06-12 08:35 -------- d-----w- c:\users\Silke\AppData\Local\Adobe
2014-06-12 08:25 . 2014-06-12 08:25 -------- d-----w- c:\programdata\Oracle
2014-06-12 08:25 . 2014-06-12 08:25 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-06-12 08:25 . 2014-06-12 08:24 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-12 08:24 . 2014-06-12 08:24 -------- d-----w- c:\program files (x86)\Java
2014-06-11 04:14 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-06-10 21:10 . 2014-06-10 21:10 -------- d-----w- c:\program files (x86)\ESET
2014-06-10 20:40 . 2014-06-14 17:23 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-10 20:40 . 2014-06-10 20:40 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-06-10 20:40 . 2014-06-10 20:40 -------- d-----w- c:\programdata\Malwarebytes
2014-06-10 20:40 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-10 20:40 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-10 20:40 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-10 20:28 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-10 20:28 . 2014-06-10 20:34 -------- d-----w- C:\AdwCleaner
2014-06-10 17:43 . 2014-06-13 12:52 -------- d-----w- C:\FRST
2014-06-02 18:22 . 2014-06-02 18:22 -------- d-sh--w- c:\users\Silke\AppData\Local\EmieUserList
2014-06-02 18:22 . 2014-06-02 18:22 -------- d-sh--w- c:\users\Silke\AppData\Local\EmieSiteList
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 08:22 . 2012-05-12 21:11 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-12 08:22 . 2011-11-08 12:22 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-11 21:26 . 2012-05-12 21:15 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-03 12:25 . 2013-03-26 19:36 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-06-03 12:25 . 2013-03-26 19:36 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-04-12 02:22 . 2014-05-14 18:54 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 18:54 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 18:54 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 18:54 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 18:54 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 18:54 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 18:54 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 18:54 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 18:54 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-25 02:43 . 2014-05-14 19:04 14175744 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}]
2011-12-28 12:21 128064 ----a-w- c:\program files (x86)\icq\Internet Explorer\icq.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1110096]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-03 737872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
c:\users\Silke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exec:\users\Silke\AppData\Roaming\appConf32.exe,"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
2;2 FA_MINISCH;FortiClient Mini Scheduler;c:\program files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe;c:\program files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R4 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
R4 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R4 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
R4 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Fortips;Fortips;c:\windows\system32\drivers\fortips.sys;c:\windows\SYSNATIVE\drivers\fortips.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 Fortidrv2;Fortinet Fortinet Packet Filter Service;c:\windows\system32\DRIVERS\fortidrv.sys;c:\windows\SYSNATIVE\DRIVERS\fortidrv.sys [x]
S3 ft_vnic;Fortinet network virtual adapter;c:\windows\system32\DRIVERS\ftvnic.sys;c:\windows\SYSNATIVE\DRIVERS\ftvnic.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 08:40 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-12 08:22]
.
2014-06-14 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-26 09:19]
.
2014-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12 08:19]
.
2014-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12 08:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Silke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-31 392216]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~4\Office10\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll
FF - ProfilePath - c:\users\Silke\AppData\Roaming\Mozilla\Firefox\Profiles\kqknjv4p.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Fortinet\FortiClient VPN\fccomint.exe
c:\users\Silke\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-06-14 19:46:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-06-14 17:45
ComboFix2.txt 2014-06-13 09:16
.
Vor Suchlauf: 18 Verzeichnis(se), 406.813.224.960 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 406.432.616.448 Bytes frei
.
- - End Of File - - 057A7294C1E178988CA04E8CA17F0B52
|
|
14.06.2014, 21:23
| #28 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Nicht dass Du auf Antwort wartest... Prima Arbeit von Dir bisher! Müssen aber da genau schauen was los ist... Weitere Anweisungen folgen (morgen...)
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
15.06.2014, 08:21
| #29 |
| /// TB-Ausbilder /// Anleitungs-Guru | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Hi, lade Dir bitte die exe-Datei runter. Setze bei Schritt 3 auch einen Haken bei "loaded modules" (PC wird neu gestartet) und führe einen Scan durch. Evtl. Funde erstmal bitte "skippen". Rootkit-Entfernung mit TDSS  illerSchritt 1 Lade Dir von hier TDSSKiller herunter und speichere die TDSSKiller.exe auf dem Desktop.  Schritt 2 Starte TDSSKiller mit einem Doppelklick und bestätige die Meldung der Benutzerkontensteuerung mit "Ja". TDSSKiller startet nun und sucht nach Updates. Sollte ein Update zur Verfügung stehen, klicke auf "Load Update".    Es wird die neueste Version heruntergeladen. Entpacke die Archivdatei auf dem Desktop. Öffne den Ordner und starte die TDSSKiller.exe (Analog Schritt 2) Schritt 3 Bestätige die nachfolgenden Vereinbarungen mit "Accept" bis Du zur Programmoberfläche gelangst.   Klicke nun auf der Programmoberfläche auf "Change parameters" und setze die Haken unter "Additional options" wie auf dem Bild gezeigt und bestätige mit OK.   Schritt 4 Klicke nun auf "Start scan" und der Suchlauf wird gestartet.  Szenario 1: TDSSKiller findet keine Rootkits In diesem Fall oben rechts auf "Report" klicken. Den Inhalt des Textdateifensters mit "STRG+A" markieren, "STRG+C" kopiert den Text in den Zwischenspeicher. Mit "STRG+V" kann der Text dann in Code-Tags als Antwort in den Thread gepostet werden.  Szenario 2: TDSSKiller findet Rootkits In diesem Fall bitte unbedingt die Anweisungen der Helfer beachten. In der Regel wird nach dem ersten Scan immer "Skip" ausgewählt und mit "Continue" bestätigt. Anschließend dem Helfer über "Report" den Scanbericht posten. 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
15.06.2014, 09:02
| #30 |
| | popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version Hallo Okay, habe ich gemacht. Szenario 1 war das Ergebnis. Code:
ATTFilter 09:54:38.0433 0x11e0 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
09:54:43.0516 0x11e0 ============================================================
09:54:43.0516 0x11e0 Current date / time: 2014/06/15 09:54:43.0516
09:54:43.0516 0x11e0 SystemInfo:
09:54:43.0516 0x11e0
09:54:43.0517 0x11e0 OS Version: 6.1.7601 ServicePack: 1.0
09:54:43.0517 0x11e0 Product type: Workstation
09:54:43.0517 0x11e0 ComputerName: SILKE-PC
09:54:43.0518 0x11e0 UserName: Silke
09:54:43.0518 0x11e0 Windows directory: C:\Windows
09:54:43.0518 0x11e0 System windows directory: C:\Windows
09:54:43.0518 0x11e0 Running under WOW64
09:54:43.0518 0x11e0 Processor architecture: Intel x64
09:54:43.0518 0x11e0 Number of processors: 4
09:54:43.0518 0x11e0 Page size: 0x1000
09:54:43.0518 0x11e0 Boot type: Normal boot
09:54:43.0518 0x11e0 ============================================================
09:54:43.0671 0x11e0 KLMD registered as C:\Windows\system32\drivers\41172266.sys
09:54:44.0261 0x11e0 System UUID: {C97886C2-8305-C23E-7512-DDAA658B625E}
09:54:44.0854 0x11e0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:54:44.0863 0x11e0 Drive \Device\Harddisk1\DR1 - Size: 0x774700000 ( 29.82 Gb ), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:54:44.0868 0x11e0 ============================================================
09:54:44.0868 0x11e0 \Device\Harddisk0\DR0:
09:54:44.0868 0x11e0 MBR partitions:
09:54:44.0868 0x11e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
09:54:44.0868 0x11e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
09:54:44.0868 0x11e0 \Device\Harddisk1\DR1:
09:54:44.0869 0x11e0 MBR partitions:
09:54:44.0869 0x11e0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA37E0
09:54:44.0869 0x11e0 ============================================================
09:54:44.0909 0x11e0 C: <-> \Device\Harddisk0\DR0\Partition2
09:54:44.0909 0x11e0 ============================================================
09:54:44.0909 0x11e0 Initialize success
09:54:44.0909 0x11e0 ============================================================
09:54:48.0556 0x0ee8 ============================================================
09:54:48.0556 0x0ee8 Scan started
09:54:48.0556 0x0ee8 Mode: Manual;
09:54:48.0556 0x0ee8 ============================================================
09:54:48.0556 0x0ee8 KSN ping started
09:55:02.0317 0x0ee8 KSN ping finished: true
09:55:03.0040 0x0ee8 ================ Scan system memory ========================
09:55:03.0040 0x0ee8 System memory - ok
09:55:03.0041 0x0ee8 ================ Scan services =============================
09:55:03.0199 0x0ee8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:55:03.0214 0x0ee8 1394ohci - ok
09:55:03.0267 0x0ee8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:55:03.0273 0x0ee8 ACPI - ok
09:55:03.0299 0x0ee8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:55:03.0299 0x0ee8 AcpiPmi - ok
09:55:03.0377 0x0ee8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:55:03.0382 0x0ee8 AdobeARMservice - ok
09:55:03.0466 0x0ee8 [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:55:03.0475 0x0ee8 AdobeFlashPlayerUpdateSvc - ok
09:55:03.0523 0x0ee8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:55:03.0539 0x0ee8 adp94xx - ok
09:55:03.0565 0x0ee8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:55:03.0570 0x0ee8 adpahci - ok
09:55:03.0601 0x0ee8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:55:03.0605 0x0ee8 adpu320 - ok
09:55:03.0638 0x0ee8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:55:03.0640 0x0ee8 AeLookupSvc - ok
09:55:03.0681 0x0ee8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
09:55:03.0690 0x0ee8 AFD - ok
09:55:03.0720 0x0ee8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
09:55:03.0721 0x0ee8 agp440 - ok
09:55:03.0751 0x0ee8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:55:03.0753 0x0ee8 ALG - ok
09:55:03.0768 0x0ee8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
09:55:03.0768 0x0ee8 aliide - ok
09:55:03.0781 0x0ee8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
09:55:03.0782 0x0ee8 amdide - ok
09:55:03.0791 0x0ee8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:55:03.0792 0x0ee8 AmdK8 - ok
09:55:03.0807 0x0ee8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:55:03.0809 0x0ee8 AmdPPM - ok
09:55:03.0823 0x0ee8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:55:03.0826 0x0ee8 amdsata - ok
09:55:03.0852 0x0ee8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:55:03.0855 0x0ee8 amdsbs - ok
09:55:03.0865 0x0ee8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:55:03.0866 0x0ee8 amdxata - ok
09:55:03.0953 0x0ee8 [ 0BF3BE441B226D018767C28F92830D34, F4737DB09D2CDF1AD3516711E6A7B230D02630D7A7481CCAD046D99AF165CA23 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:55:03.0969 0x0ee8 AntiVirSchedulerService - ok
09:55:03.0987 0x0ee8 [ 0BF3BE441B226D018767C28F92830D34, F4737DB09D2CDF1AD3516711E6A7B230D02630D7A7481CCAD046D99AF165CA23 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:55:03.0996 0x0ee8 AntiVirService - ok
09:55:04.0020 0x0ee8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
09:55:04.0022 0x0ee8 AppID - ok
09:55:04.0049 0x0ee8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:55:04.0050 0x0ee8 AppIDSvc - ok
09:55:04.0083 0x0ee8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
09:55:04.0085 0x0ee8 Appinfo - ok
09:55:04.0127 0x0ee8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
09:55:04.0129 0x0ee8 arc - ok
09:55:04.0154 0x0ee8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:55:04.0156 0x0ee8 arcsas - ok
09:55:04.0253 0x0ee8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:55:04.0256 0x0ee8 aspnet_state - ok
09:55:04.0267 0x0ee8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:55:04.0270 0x0ee8 AsyncMac - ok
09:55:04.0299 0x0ee8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
09:55:04.0301 0x0ee8 atapi - ok
09:55:04.0404 0x0ee8 [ C8679A07267F030704168E45E27C3D43, E682D9B6439D8F8ED17D9A5536154ED6BA99EE22DD4885CFB7F442D15BB81477 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:55:04.0457 0x0ee8 athr - ok
09:55:04.0497 0x0ee8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:55:04.0508 0x0ee8 AudioEndpointBuilder - ok
09:55:04.0524 0x0ee8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:55:04.0535 0x0ee8 AudioSrv - ok
09:55:04.0578 0x0ee8 [ 46552023B54E374C887A3A9AAF1279F2, 02A365675C4C9A7C67615EB635418DD6392467878FAB84AE97BF1D74EAC0A623 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
09:55:04.0580 0x0ee8 avgntflt - ok
09:55:04.0612 0x0ee8 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
09:55:04.0614 0x0ee8 avipbb - ok
09:55:04.0648 0x0ee8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
09:55:04.0649 0x0ee8 avkmgr - ok
09:55:04.0678 0x0ee8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:55:04.0680 0x0ee8 AxInstSV - ok
09:55:04.0714 0x0ee8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:55:04.0722 0x0ee8 b06bdrv - ok
09:55:04.0742 0x0ee8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:55:04.0747 0x0ee8 b57nd60a - ok
09:55:04.0770 0x0ee8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:55:04.0773 0x0ee8 BDESVC - ok
09:55:04.0781 0x0ee8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:55:04.0783 0x0ee8 Beep - ok
09:55:04.0824 0x0ee8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
09:55:04.0835 0x0ee8 BFE - ok
09:55:04.0883 0x0ee8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
09:55:04.0898 0x0ee8 BITS - ok
09:55:04.0916 0x0ee8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:55:04.0920 0x0ee8 blbdrive - ok
09:55:04.0932 0x0ee8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:55:04.0938 0x0ee8 bowser - ok
09:55:04.0962 0x0ee8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:55:04.0963 0x0ee8 BrFiltLo - ok
09:55:04.0973 0x0ee8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:55:04.0973 0x0ee8 BrFiltUp - ok
09:55:04.0992 0x0ee8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:55:04.0998 0x0ee8 BridgeMP - ok
09:55:05.0040 0x0ee8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
09:55:05.0043 0x0ee8 Browser - ok
09:55:05.0060 0x0ee8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:55:05.0065 0x0ee8 Brserid - ok
09:55:05.0075 0x0ee8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:55:05.0076 0x0ee8 BrSerWdm - ok
09:55:05.0092 0x0ee8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:55:05.0093 0x0ee8 BrUsbMdm - ok
09:55:05.0105 0x0ee8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:55:05.0106 0x0ee8 BrUsbSer - ok
09:55:05.0122 0x0ee8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:55:05.0124 0x0ee8 BTHMODEM - ok
09:55:05.0152 0x0ee8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
09:55:05.0154 0x0ee8 bthserv - ok
09:55:05.0168 0x0ee8 catchme - ok
09:55:05.0189 0x0ee8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:55:05.0191 0x0ee8 cdfs - ok
09:55:05.0200 0x0ee8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:55:05.0208 0x0ee8 cdrom - ok
09:55:05.0224 0x0ee8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
09:55:05.0226 0x0ee8 CertPropSvc - ok
09:55:05.0232 0x0ee8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
09:55:05.0233 0x0ee8 circlass - ok
09:55:05.0256 0x0ee8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
09:55:05.0262 0x0ee8 CLFS - ok
09:55:05.0328 0x0ee8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:55:05.0333 0x0ee8 clr_optimization_v2.0.50727_32 - ok
09:55:05.0381 0x0ee8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:55:05.0388 0x0ee8 clr_optimization_v2.0.50727_64 - ok
09:55:05.0454 0x0ee8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:55:05.0458 0x0ee8 clr_optimization_v4.0.30319_32 - ok
09:55:05.0477 0x0ee8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:55:05.0481 0x0ee8 clr_optimization_v4.0.30319_64 - ok
09:55:05.0505 0x0ee8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:55:05.0509 0x0ee8 CmBatt - ok
09:55:05.0539 0x0ee8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:55:05.0540 0x0ee8 cmdide - ok
09:55:05.0587 0x0ee8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
09:55:05.0600 0x0ee8 CNG - ok
09:55:05.0707 0x0ee8 [ 2A214FCC149E2A061BD2EB6FB00BB0ED, A38E40002DA33FC31F39E0C9940FC6807F802A9C21298453A403BCA712D8121C ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
09:55:05.0738 0x0ee8 CnxtHdAudService - ok
09:55:05.0763 0x0ee8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:55:05.0763 0x0ee8 Compbatt - ok
09:55:05.0776 0x0ee8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:55:05.0781 0x0ee8 CompositeBus - ok
09:55:05.0783 0x0ee8 COMSysApp - ok
09:55:05.0792 0x0ee8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:55:05.0793 0x0ee8 crcdisk - ok
09:55:05.0838 0x0ee8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:55:05.0848 0x0ee8 CryptSvc - ok
09:55:06.0036 0x0ee8 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:55:06.0057 0x0ee8 cvhsvc - ok
09:55:06.0105 0x0ee8 [ 9D0D050170D47E778B624A28C90F23DE, 48528AA9EB0C9FB5086D992EF1F9556C8249D267C2E3D4E681D5C8B6BC316C71 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
09:55:06.0115 0x0ee8 CxAudMsg - ok
09:55:06.0153 0x0ee8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:55:06.0166 0x0ee8 DcomLaunch - ok
09:55:06.0196 0x0ee8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
09:55:06.0203 0x0ee8 defragsvc - ok
09:55:06.0221 0x0ee8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:55:06.0229 0x0ee8 DfsC - ok
09:55:06.0251 0x0ee8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:55:06.0259 0x0ee8 Dhcp - ok
09:55:06.0288 0x0ee8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
09:55:06.0290 0x0ee8 discache - ok
09:55:06.0302 0x0ee8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
09:55:06.0304 0x0ee8 Disk - ok
09:55:06.0340 0x0ee8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:55:06.0345 0x0ee8 Dnscache - ok
09:55:06.0365 0x0ee8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
09:55:06.0371 0x0ee8 dot3svc - ok
09:55:06.0380 0x0ee8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
09:55:06.0385 0x0ee8 DPS - ok
09:55:06.0424 0x0ee8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:55:06.0425 0x0ee8 drmkaud - ok
09:55:06.0493 0x0ee8 [ 0F1BA8F7F4B33C87031E0B0916958B26, 7303EB9DA3D78A3B3BC21EF523D16A180017DF784DE5B2EDE5948EDF8B330151 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:55:06.0510 0x0ee8 DsiWMIService - ok
09:55:06.0568 0x0ee8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:55:06.0589 0x0ee8 DXGKrnl - ok
09:55:06.0616 0x0ee8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
09:55:06.0618 0x0ee8 EapHost - ok
09:55:06.0739 0x0ee8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:55:06.0791 0x0ee8 ebdrv - ok
09:55:06.0818 0x0ee8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
09:55:06.0820 0x0ee8 EFS - ok
09:55:06.0906 0x0ee8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:55:06.0920 0x0ee8 ehRecvr - ok
09:55:06.0930 0x0ee8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
09:55:06.0933 0x0ee8 ehSched - ok
09:55:06.0996 0x0ee8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:55:07.0009 0x0ee8 elxstor - ok
09:55:07.0118 0x0ee8 [ AC5C64F828C0A6A1350971501AC2A0C7, 920EB0AC38AD65930A747EDC98144010AE97A4B74153B90EE36E9C45055649A1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
09:55:07.0138 0x0ee8 ePowerSvc - ok
09:55:07.0147 0x0ee8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:55:07.0147 0x0ee8 ErrDev - ok
09:55:07.0192 0x0ee8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
09:55:07.0207 0x0ee8 EventSystem - ok
09:55:07.0237 0x0ee8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
09:55:07.0240 0x0ee8 exfat - ok
09:55:07.0261 0x0ee8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:55:07.0265 0x0ee8 fastfat - ok
09:55:07.0298 0x0ee8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
09:55:07.0309 0x0ee8 Fax - ok
09:55:07.0354 0x0ee8 [ 7A8B03D45AF9B43FFAE9D61D5F7FB813, 1A248BFD212DF6DA127BCB645F08EA2D6864E21C44C59F15F35F6D89DCA47116 ] FA_MINISCH C:\Program Files (x86)\Fortinet\FortiClient VPN\FCMiniSch.exe
09:55:07.0355 0x0ee8 FA_MINISCH - ok
09:55:07.0390 0x0ee8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
09:55:07.0392 0x0ee8 fdc - ok
09:55:07.0421 0x0ee8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
09:55:07.0424 0x0ee8 fdPHost - ok
09:55:07.0445 0x0ee8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
09:55:07.0449 0x0ee8 FDResPub - ok
09:55:07.0467 0x0ee8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:55:07.0472 0x0ee8 FileInfo - ok
09:55:07.0490 0x0ee8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:55:07.0493 0x0ee8 Filetrace - ok
09:55:07.0557 0x0ee8 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:55:07.0581 0x0ee8 FLEXnet Licensing Service - ok
09:55:07.0607 0x0ee8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:55:07.0608 0x0ee8 flpydisk - ok
09:55:07.0627 0x0ee8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:55:07.0638 0x0ee8 FltMgr - ok
09:55:07.0690 0x0ee8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
09:55:07.0709 0x0ee8 FontCache - ok
09:55:07.0769 0x0ee8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:55:07.0773 0x0ee8 FontCache3.0.0.0 - ok
09:55:07.0797 0x0ee8 [ 4CAF297779B4CBDEB2B239BA8C8A5161, 720F2D3F6EC87A1E0C7691AE37B51F530EFB9FB259455D907DFF163DD7D601B1 ] Fortidrv2 C:\Windows\system32\DRIVERS\fortidrv.sys
09:55:07.0803 0x0ee8 Fortidrv2 - ok
09:55:07.0857 0x0ee8 [ FE945086F5AEB108A44C14CF9690869D, A2A7669BD5F6FA5DFC72E84F9532BED515143CB04FA1F628B3811DFA1F81D1DD ] Fortips C:\Windows\system32\drivers\fortips.sys
09:55:07.0864 0x0ee8 Fortips - ok
09:55:07.0900 0x0ee8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:55:07.0904 0x0ee8 FsDepends - ok
09:55:07.0941 0x0ee8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:55:07.0944 0x0ee8 Fs_Rec - ok
09:55:07.0974 0x0ee8 [ BEB74D1707DA5EE996B53B67C8E910F2, C30836D312CB34B5597CFD35633B2DCF897934C2A624571200A9FE0C94681EAA ] ft_vnic C:\Windows\system32\DRIVERS\ftvnic.sys
09:55:07.0976 0x0ee8 ft_vnic - ok
09:55:08.0023 0x0ee8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:55:08.0033 0x0ee8 fvevol - ok
09:55:08.0063 0x0ee8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:55:08.0065 0x0ee8 gagp30kx - ok
09:55:08.0116 0x0ee8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
09:55:08.0132 0x0ee8 gpsvc - ok
09:55:08.0173 0x0ee8 [ 84E58FEA8B1A7537696A20C59CB9B0C9, 21F36D45612247DD81CC55FCDA56496BE8BBE384E8FBCCB6184D69F77A59F5C0 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
09:55:08.0176 0x0ee8 GREGService - ok
09:55:08.0271 0x0ee8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:55:08.0280 0x0ee8 gupdate - ok
09:55:08.0300 0x0ee8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:55:08.0305 0x0ee8 gupdatem - ok
09:55:08.0324 0x0ee8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:55:08.0327 0x0ee8 hcw85cir - ok
09:55:08.0357 0x0ee8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:55:08.0369 0x0ee8 HdAudAddService - ok
09:55:08.0382 0x0ee8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:55:08.0384 0x0ee8 HDAudBus - ok
09:55:08.0398 0x0ee8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:55:08.0399 0x0ee8 HidBatt - ok
09:55:08.0410 0x0ee8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:55:08.0412 0x0ee8 HidBth - ok
09:55:08.0429 0x0ee8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
09:55:08.0430 0x0ee8 HidIr - ok
09:55:08.0459 0x0ee8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
09:55:08.0461 0x0ee8 hidserv - ok
09:55:08.0492 0x0ee8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:55:08.0493 0x0ee8 HidUsb - ok
09:55:08.0522 0x0ee8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:55:08.0525 0x0ee8 hkmsvc - ok
09:55:08.0550 0x0ee8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:55:08.0554 0x0ee8 HomeGroupListener - ok
09:55:08.0585 0x0ee8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:55:08.0589 0x0ee8 HomeGroupProvider - ok
09:55:08.0619 0x0ee8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:55:08.0620 0x0ee8 HpSAMD - ok
09:55:08.0645 0x0ee8 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
09:55:08.0646 0x0ee8 HTCAND64 - ok
09:55:08.0742 0x0ee8 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
09:55:08.0748 0x0ee8 HTCMonitorService - ok
09:55:08.0762 0x0ee8 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
09:55:08.0766 0x0ee8 htcnprot - ok
09:55:08.0802 0x0ee8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:55:08.0814 0x0ee8 HTTP - ok
09:55:08.0827 0x0ee8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:55:08.0828 0x0ee8 hwpolicy - ok
09:55:08.0856 0x0ee8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:55:08.0863 0x0ee8 i8042prt - ok
09:55:08.0891 0x0ee8 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:55:08.0900 0x0ee8 iaStor - ok
09:55:08.0960 0x0ee8 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:55:08.0963 0x0ee8 IAStorDataMgrSvc - ok
09:55:09.0018 0x0ee8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:55:09.0032 0x0ee8 iaStorV - ok
09:55:09.0141 0x0ee8 [ 2C3CC41FEFCB77E2826886E6B7EF93AE, 25715B759CA7399D818157DB724B530FC9FA49CFE77DAA6C5A60FF2EA492749C ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:55:09.0169 0x0ee8 IconMan_R - ok
09:55:09.0278 0x0ee8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:55:09.0294 0x0ee8 idsvc - ok
09:55:09.0362 0x0ee8 IEEtwCollectorService - ok
09:55:09.0761 0x0ee8 [ A47D902F5C0C43DCF5EE2CAE02BF39A8, 9616B25152BB8B51D5EBC7CB3004902A089E56899EC55D975246F7F6D1FEBF00 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:55:10.0245 0x0ee8 igfx - ok
09:55:10.0295 0x0ee8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:55:10.0297 0x0ee8 iirsp - ok
09:55:10.0391 0x0ee8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
09:55:10.0417 0x0ee8 IKEEXT - ok
09:55:10.0432 0x0ee8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
09:55:10.0433 0x0ee8 intelide - ok
09:55:10.0466 0x0ee8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:55:10.0467 0x0ee8 intelppm - ok
09:55:10.0514 0x0ee8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:55:10.0522 0x0ee8 IPBusEnum - ok
09:55:10.0558 0x0ee8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:55:10.0561 0x0ee8 IpFilterDriver - ok
09:55:10.0621 0x0ee8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:55:10.0634 0x0ee8 iphlpsvc - ok
09:55:10.0641 0x0ee8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:55:10.0643 0x0ee8 IPMIDRV - ok
09:55:10.0659 0x0ee8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:55:10.0661 0x0ee8 IPNAT - ok
09:55:10.0685 0x0ee8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:55:10.0686 0x0ee8 IRENUM - ok
09:55:10.0701 0x0ee8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:55:10.0702 0x0ee8 isapnp - ok
09:55:10.0741 0x0ee8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:55:10.0746 0x0ee8 iScsiPrt - ok
09:55:10.0782 0x0ee8 [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:55:10.0789 0x0ee8 IviRegMgr - ok
09:55:10.0808 0x0ee8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:55:10.0816 0x0ee8 kbdclass - ok
09:55:10.0837 0x0ee8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:55:10.0838 0x0ee8 kbdhid - ok
09:55:10.0852 0x0ee8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
09:55:10.0854 0x0ee8 KeyIso - ok
09:55:10.0898 0x0ee8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:55:10.0905 0x0ee8 KSecDD - ok
09:55:10.0931 0x0ee8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:55:10.0937 0x0ee8 KSecPkg - ok
09:55:10.0952 0x0ee8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:55:10.0958 0x0ee8 ksthunk - ok
09:55:10.0985 0x0ee8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
09:55:10.0994 0x0ee8 KtmRm - ok
09:55:11.0018 0x0ee8 [ 95CA93FC12BE372BB952669F37FFF9C5, 5B4EE910E676ABD0E12B6AD72DBB564DBEB05D63C43AFFC24CE155D0DF8A3820 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:55:11.0023 0x0ee8 L1C - ok
09:55:11.0058 0x0ee8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:55:11.0063 0x0ee8 LanmanServer - ok
09:55:11.0079 0x0ee8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:55:11.0083 0x0ee8 LanmanWorkstation - ok
09:55:11.0152 0x0ee8 [ 6BB516A31DE232DAB436FF3A117E1E80, 1B91633C9D2FDD27B1712557E95D5642973105F0161D57E074A0601B666F1221 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:55:11.0165 0x0ee8 Live Updater Service - ok
09:55:11.0270 0x0ee8 [ 20CDB07017497C94A0BAD253C4BAFCBC, 5633D245525F9B8CAC4E87A95B0E19D1F34839483ED75AC8F7661DA29BC87EE7 ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe
09:55:11.0294 0x0ee8 LkCitadelServer - ok
09:55:11.0312 0x0ee8 [ C373079F8D6A3543FAADB96C874CF06B, AF080C0839383E08C8B6CE71120559AFEF2D36F69FBA76F0AB3F2138D6763E15 ] lkClassAds C:\Windows\SysWOW64\lkads.exe
09:55:11.0313 0x0ee8 lkClassAds - ok
09:55:11.0322 0x0ee8 [ ED1C2F1B9B7DEDEE5C6287211AC4422E, A85CC3FB2E1D479CDA0F77778F4DB7A5806B1A708CACCC8C2E068568906B7487 ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe
09:55:11.0324 0x0ee8 lkTimeSync - ok
09:55:11.0357 0x0ee8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:55:11.0363 0x0ee8 lltdio - ok
09:55:11.0399 0x0ee8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:55:11.0405 0x0ee8 lltdsvc - ok
09:55:11.0414 0x0ee8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:55:11.0416 0x0ee8 lmhosts - ok
09:55:11.0455 0x0ee8 [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:55:11.0462 0x0ee8 LMS - ok
09:55:11.0474 0x0ee8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:55:11.0477 0x0ee8 LSI_FC - ok
09:55:11.0507 0x0ee8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:55:11.0509 0x0ee8 LSI_SAS - ok
09:55:11.0526 0x0ee8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:55:11.0528 0x0ee8 LSI_SAS2 - ok
09:55:11.0545 0x0ee8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:55:11.0548 0x0ee8 LSI_SCSI - ok
09:55:11.0566 0x0ee8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
09:55:11.0573 0x0ee8 luafv - ok
09:55:11.0650 0x0ee8 [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:55:11.0660 0x0ee8 MBAMProtector - ok
09:55:11.0784 0x0ee8 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
09:55:11.0815 0x0ee8 MBAMScheduler - ok
09:55:11.0873 0x0ee8 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:55:11.0889 0x0ee8 MBAMService - ok
09:55:11.0959 0x0ee8 [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:55:11.0966 0x0ee8 MBAMSwissArmy - ok
09:55:12.0011 0x0ee8 [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:55:12.0015 0x0ee8 MBAMWebAccessControl - ok
09:55:12.0023 0x0ee8 McAfee SiteAdvisor Service - ok
09:55:12.0055 0x0ee8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:55:12.0057 0x0ee8 Mcx2Svc - ok
09:55:12.0083 0x0ee8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
09:55:12.0084 0x0ee8 megasas - ok
09:55:12.0098 0x0ee8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:55:12.0103 0x0ee8 MegaSR - ok
09:55:12.0128 0x0ee8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:55:12.0132 0x0ee8 MEIx64 - ok
09:55:12.0150 0x0ee8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
09:55:12.0152 0x0ee8 MMCSS - ok
09:55:12.0164 0x0ee8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
09:55:12.0165 0x0ee8 Modem - ok
09:55:12.0177 0x0ee8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:55:12.0178 0x0ee8 monitor - ok
09:55:12.0185 0x0ee8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
09:55:12.0190 0x0ee8 mouclass - ok
09:55:12.0200 0x0ee8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys
09:55:12.0202 0x0ee8 mouhid - ok
09:55:12.0236 0x0ee8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:55:12.0238 0x0ee8 mountmgr - ok
09:55:12.0287 0x0ee8 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:55:12.0294 0x0ee8 MozillaMaintenance - ok
09:55:12.0321 0x0ee8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:55:12.0325 0x0ee8 mpio - ok
09:55:12.0342 0x0ee8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:55:12.0348 0x0ee8 mpsdrv - ok
09:55:12.0406 0x0ee8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:55:12.0427 0x0ee8 MpsSvc - ok
09:55:12.0461 0x0ee8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:55:12.0463 0x0ee8 MRxDAV - ok
09:55:12.0491 0x0ee8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:55:12.0499 0x0ee8 mrxsmb - ok
09:55:12.0517 0x0ee8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:55:12.0528 0x0ee8 mrxsmb10 - ok
09:55:12.0542 0x0ee8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:55:12.0549 0x0ee8 mrxsmb20 - ok
09:55:12.0572 0x0ee8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
09:55:12.0572 0x0ee8 msahci - ok
09:55:12.0587 0x0ee8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:55:12.0589 0x0ee8 msdsm - ok
09:55:12.0608 0x0ee8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
09:55:12.0611 0x0ee8 MSDTC - ok
09:55:12.0644 0x0ee8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:55:12.0647 0x0ee8 Msfs - ok
09:55:12.0654 0x0ee8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:55:12.0655 0x0ee8 mshidkmdf - ok
09:55:12.0667 0x0ee8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:55:12.0668 0x0ee8 msisadrv - ok
09:55:12.0703 0x0ee8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:55:12.0706 0x0ee8 MSiSCSI - ok
09:55:12.0709 0x0ee8 msiserver - ok
09:55:12.0728 0x0ee8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:55:12.0729 0x0ee8 MSKSSRV - ok
09:55:12.0738 0x0ee8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:55:12.0739 0x0ee8 MSPCLOCK - ok
09:55:12.0742 0x0ee8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:55:12.0743 0x0ee8 MSPQM - ok
09:55:12.0759 0x0ee8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:55:12.0765 0x0ee8 MsRPC - ok
09:55:12.0801 0x0ee8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:55:12.0802 0x0ee8 mssmbios - ok
09:55:12.0805 0x0ee8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:55:12.0806 0x0ee8 MSTEE - ok
09:55:12.0818 0x0ee8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:55:12.0819 0x0ee8 MTConfig - ok
09:55:12.0834 0x0ee8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
09:55:12.0835 0x0ee8 Mup - ok
09:55:12.0905 0x0ee8 [ A3BA8A14490FDBF106939C37A125E82C, 261CADBE9E5C2C533746B6AACC1C10D9CCA1C74208DBA6F04A5A339924B2DAC9 ] mxssvr C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
09:55:12.0906 0x0ee8 mxssvr - ok
09:55:12.0970 0x0ee8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
09:55:12.0994 0x0ee8 napagent - ok
09:55:13.0022 0x0ee8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:55:13.0035 0x0ee8 NativeWifiP - ok
09:55:13.0090 0x0ee8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
09:55:13.0108 0x0ee8 NDIS - ok
09:55:13.0140 0x0ee8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:55:13.0141 0x0ee8 NdisCap - ok
09:55:13.0152 0x0ee8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:55:13.0156 0x0ee8 NdisTapi - ok
09:55:13.0168 0x0ee8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:55:13.0173 0x0ee8 Ndisuio - ok
09:55:13.0182 0x0ee8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:55:13.0190 0x0ee8 NdisWan - ok
09:55:13.0201 0x0ee8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:55:13.0206 0x0ee8 NDProxy - ok
09:55:13.0225 0x0ee8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:55:13.0229 0x0ee8 NetBIOS - ok
09:55:13.0268 0x0ee8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:55:13.0273 0x0ee8 NetBT - ok
09:55:13.0286 0x0ee8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
09:55:13.0287 0x0ee8 Netlogon - ok
09:55:13.0348 0x0ee8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
09:55:13.0363 0x0ee8 Netman - ok
09:55:13.0432 0x0ee8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:55:13.0442 0x0ee8 NetMsmqActivator - ok
09:55:13.0455 0x0ee8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:55:13.0460 0x0ee8 NetPipeActivator - ok
09:55:13.0485 0x0ee8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
09:55:13.0495 0x0ee8 netprofm - ok
09:55:13.0527 0x0ee8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:55:13.0529 0x0ee8 NetTcpActivator - ok
09:55:13.0536 0x0ee8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:55:13.0539 0x0ee8 NetTcpPortSharing - ok
09:55:13.0562 0x0ee8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:55:13.0563 0x0ee8 nfrd960 - ok
09:55:13.0632 0x0ee8 [ A36307747E7BB2DC015F9FE4350A4A08, 5ECCA595383C61E13E837200C7CF18EE635F5BE3062003CA61BE5436F8A870DB ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
09:55:13.0642 0x0ee8 NIDomainService - ok
09:55:13.0748 0x0ee8 [ B17093B9A2C5F874975C732C1A8BA771, EAF5AF9A5CCBF982D0A4F8ACEDED25588E67981D938FE17A94F1C9B331709FAB ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
09:55:13.0763 0x0ee8 NILM License Manager - ok
09:55:13.0768 0x0ee8 niSvcLoc - ok
09:55:13.0842 0x0ee8 [ E559CE29CD58CD6B58F3654C24D7A812, E6A40335CF7883A6CF8F2E67C39A08EA32F7F6AD468A91487BE18BA45B276950 ] NITaggerService C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
09:55:13.0863 0x0ee8 NITaggerService - ok
09:55:13.0919 0x0ee8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:55:13.0932 0x0ee8 NlaSvc - ok
09:55:13.0952 0x0ee8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:55:13.0959 0x0ee8 Npfs - ok
09:55:13.0988 0x0ee8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
09:55:13.0990 0x0ee8 nsi - ok
09:55:14.0020 0x0ee8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:55:14.0021 0x0ee8 nsiproxy - ok
09:55:14.0134 0x0ee8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:55:14.0172 0x0ee8 Ntfs - ok
09:55:14.0219 0x0ee8 [ 1873214666F6F0A883742DF91FBC48C9, DCF5382CE338D4B5B0C3A3B722A19B6C7BAB59EB7B266FEF04698B79070E2C4B ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
09:55:14.0224 0x0ee8 NTI IScheduleSvc - ok
09:55:14.0254 0x0ee8 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:55:14.0259 0x0ee8 NTIDrvr - ok
09:55:14.0280 0x0ee8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
09:55:14.0285 0x0ee8 Null - ok
09:55:14.0325 0x0ee8 [ 805F0C2B9C07E4C0F74D0EF70E9E827A, 32D3DA095788F7F7BA52AC56C8C0DD6D9D388ED3ECEAFEF23EDB8F5812FF953E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:55:14.0335 0x0ee8 NVHDA - ok
09:55:14.0398 0x0ee8 [ 9C13BE8806D430B72CC2E80BA72990FB, C8A500DF7DC78A3209DA9DB8032C77B0CACDD2C31704933E197391F546FB4C92 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
09:55:14.0418 0x0ee8 nvkflt - ok
09:55:14.0769 0x0ee8 [ 7A711D08F1FD1AB8149B6199F84A0EB7, 973597EE38B238902C7355E91B0A2FA79AD67BA26C30DE5C3E6649AA934F639B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:55:14.0964 0x0ee8 nvlddmkm - ok
09:55:15.0017 0x0ee8 [ 1B43B01078D3CC3F0322A49E7CEDC99B, 7291F037E7D6D5507F8A08B61E6FC2AF335CAA68E0A068E0A5463EB29F586B00 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
09:55:15.0020 0x0ee8 nvpciflt - ok
09:55:15.0058 0x0ee8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:55:15.0066 0x0ee8 nvraid - ok
09:55:15.0097 0x0ee8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:55:15.0102 0x0ee8 nvstor - ok
09:55:15.0200 0x0ee8 [ B9F3591981D761A5CA1D24C369764D96, 74C0CB77129F3B9929469489BCFCCA77B4692E2C06FB038401C5671C25A6CCDB ] nvsvc C:\Windows\system32\nvvsvc.exe
09:55:15.0225 0x0ee8 nvsvc - ok
09:55:15.0378 0x0ee8 [ A9AFE5B0648C8D7A411A72D8222F7F6E, A58AF8C615D97C769DA778D56F7E6999AAEB577C82C65455D3B2A8ED5B742777 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:55:15.0407 0x0ee8 nvUpdatusService - ok
09:55:15.0424 0x0ee8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:55:15.0426 0x0ee8 nv_agp - ok
09:55:15.0438 0x0ee8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:55:15.0440 0x0ee8 ohci1394 - ok
09:55:15.0468 0x0ee8 [ EAE6208900E2986F66F68B30AEF86E4D, 31D70C867DAFB3E93753D12156844394A987859D15C6D0658032D573B3C92A0E ] OpcEnum C:\Windows\SysWOW64\OpcEnum.exe
09:55:15.0470 0x0ee8 OpcEnum - ok
09:55:15.0542 0x0ee8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:55:15.0550 0x0ee8 ose - ok
09:55:15.0819 0x0ee8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:55:15.0897 0x0ee8 osppsvc - ok
09:55:16.0025 0x0ee8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:55:16.0038 0x0ee8 p2pimsvc - ok
09:55:16.0064 0x0ee8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
09:55:16.0073 0x0ee8 p2psvc - ok
09:55:16.0093 0x0ee8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
09:55:16.0095 0x0ee8 Parport - ok
09:55:16.0128 0x0ee8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:55:16.0129 0x0ee8 partmgr - ok
09:55:16.0166 0x0ee8 [ 5F731DD45D3B176C071E4CCEEB87B06B, 9B090813203FE4A2AA1BEAE942F4023FFE00599A52712B306330565816E55FA1 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
09:55:16.0169 0x0ee8 PassThru Service - ok
09:55:16.0194 0x0ee8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
09:55:16.0198 0x0ee8 PcaSvc - ok
09:55:16.0232 0x0ee8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
09:55:16.0236 0x0ee8 pci - ok
09:55:16.0260 0x0ee8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
09:55:16.0260 0x0ee8 pciide - ok
09:55:16.0274 0x0ee8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:55:16.0278 0x0ee8 pcmcia - ok
09:55:16.0295 0x0ee8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
09:55:16.0296 0x0ee8 pcw - ok
09:55:16.0328 0x0ee8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:55:16.0350 0x0ee8 PEAUTH - ok
09:55:16.0377 0x0ee8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:55:16.0378 0x0ee8 PerfHost - ok
09:55:16.0441 0x0ee8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
09:55:16.0464 0x0ee8 pla - ok
09:55:16.0508 0x0ee8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:55:16.0516 0x0ee8 PlugPlay - ok
09:55:16.0543 0x0ee8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:55:16.0545 0x0ee8 PNRPAutoReg - ok
09:55:16.0567 0x0ee8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:55:16.0573 0x0ee8 PNRPsvc - ok
09:55:16.0609 0x0ee8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:55:16.0617 0x0ee8 PolicyAgent - ok
09:55:16.0649 0x0ee8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
09:55:16.0653 0x0ee8 Power - ok
09:55:16.0672 0x0ee8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:55:16.0680 0x0ee8 PptpMiniport - ok
09:55:16.0692 0x0ee8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
09:55:16.0694 0x0ee8 Processor - ok
09:55:16.0737 0x0ee8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
09:55:16.0742 0x0ee8 ProfSvc - ok
09:55:16.0752 0x0ee8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:55:16.0754 0x0ee8 ProtectedStorage - ok
09:55:16.0774 0x0ee8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:55:16.0778 0x0ee8 Psched - ok
09:55:16.0806 0x0ee8 [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:55:16.0810 0x0ee8 PSI_SVC_2 - ok
09:55:16.0863 0x0ee8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:55:16.0888 0x0ee8 ql2300 - ok
09:55:16.0913 0x0ee8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:55:16.0916 0x0ee8 ql40xx - ok
09:55:16.0949 0x0ee8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
09:55:16.0954 0x0ee8 QWAVE - ok
09:55:16.0963 0x0ee8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:55:16.0964 0x0ee8 QWAVEdrv - ok
09:55:16.0977 0x0ee8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:55:16.0979 0x0ee8 RasAcd - ok
09:55:17.0003 0x0ee8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:55:17.0008 0x0ee8 RasAgileVpn - ok
09:55:17.0015 0x0ee8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
09:55:17.0018 0x0ee8 RasAuto - ok
09:55:17.0042 0x0ee8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:55:17.0049 0x0ee8 Rasl2tp - ok
09:55:17.0079 0x0ee8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
09:55:17.0087 0x0ee8 RasMan - ok
09:55:17.0107 0x0ee8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:55:17.0113 0x0ee8 RasPppoe - ok
09:55:17.0128 0x0ee8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:55:17.0133 0x0ee8 RasSstp - ok
09:55:17.0158 0x0ee8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:55:17.0170 0x0ee8 rdbss - ok
09:55:17.0182 0x0ee8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:55:17.0183 0x0ee8 rdpbus - ok
09:55:17.0201 0x0ee8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:55:17.0201 0x0ee8 RDPCDD - ok
09:55:17.0229 0x0ee8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:55:17.0230 0x0ee8 RDPENCDD - ok
09:55:17.0241 0x0ee8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:55:17.0241 0x0ee8 RDPREFMP - ok
09:55:17.0278 0x0ee8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:55:17.0282 0x0ee8 RDPWD - ok
09:55:17.0290 0x0ee8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:55:17.0294 0x0ee8 rdyboost - ok
09:55:17.0338 0x0ee8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:55:17.0341 0x0ee8 RemoteAccess - ok
09:55:17.0377 0x0ee8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:55:17.0390 0x0ee8 RemoteRegistry - ok
09:55:17.0409 0x0ee8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:55:17.0412 0x0ee8 RpcEptMapper - ok
09:55:17.0421 0x0ee8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
09:55:17.0422 0x0ee8 RpcLocator - ok
09:55:17.0452 0x0ee8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
09:55:17.0461 0x0ee8 RpcSs - ok
09:55:17.0493 0x0ee8 [ D5C3E1629A3F7F0857D27949252B94CE, E6DC44D9A1325D61CEE9E76AE442988ED6EB29DE322844CF8689A1F5184C1E05 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
09:55:17.0499 0x0ee8 RSPCIESTOR - ok
09:55:17.0527 0x0ee8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:55:17.0532 0x0ee8 rspndr - ok
09:55:17.0598 0x0ee8 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
09:55:17.0614 0x0ee8 RS_Service - ok
09:55:17.0663 0x0ee8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
09:55:17.0665 0x0ee8 SamSs - ok
09:55:17.0682 0x0ee8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:55:17.0685 0x0ee8 sbp2port - ok
09:55:17.0711 0x0ee8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:55:17.0717 0x0ee8 SCardSvr - ok
09:55:17.0746 0x0ee8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:55:17.0747 0x0ee8 scfilter - ok
09:55:17.0799 0x0ee8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
09:55:17.0818 0x0ee8 Schedule - ok
09:55:17.0861 0x0ee8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:55:17.0867 0x0ee8 SCPolicySvc - ok
09:55:17.0908 0x0ee8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:55:17.0915 0x0ee8 SDRSVC - ok
09:55:17.0943 0x0ee8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:55:17.0948 0x0ee8 secdrv - ok
09:55:17.0977 0x0ee8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
09:55:17.0980 0x0ee8 seclogon - ok
09:55:18.0007 0x0ee8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
09:55:18.0011 0x0ee8 SENS - ok
09:55:18.0017 0x0ee8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:55:18.0020 0x0ee8 SensrSvc - ok
09:55:18.0036 0x0ee8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:55:18.0037 0x0ee8 Serenum - ok
09:55:18.0054 0x0ee8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
09:55:18.0056 0x0ee8 Serial - ok
09:55:18.0084 0x0ee8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:55:18.0085 0x0ee8 sermouse - ok
09:55:18.0137 0x0ee8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
09:55:18.0148 0x0ee8 SessionEnv - ok
09:55:18.0185 0x0ee8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:55:18.0186 0x0ee8 sffdisk - ok
09:55:18.0226 0x0ee8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:55:18.0228 0x0ee8 sffp_mmc - ok
09:55:18.0236 0x0ee8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:55:18.0238 0x0ee8 sffp_sd - ok
09:55:18.0260 0x0ee8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:55:18.0261 0x0ee8 sfloppy - ok
09:55:18.0314 0x0ee8 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
09:55:18.0331 0x0ee8 Sftfs - ok
09:55:18.0415 0x0ee8 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:55:18.0434 0x0ee8 sftlist - ok
09:55:18.0472 0x0ee8 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:55:18.0485 0x0ee8 Sftplay - ok
09:55:18.0500 0x0ee8 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:55:18.0505 0x0ee8 Sftredir - ok
09:55:18.0523 0x0ee8 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
09:55:18.0528 0x0ee8 Sftvol - ok
09:55:18.0566 0x0ee8 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:55:18.0572 0x0ee8 sftvsa - ok
09:55:18.0673 0x0ee8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:55:18.0685 0x0ee8 SharedAccess - ok
09:55:18.0734 0x0ee8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:55:18.0742 0x0ee8 ShellHWDetection - ok
09:55:18.0761 0x0ee8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:55:18.0762 0x0ee8 SiSRaid2 - ok
09:55:18.0776 0x0ee8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:55:18.0779 0x0ee8 SiSRaid4 - ok
09:55:18.0817 0x0ee8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:55:18.0829 0x0ee8 SkypeUpdate - ok
09:55:18.0850 0x0ee8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:55:18.0853 0x0ee8 Smb - ok
09:55:18.0876 0x0ee8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:55:18.0881 0x0ee8 SNMPTRAP - ok
09:55:18.0897 0x0ee8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
09:55:18.0898 0x0ee8 spldr - ok
09:55:18.0968 0x0ee8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
09:55:18.0984 0x0ee8 Spooler - ok
09:55:19.0152 0x0ee8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
09:55:19.0208 0x0ee8 sppsvc - ok
09:55:19.0302 0x0ee8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:55:19.0310 0x0ee8 sppuinotify - ok
09:55:19.0348 0x0ee8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:55:19.0366 0x0ee8 srv - ok
09:55:19.0384 0x0ee8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:55:19.0399 0x0ee8 srv2 - ok
09:55:19.0414 0x0ee8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:55:19.0422 0x0ee8 srvnet - ok
09:55:19.0460 0x0ee8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:55:19.0464 0x0ee8 SSDPSRV - ok
09:55:19.0484 0x0ee8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:55:19.0487 0x0ee8 SstpSvc - ok
09:55:19.0532 0x0ee8 [ EF806D212D34B0E173BAEB3564D53E37, 6EF229A7B7AFF0268CDF47B77F961BD44335C3B35499BB00CBA494A22B2BA39E ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
09:55:19.0535 0x0ee8 ss_bbus - ok
09:55:19.0572 0x0ee8 [ 08B1B34ABEBEB6AC2DEA06900C56411E, 928EF9B9F194DB07049BA2D7127756B021C2729F562E54F7FECD0F2B2FF5A209 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
09:55:19.0574 0x0ee8 ss_bmdfl - ok
09:55:19.0658 0x0ee8 [ 71A9DA6BEAA4CB54DFB827FB78600A5D, 6393CA17CF6A6F30447FF599B2D27CAB44BA1A709D986AC5E14463303094BE5F ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
09:55:19.0667 0x0ee8 ss_bmdm - ok
09:55:19.0716 0x0ee8 [ 677CDC98F8363ACCAAE783FDE1599C2A, 2ED5125A93AF824CA4D394A36F79996F9EBC84305F565F6024ECDD490A4A1FE2 ] ss_bserd C:\Windows\system32\DRIVERS\ss_bserd.sys
09:55:19.0725 0x0ee8 ss_bserd - ok
09:55:19.0788 0x0ee8 [ 0887B293199AA2055888FABA989ED0A6, 25B0B95F461E90549F17B09143BC7553ACD8C2860064F1146F8EC163DDFFD26A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:55:19.0802 0x0ee8 Stereo Service - ok
09:55:19.0824 0x0ee8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:55:19.0824 0x0ee8 stexstor - ok
09:55:19.0903 0x0ee8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
09:55:19.0930 0x0ee8 stisvc - ok
09:55:19.0953 0x0ee8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
09:55:19.0957 0x0ee8 swenum - ok
09:55:19.0997 0x0ee8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
09:55:20.0008 0x0ee8 swprv - ok
09:55:20.0124 0x0ee8 [ B49FA98AFAD439CD7E33164C3A19BB88, 272497955D1CAAB5CDC3450B3F2DC43F2056EC03586AACD1C3453E5921BFDAD7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:55:20.0160 0x0ee8 SynTP - ok
09:55:20.0271 0x0ee8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
09:55:20.0302 0x0ee8 SysMain - ok
09:55:20.0318 0x0ee8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:55:20.0321 0x0ee8 TabletInputService - ok
09:55:20.0355 0x0ee8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:55:20.0362 0x0ee8 TapiSrv - ok
09:55:20.0377 0x0ee8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
09:55:20.0379 0x0ee8 TBS - ok
09:55:20.0487 0x0ee8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:55:20.0518 0x0ee8 Tcpip - ok
09:55:20.0603 0x0ee8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:55:20.0633 0x0ee8 TCPIP6 - ok
09:55:20.0687 0x0ee8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:55:20.0699 0x0ee8 tcpipreg - ok
09:55:20.0752 0x0ee8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:55:20.0754 0x0ee8 TDPIPE - ok
09:55:20.0788 0x0ee8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:55:20.0790 0x0ee8 TDTCP - ok
09:55:20.0811 0x0ee8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:55:20.0826 0x0ee8 tdx - ok
09:55:20.0838 0x0ee8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
09:55:20.0844 0x0ee8 TermDD - ok
09:55:20.0890 0x0ee8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
09:55:20.0907 0x0ee8 TermService - ok
09:55:20.0928 0x0ee8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
09:55:20.0930 0x0ee8 Themes - ok
09:55:20.0960 0x0ee8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
09:55:20.0962 0x0ee8 THREADORDER - ok
09:55:20.0993 0x0ee8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
09:55:20.0996 0x0ee8 TrkWks - ok
09:55:21.0049 0x0ee8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:55:21.0062 0x0ee8 TrustedInstaller - ok
09:55:21.0105 0x0ee8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:55:21.0106 0x0ee8 tssecsrv - ok
09:55:21.0121 0x0ee8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:55:21.0122 0x0ee8 TsUsbFlt - ok
09:55:21.0148 0x0ee8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:55:21.0149 0x0ee8 TsUsbGD - ok
09:55:21.0162 0x0ee8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:55:21.0165 0x0ee8 tunnel - ok
09:55:21.0193 0x0ee8 [ 48743B69EA47C020A792D8649F753F44, 58BFF60271F62F5CB02A1181F44E94C230DF4A6EC5C072A476B2BED13239A70C ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:55:21.0196 0x0ee8 TurboB - ok
09:55:21.0241 0x0ee8 [ 759F59E3EA3802FF23F93DCDB6FE9171, DB5A6C1EDA10380C14A8C318D6C65ED691C36F726A6A20DB3038D8F55F1B76D8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:55:21.0244 0x0ee8 TurboBoost - ok
09:55:21.0251 0x0ee8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:55:21.0253 0x0ee8 uagp35 - ok
09:55:21.0263 0x0ee8 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:55:21.0267 0x0ee8 UBHelper - ok
09:55:21.0286 0x0ee8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:55:21.0292 0x0ee8 udfs - ok
09:55:21.0326 0x0ee8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:55:21.0328 0x0ee8 UI0Detect - ok
09:55:21.0342 0x0ee8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:55:21.0343 0x0ee8 uliagpkx - ok
09:55:21.0367 0x0ee8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:55:21.0372 0x0ee8 umbus - ok
09:55:21.0388 0x0ee8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
09:55:21.0389 0x0ee8 UmPass - ok
09:55:21.0560 0x0ee8 [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:55:21.0603 0x0ee8 UNS - ok
09:55:21.0662 0x0ee8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
09:55:21.0668 0x0ee8 upnphost - ok
09:55:21.0697 0x0ee8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:55:21.0703 0x0ee8 usbccgp - ok
09:55:21.0736 0x0ee8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:55:21.0738 0x0ee8 usbcir - ok
09:55:21.0780 0x0ee8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:55:21.0784 0x0ee8 usbehci - ok
09:55:21.0823 0x0ee8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:55:21.0836 0x0ee8 usbhub - ok
09:55:21.0853 0x0ee8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:55:21.0854 0x0ee8 usbohci - ok
09:55:21.0879 0x0ee8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:55:21.0880 0x0ee8 usbprint - ok
09:55:21.0902 0x0ee8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:55:21.0904 0x0ee8 USBSTOR - ok
09:55:21.0912 0x0ee8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:55:21.0913 0x0ee8 usbuhci - ok
09:55:21.0964 0x0ee8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:55:21.0979 0x0ee8 usbvideo - ok
09:55:22.0016 0x0ee8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
09:55:22.0018 0x0ee8 UxSms - ok
09:55:22.0030 0x0ee8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
09:55:22.0032 0x0ee8 VaultSvc - ok
09:55:22.0070 0x0ee8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:55:22.0072 0x0ee8 vdrvroot - ok
09:55:22.0105 0x0ee8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
09:55:22.0118 0x0ee8 vds - ok
09:55:22.0133 0x0ee8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:55:22.0134 0x0ee8 vga - ok
09:55:22.0148 0x0ee8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:55:22.0152 0x0ee8 VgaSave - ok
09:55:22.0169 0x0ee8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:55:22.0173 0x0ee8 vhdmp - ok
09:55:22.0194 0x0ee8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
09:55:22.0195 0x0ee8 viaide - ok
09:55:22.0222 0x0ee8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:55:22.0223 0x0ee8 volmgr - ok
09:55:22.0244 0x0ee8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:55:22.0250 0x0ee8 volmgrx - ok
09:55:22.0268 0x0ee8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:55:22.0273 0x0ee8 volsnap - ok
09:55:22.0287 0x0ee8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:55:22.0290 0x0ee8 vsmraid - ok
09:55:22.0404 0x0ee8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
09:55:22.0435 0x0ee8 VSS - ok
09:55:22.0449 0x0ee8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:55:22.0452 0x0ee8 vwifibus - ok
09:55:22.0464 0x0ee8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:55:22.0469 0x0ee8 vwififlt - ok
09:55:22.0491 0x0ee8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
09:55:22.0498 0x0ee8 W32Time - ok
09:55:22.0522 0x0ee8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:55:22.0523 0x0ee8 WacomPen - ok
09:55:22.0543 0x0ee8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:55:22.0548 0x0ee8 WANARP - ok
09:55:22.0554 0x0ee8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:55:22.0556 0x0ee8 Wanarpv6 - ok
09:55:22.0612 0x0ee8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
09:55:22.0636 0x0ee8 wbengine - ok
09:55:22.0707 0x0ee8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:55:22.0719 0x0ee8 WbioSrvc - ok
09:55:22.0750 0x0ee8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:55:22.0761 0x0ee8 wcncsvc - ok
09:55:22.0771 0x0ee8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:55:22.0774 0x0ee8 WcsPlugInService - ok
09:55:22.0804 0x0ee8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
09:55:22.0805 0x0ee8 Wd - ok
09:55:22.0861 0x0ee8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:55:22.0874 0x0ee8 Wdf01000 - ok
09:55:22.0897 0x0ee8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:55:22.0900 0x0ee8 WdiServiceHost - ok
09:55:22.0906 0x0ee8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:55:22.0908 0x0ee8 WdiSystemHost - ok
09:55:22.0951 0x0ee8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
09:55:22.0956 0x0ee8 WebClient - ok
09:55:22.0970 0x0ee8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:55:22.0975 0x0ee8 Wecsvc - ok
09:55:22.0995 0x0ee8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:55:22.0997 0x0ee8 wercplsupport - ok
09:55:23.0028 0x0ee8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
09:55:23.0030 0x0ee8 WerSvc - ok
09:55:23.0054 0x0ee8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:55:23.0057 0x0ee8 WfpLwf - ok
09:55:23.0071 0x0ee8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:55:23.0072 0x0ee8 WIMMount - ok
09:55:23.0090 0x0ee8 WinDefend - ok
09:55:23.0114 0x0ee8 WinHttpAutoProxySvc - ok
09:55:23.0201 0x0ee8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:55:23.0218 0x0ee8 Winmgmt - ok
09:55:23.0321 0x0ee8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
09:55:23.0370 0x0ee8 WinRM - ok
09:55:23.0419 0x0ee8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:55:23.0420 0x0ee8 WinUsb - ok
09:55:23.0507 0x0ee8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:55:23.0529 0x0ee8 Wlansvc - ok
09:55:23.0584 0x0ee8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:55:23.0585 0x0ee8 wlcrasvc - ok
09:55:23.0798 0x0ee8 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:55:23.0836 0x0ee8 wlidsvc - ok
09:55:23.0867 0x0ee8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:55:23.0868 0x0ee8 WmiAcpi - ok
09:55:23.0897 0x0ee8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:55:23.0901 0x0ee8 wmiApSrv - ok
09:55:23.0927 0x0ee8 WMPNetworkSvc - ok
09:55:23.0947 0x0ee8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:55:23.0948 0x0ee8 WPCSvc - ok
09:55:23.0959 0x0ee8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:55:23.0962 0x0ee8 WPDBusEnum - ok
09:55:23.0994 0x0ee8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
|
|
| Themen zu popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version |
| exploit.drop.gsa, hijack.userinit, msil/domaiq.t, pup.optional.babylon.a, pup.optional.bandoo, pup.optional.bundleinstaller.a, pup.optional.crossrider.a, pup.optional.delta, pup.optional.delta.a, pup.optional.nationzoom.a, pup.optional.nextlive.a, pup.optional.qone8, pup.optional.scramblepacker.a, pup.optional.skytech.a, pup.optional.tugluu.a, pup.optional.wpmanager, seite kann nicht angezeigt werden, trojan.rotbrowse, win32/dealply.o, win32/downloadsponsor.a, win32/elex.ad, win32/elex.ae, win32/nationzoom.a, win32/nextlive.a, win32/thinknice.a, win32/thinknice.b |
WARNUNG an die MITLESER: 
Linear-Darstellung
