Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Dropper- und Trojanerfund durch avast und malware bytes

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.07.2014, 23:38   #1
Klmzt
 
Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



Durch einen Routine Check auf diese Plagegeister gestoßen. Malwarebytes hat eher Böses gefunden. Ich habe mich schon informiert und ahne schon schlimmstes, hoffentlich wurde kein Backdoor eingerichtet
Naja hier ist mal der Malwarebytes log:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.07.2014
Suchlauf-Zeit: 23:36:04
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.04.11
Rootkit Datenbank: v2014.07.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: .........

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 291663
Verstrichene Zeit: 9 Min, 36 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 7
PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$RI8KEYA.exe, In Quarantäne, [8308574443381620bc32b6df58a94cb4], 
PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$RL774X2.exe, In Quarantäne, [6823f9a283f85dd9d11df3a23bc645bb], 
PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$RP3X9CS.exe, In Quarantäne, [216ab0ebe596c76fde10365f3fc201ff], 
PUP.Optional.OutBrowse, C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$RW4C5HA.exe, In Quarantäne, [2962900b2b5078beeb85cccb07faf709], 
PUP.Optional.Outbrowse, C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$RYWT5UW.exe, In Quarantäne, [66250b907dfe3402088496aa29d9f010], 
PUP.Optional.InstallCore, C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$RBFTEJK.exe, In Quarantäne, [9cef0e8da7d449ed76e9f38921e33ac6], 
PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$R4MD916.exe, In Quarantäne, [d7b44754205b1026aa4403920ef306fa], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Hab leider keine logdatein von avast


Hab auch schon den tdsskiller verwendet (hätte ich vielleicht nicht machen sollen)
Code:
ATTFilter
23:00:41.0214 0x1724  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
23:00:41.0214 0x1724  UEFI system
23:00:43.0203 0x1724  ============================================================
23:00:43.0203 0x1724  Current date / time: 2014/07/04 23:00:43.0203
23:00:43.0203 0x1724  SystemInfo:
23:00:43.0203 0x1724  
23:00:43.0203 0x1724  OS Version: 6.3.9600 ServicePack: 0.0
23:00:43.0203 0x1724  Product type: Workstation
23:00:43.0203 0x1724  ComputerName: ..........
23:00:43.0203 0x1724  UserName: ..........
23:00:43.0203 0x1724  Windows directory: C:\Windows
23:00:43.0203 0x1724  System windows directory: C:\Windows
23:00:43.0203 0x1724  Running under WOW64
23:00:43.0203 0x1724  Processor architecture: Intel x64
23:00:43.0203 0x1724  Number of processors: 4
23:00:43.0203 0x1724  Page size: 0x1000
23:00:43.0203 0x1724  Boot type: Normal boot
23:00:43.0203 0x1724  ============================================================
23:00:44.0063 0x1724  KLMD registered as C:\Windows\system32\drivers\32683320.sys
23:00:44.0732 0x1724  System UUID: {6E03D6E4-7D49-CE0C-5ED9-3C17E7BCB431}
23:00:45.0268 0x1724  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:00:45.0280 0x1724  ============================================================
23:00:45.0280 0x1724  \Device\Harddisk0\DR0:
23:00:45.0280 0x1724  GPT partitions:
23:00:45.0282 0x1724  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3D144CAB-8E85-42F7-A63A-9670FBD02664}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
23:00:45.0282 0x1724  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {55AFAC51-43C6-4405-B450-F9520AAE59A7}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
23:00:45.0282 0x1724  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FC53217C-1135-4FE5-82A2-DCEE532A61F1}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
23:00:45.0282 0x1724  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D9072B83-329A-420C-8602-091ECA0CF6E9}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x378E8000
23:00:45.0282 0x1724  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5B71D179-0848-4A9E-AEB4-E555F06F813B}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
23:00:45.0282 0x1724  MBR partitions:
23:00:45.0282 0x1724  ============================================================
23:00:45.0311 0x1724  C: <-> \Device\Harddisk0\DR0\Partition4
23:00:45.0311 0x1724  ============================================================
23:00:45.0311 0x1724  Initialize success
23:00:45.0311 0x1724  ============================================================
23:00:47.0124 0x0970  ============================================================
23:00:47.0124 0x0970  Scan started
23:00:47.0124 0x0970  Mode: Manual; 
23:00:47.0124 0x0970  ============================================================
23:00:47.0124 0x0970  KSN ping started
23:00:49.0757 0x0970  KSN ping finished: true
23:00:50.0990 0x0970  ================ Scan system memory ========================
23:00:50.0990 0x0970  System memory - ok
23:00:50.0990 0x0970  ================ Scan services =============================
23:00:51.0177 0x0970  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
23:00:51.0182 0x0970  1394ohci - ok
23:00:51.0223 0x0970  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
23:00:51.0225 0x0970  3ware - ok
23:00:51.0249 0x0970  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:00:51.0263 0x0970  ACPI - ok
23:00:51.0273 0x0970  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
23:00:51.0275 0x0970  acpiex - ok
23:00:51.0288 0x0970  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
23:00:51.0289 0x0970  acpipagr - ok
23:00:51.0317 0x0970  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
23:00:51.0318 0x0970  AcpiPmi - ok
23:00:51.0326 0x0970  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
23:00:51.0327 0x0970  acpitime - ok
23:00:51.0362 0x0970  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
23:00:51.0377 0x0970  ADP80XX - ok
23:00:51.0428 0x0970  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:00:51.0433 0x0970  AeLookupSvc - ok
23:00:51.0471 0x0970  [ 7C7BE474915166B61B84C025F1F10157, 41F5E2C29F602D272138A6FA0E0FC3369491DABEFF123EF3914613979BA6BDA8 ] AFD             C:\Windows\system32\drivers\afd.sys
23:00:51.0479 0x0970  AFD - ok
23:00:51.0490 0x0970  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:00:51.0491 0x0970  agp440 - ok
23:00:51.0512 0x0970  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
23:00:51.0514 0x0970  ahcache - ok
23:00:51.0547 0x0970  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
23:00:51.0549 0x0970  ALG - ok
23:00:51.0587 0x0970  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
23:00:51.0589 0x0970  AmdK8 - ok
23:00:51.0603 0x0970  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
23:00:51.0605 0x0970  AmdPPM - ok
23:00:51.0616 0x0970  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:00:51.0618 0x0970  amdsata - ok
23:00:51.0640 0x0970  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:00:51.0646 0x0970  amdsbs - ok
23:00:51.0655 0x0970  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:00:51.0656 0x0970  amdxata - ok
23:00:51.0672 0x0970  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\Windows\system32\drivers\appid.sys
23:00:51.0674 0x0970  AppID - ok
23:00:51.0710 0x0970  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:00:51.0711 0x0970  AppIDSvc - ok
23:00:51.0731 0x0970  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\Windows\System32\appinfo.dll
23:00:51.0734 0x0970  Appinfo - ok
23:00:51.0757 0x0970  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
23:00:51.0768 0x0970  AppReadiness - ok
23:00:51.0830 0x0970  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
23:00:51.0876 0x0970  AppXSvc - ok
23:00:51.0909 0x0970  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:00:51.0911 0x0970  arcsas - ok
23:00:52.0004 0x0970  [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:00:52.0006 0x0970  ASLDRService - ok
23:00:52.0022 0x0970  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:00:52.0023 0x0970  ASMMAP64 - ok
23:00:52.0069 0x0970  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
23:00:52.0070 0x0970  aswHwid - ok
23:00:52.0092 0x0970  [ D421F374BE2213E910CD133708DDE60E, 951C50BCDC24921F6D25D6704D3A8D054F89B30EFFB8E2A0E2826D8BCDAC9847 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
23:00:52.0093 0x0970  aswKbd - ok
23:00:52.0121 0x0970  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
23:00:52.0123 0x0970  aswMonFlt - ok
23:00:52.0174 0x0970  [ 79826FB8C979740D135C3E77A26C63BB, 5BF69B1CAA92CA6BE7E438B8988C561B5D2F30B81CFFA570725F1653ADD40004 ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
23:00:52.0182 0x0970  aswNdisFlt - ok
23:00:52.0223 0x0970  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
23:00:52.0225 0x0970  aswRdr - ok
23:00:52.0241 0x0970  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
23:00:52.0244 0x0970  aswRvrt - ok
23:00:52.0286 0x0970  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
23:00:52.0306 0x0970  aswSnx - ok
23:00:52.0367 0x0970  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
23:00:52.0375 0x0970  aswSP - ok
23:00:52.0400 0x0970  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
23:00:52.0402 0x0970  aswStm - ok
23:00:52.0428 0x0970  [ F87990FDBDD4DC037343A80BD7E67538, B81B71F65BC23629C7EB79EE7B4DE38BBE155B1FC37EE66D50E2677C6CA50934 ] aswTap          C:\Windows\system32\DRIVERS\aswTap.sys
23:00:52.0430 0x0970  aswTap - ok
23:00:52.0445 0x0970  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
23:00:52.0448 0x0970  aswVmm - ok
23:00:52.0461 0x0970  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:00:52.0462 0x0970  atapi - ok
23:00:52.0498 0x0970  [ 427A6D1397E826B370D025EE73A50E6E, FC8BAB3AA95B55D59B8DF9F97C87D1F3CEAB609A3E6C8BD576F3BF9047C6A120 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
23:00:52.0500 0x0970  AthBTPort - ok
23:00:52.0556 0x0970  [ 54D0CDDB72425D42F7B504EE392E9653, 925FC00DC1222ECC8D750E240E8C159CF46F0BDBAADCDB2108892CF2CD91ED79 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
23:00:52.0560 0x0970  AtherosSvc - ok
23:00:52.0667 0x0970  [ 688941322FB20DB0407B6F149607517D, 53ABFCE11485E307D56598BF03121DDCD8D3E75FE2D85E513252C5A649D7EBAD ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
23:00:52.0766 0x0970  athr - ok
23:00:52.0790 0x0970  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:00:52.0791 0x0970  ATKGFNEXSrv - ok
23:00:52.0820 0x0970  [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
23:00:52.0822 0x0970  atksgt - ok
23:00:52.0850 0x0970  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:00:52.0851 0x0970  ATKWMIACPIIO - ok
23:00:52.0873 0x0970  [ 3903D1056E778BAEFA310B9B6EA6053E, 863977B4166A04557E154C41AC3B194A9F5C56C6090E8DE47C0D9D0E8CBD648E ] ATP             C:\Windows\System32\drivers\AsusTP.sys
23:00:52.0875 0x0970  ATP - ok
23:00:52.0908 0x0970  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
23:00:52.0913 0x0970  AudioEndpointBuilder - ok
23:00:52.0946 0x0970  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:00:52.0961 0x0970  Audiosrv - ok
23:00:53.0065 0x0970  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:00:53.0066 0x0970  avast! Antivirus - ok
23:00:53.0089 0x0970  [ D386D51B1839E208EF7CCFBFA964638E, 56BF72AE80DFBB5A99A060591A9250BA0D4B9FDF1BEF23C87B61169D2D0EF111 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
23:00:53.0091 0x0970  avast! Firewall - ok
23:00:53.0124 0x0970  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:00:53.0126 0x0970  AxInstSV - ok
23:00:53.0172 0x0970  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:00:53.0183 0x0970  b06bdrv - ok
23:00:53.0198 0x0970  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
23:00:53.0200 0x0970  BasicDisplay - ok
23:00:53.0210 0x0970  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
23:00:53.0211 0x0970  BasicRender - ok
23:00:53.0225 0x0970  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
23:00:53.0226 0x0970  bcmfn2 - ok
23:00:53.0244 0x0970  [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:00:53.0251 0x0970  BDESVC - ok
23:00:53.0284 0x0970  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
23:00:53.0285 0x0970  Beep - ok
23:00:53.0333 0x0970  [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE             C:\Windows\System32\bfe.dll
23:00:53.0349 0x0970  BFE - ok
23:00:53.0400 0x0970  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
23:00:53.0422 0x0970  BITS - ok
23:00:53.0444 0x0970  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:00:53.0446 0x0970  bowser - ok
23:00:53.0472 0x0970  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
23:00:53.0479 0x0970  BrokerInfrastructure - ok
23:00:53.0511 0x0970  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\Windows\System32\browser.dll
23:00:53.0514 0x0970  Browser - ok
23:00:53.0550 0x0970  [ E9B6AC24CB3737D2F93C05590B4A9048, 7CFDF93947925EDF6D6C0AD9E3A31AF098E8F8574AFCD8C7B3242E29A1F38CDD ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
23:00:53.0557 0x0970  BTATH_A2DP - ok
23:00:53.0573 0x0970  [ 2BD94FC9AB890A7A7CEF81E5F1A2D421, 0B572D0F6558CA37164A15A8D9DF13160BBF6DA119B8E92436B3DCFA19361E31 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
23:00:53.0575 0x0970  btath_avdt - ok
23:00:53.0595 0x0970  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
23:00:53.0598 0x0970  BTATH_HCRP - ok
23:00:53.0617 0x0970  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
23:00:53.0619 0x0970  BTATH_LWFLT - ok
23:00:53.0639 0x0970  [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
23:00:53.0642 0x0970  BTATH_RCP - ok
23:00:53.0667 0x0970  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
23:00:53.0678 0x0970  BtFilter - ok
23:00:53.0719 0x0970  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
23:00:53.0721 0x0970  BthAvrcpTg - ok
23:00:53.0734 0x0970  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
23:00:53.0736 0x0970  BthEnum - ok
23:00:53.0749 0x0970  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
23:00:53.0751 0x0970  BthHFEnum - ok
23:00:53.0764 0x0970  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
23:00:53.0765 0x0970  bthhfhid - ok
23:00:53.0792 0x0970  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
23:00:53.0797 0x0970  BthLEEnum - ok
23:00:53.0815 0x0970  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
23:00:53.0817 0x0970  BTHMODEM - ok
23:00:53.0841 0x0970  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:00:53.0844 0x0970  BthPan - ok
23:00:53.0903 0x0970  [ 92370F46AF28D54B67C135FA8C2AFCFC, B1C0DBF27D392DEA8786AB9479C6CCD5A5DBDF3BE25ABA5FC7C6DB6D3EEE739B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
23:00:53.0929 0x0970  BTHPORT - ok
23:00:53.0963 0x0970  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
23:00:53.0966 0x0970  bthserv - ok
23:00:53.0982 0x0970  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
23:00:53.0984 0x0970  BTHUSB - ok
23:00:53.0999 0x0970  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:00:54.0002 0x0970  cdfs - ok
23:00:54.0026 0x0970  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
23:00:54.0028 0x0970  cdrom - ok
23:00:54.0043 0x0970  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:00:54.0048 0x0970  CertPropSvc - ok
23:00:54.0079 0x0970  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
23:00:54.0080 0x0970  circlass - ok
23:00:54.0120 0x0970  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
23:00:54.0127 0x0970  CLFS - ok
23:00:54.0171 0x0970  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
23:00:54.0172 0x0970  CmBatt - ok
23:00:54.0212 0x0970  [ 4627C1FBF2802425A408A2D2AF28CF85, 8B91C1BE1104BE93C0D689A20315FD106D89A076267493319B104EE73A90CDCB ] CNG             C:\Windows\system32\Drivers\cng.sys
23:00:54.0223 0x0970  CNG - ok
23:00:54.0235 0x0970  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
23:00:54.0236 0x0970  CompositeBus - ok
23:00:54.0239 0x0970  COMSysApp - ok
23:00:54.0250 0x0970  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
23:00:54.0251 0x0970  condrv - ok
23:00:54.0336 0x0970  [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
23:00:54.0344 0x0970  cphs - ok
23:00:54.0374 0x0970  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:00:54.0378 0x0970  CryptSvc - ok
23:00:54.0392 0x0970  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
23:00:54.0394 0x0970  dam - ok
23:00:54.0443 0x0970  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:00:54.0457 0x0970  DcomLaunch - ok
23:00:54.0505 0x0970  [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:00:54.0514 0x0970  defragsvc - ok
23:00:54.0550 0x0970  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
23:00:54.0558 0x0970  DeviceAssociationService - ok
23:00:54.0594 0x0970  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
23:00:54.0599 0x0970  DeviceInstall - ok
23:00:54.0611 0x0970  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
23:00:54.0615 0x0970  Dfsc - ok
23:00:54.0670 0x0970  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:00:54.0678 0x0970  Dhcp - ok
23:00:54.0716 0x0970  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
23:00:54.0718 0x0970  disk - ok
23:00:54.0745 0x0970  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
23:00:54.0746 0x0970  dmvsc - ok
23:00:54.0767 0x0970  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:00:54.0774 0x0970  Dnscache - ok
23:00:54.0805 0x0970  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
23:00:54.0811 0x0970  dot3svc - ok
23:00:54.0832 0x0970  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
23:00:54.0838 0x0970  DPS - ok
23:00:54.0864 0x0970  [ 68E2849CF59D54557F5CC6911EE5B26F, 902768EEB69EAADB7AB2935C5B283D48329FC91FD1BC2BE61993D2C31D05A54E ] DptfDevDram     C:\Windows\system32\DRIVERS\DptfDevDram.sys
23:00:54.0866 0x0970  DptfDevDram - ok
23:00:54.0883 0x0970  [ 76C91DB88A8CEE7711F41ADF08128522, 584AFB7076D8C6D200444E5D376A8934285DF7D8A9B41C076E350F258D43B8EB ] DptfDevPch      C:\Windows\system32\DRIVERS\DptfDevPch.sys
23:00:54.0885 0x0970  DptfDevPch - ok
23:00:54.0902 0x0970  [ 82D5BA44F3A32EE7D41D2E8B4361AD9B, BFC8059C4208E79E0A52F86A28A5E119F059DC1CD03564675A1554CE916AD5A5 ] DptfDevProc     C:\Windows\system32\DRIVERS\DptfDevProc.sys
23:00:54.0904 0x0970  DptfDevProc - ok
23:00:54.0920 0x0970  [ 66AA3E34E06A32B60573926DD861D70E, 1888D8B35460E3D1F73B495D90BFA0D14AE405F50A010A8555558DFC6E233C7A ] DptfManager     C:\Windows\system32\DRIVERS\DptfManager.sys
23:00:54.0923 0x0970  DptfManager - ok
23:00:54.0935 0x0970  [ 058388D2D86C28C6C345B52ECF251FF7, 81D0A652F419F1B95E10245480BDF168C74370760B574987F0F88D6C9097BCA9 ] DptfParticipantProcessorService C:\Windows\system32\DptfParticipantProcessorService.exe
23:00:54.0937 0x0970  DptfParticipantProcessorService - ok
23:00:54.0963 0x0970  [ DD102BC049487894B5214E5CC890F7C7, 340A24CBB4961F5D50835597E418368D60E2BDFB6E9C89DC546E1D9C77066A99 ] DptfPolicyConfigTDPService C:\Windows\system32\DptfPolicyConfigTDPService.exe
23:00:54.0966 0x0970  DptfPolicyConfigTDPService - ok
23:00:54.0986 0x0970  [ 920DA0F094DDE55DF835FECD7304A0C1, 5EE88CE2F7BA292F60618B5EC4EC87C2417CD12A20306966B5DC68D7687EFDA0 ] DptfPolicyCriticalService C:\Windows\system32\DptfPolicyCriticalService.exe
23:00:54.0988 0x0970  DptfPolicyCriticalService - ok
23:00:55.0006 0x0970  [ 4BA8E65371129900116259D8513644EB, A5DEE74D2C9DA0C1185333B4A3D22815104423682645BB4E2A5E8E7DB766D41E ] DptfPolicyLpmService C:\Windows\system32\DptfPolicyLpmService.exe
23:00:55.0008 0x0970  DptfPolicyLpmService - ok
23:00:55.0017 0x0970  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:00:55.0018 0x0970  drmkaud - ok
23:00:55.0053 0x0970  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
23:00:55.0058 0x0970  DsmSvc - ok
23:00:55.0129 0x0970  [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:00:55.0182 0x0970  DXGKrnl - ok
23:00:55.0235 0x0970  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
23:00:55.0238 0x0970  Eaphost - ok
23:00:55.0340 0x0970  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:00:55.0419 0x0970  ebdrv - ok
23:00:55.0447 0x0970  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\Windows\System32\lsass.exe
23:00:55.0450 0x0970  EFS - ok
23:00:55.0464 0x0970  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
23:00:55.0468 0x0970  EhStorClass - ok
23:00:55.0483 0x0970  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
23:00:55.0486 0x0970  EhStorTcgDrv - ok
23:00:55.0520 0x0970  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
23:00:55.0521 0x0970  ErrDev - ok
23:00:55.0573 0x0970  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
23:00:55.0581 0x0970  EventSystem - ok
23:00:55.0613 0x0970  [ D83EB7ADE99D99A4CD6568AC1261D35E, 92F7ACBFE9CD717129176CEDF33FCA738C0FE0AFC5F2C22C894AB605A3F0747C ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
23:00:55.0617 0x0970  ewusbnet - ok
23:00:55.0627 0x0970  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
23:00:55.0629 0x0970  ew_hwusbdev - ok
23:00:55.0656 0x0970  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:00:55.0661 0x0970  exfat - ok
23:00:55.0703 0x0970  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:00:55.0708 0x0970  fastfat - ok
23:00:55.0755 0x0970  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
23:00:55.0768 0x0970  Fax - ok
23:00:55.0778 0x0970  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
23:00:55.0780 0x0970  fdc - ok
23:00:55.0822 0x0970  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
23:00:55.0824 0x0970  fdPHost - ok
23:00:55.0850 0x0970  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
23:00:55.0852 0x0970  FDResPub - ok
23:00:55.0868 0x0970  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
23:00:55.0871 0x0970  fhsvc - ok
23:00:55.0891 0x0970  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:00:55.0893 0x0970  FileInfo - ok
23:00:55.0905 0x0970  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:00:55.0906 0x0970  Filetrace - ok
23:00:55.0923 0x0970  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
23:00:55.0924 0x0970  flpydisk - ok
23:00:55.0956 0x0970  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:00:55.0964 0x0970  FltMgr - ok
23:00:56.0008 0x0970  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\Windows\system32\FntCache.dll
23:00:56.0051 0x0970  FontCache - ok
23:00:56.0155 0x0970  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:00:56.0157 0x0970  FontCache3.0.0.0 - ok
23:00:56.0185 0x0970  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:00:56.0186 0x0970  FsDepends - ok
23:00:56.0195 0x0970  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:00:56.0196 0x0970  Fs_Rec - ok
23:00:56.0232 0x0970  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:00:56.0241 0x0970  fvevol - ok
23:00:56.0250 0x0970  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
23:00:56.0251 0x0970  FxPPM - ok
23:00:56.0271 0x0970  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:00:56.0273 0x0970  gagp30kx - ok
23:00:56.0303 0x0970  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
23:00:56.0304 0x0970  gencounter - ok
23:00:56.0323 0x0970  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
23:00:56.0327 0x0970  GPIOClx0101 - ok
23:00:56.0377 0x0970  [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc           C:\Windows\System32\gpsvc.dll
23:00:56.0422 0x0970  gpsvc - ok
23:00:56.0454 0x0970  [ C41EB965A9DC4844F156E628F75AE876, 3E250704E6C30FAFE0FDE2BB259452761AFB7AAC3A7026ADB960079D06870C84 ] Hamachi         C:\Windows\system32\DRIVERS\Hamdrv.sys
23:00:56.0456 0x0970  Hamachi - ok
23:00:56.0575 0x0970  [ 8E459BA8360F33D64BE96F9550E56EE8, AA0568EE4DE90C7D6001759BADE17729E4420DEBE106DB8AFDC2B4E1C518DC49 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
23:00:56.0610 0x0970  Hamachi2Svc - ok
23:00:56.0644 0x0970  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
23:00:56.0646 0x0970  HDAudBus - ok
23:00:56.0671 0x0970  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
23:00:56.0672 0x0970  HidBatt - ok
23:00:56.0715 0x0970  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
23:00:56.0717 0x0970  HidBth - ok
23:00:56.0728 0x0970  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
23:00:56.0730 0x0970  hidi2c - ok
23:00:56.0740 0x0970  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
23:00:56.0741 0x0970  HidIr - ok
23:00:56.0773 0x0970  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
23:00:56.0776 0x0970  hidserv - ok
23:00:56.0797 0x0970  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
23:00:56.0798 0x0970  HIDSwitch - ok
23:00:56.0832 0x0970  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
23:00:56.0834 0x0970  HidUsb - ok
23:00:56.0871 0x0970  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:00:56.0874 0x0970  hkmsvc - ok
23:00:56.0892 0x0970  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:00:56.0901 0x0970  HomeGroupListener - ok
23:00:56.0942 0x0970  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:00:56.0953 0x0970  HomeGroupProvider - ok
23:00:56.0984 0x0970  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:00:56.0986 0x0970  HpSAMD - ok
23:00:57.0024 0x0970  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:00:57.0038 0x0970  HTTP - ok
23:00:57.0071 0x0970  [ C2212C930D7A6CC21972B9882683D271, 94DAAFE964E33B44A82410CF286B273DFFFE207813EE07EA82CB7839EE2C5F11 ] huawei_enumerator C:\Windows\System32\drivers\ew_jubusenum.sys
23:00:57.0073 0x0970  huawei_enumerator - ok
23:00:57.0102 0x0970  [ 6E05228393CD614B983568EC40C262C3, CEB1CFDD346534F01A52D2E7004B0220692FC67CAD874FE04740ECDA2F92767D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:00:57.0104 0x0970  hwdatacard - ok
23:00:57.0153 0x0970  HWDeviceService64.exe - ok
23:00:57.0182 0x0970  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:00:57.0183 0x0970  hwpolicy - ok
23:00:57.0224 0x0970  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
23:00:57.0226 0x0970  hyperkbd - ok
23:00:57.0244 0x0970  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
23:00:57.0245 0x0970  HyperVideo - ok
23:00:57.0274 0x0970  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
23:00:57.0276 0x0970  i8042prt - ok
23:00:57.0281 0x0970  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
23:00:57.0282 0x0970  iaLPSSi_GPIO - ok
23:00:57.0293 0x0970  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
23:00:57.0295 0x0970  iaLPSSi_I2C - ok
23:00:57.0337 0x0970  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
23:00:57.0347 0x0970  iaStorA - ok
23:00:57.0370 0x0970  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
23:00:57.0383 0x0970  iaStorAV - ok
23:00:57.0409 0x0970  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:00:57.0417 0x0970  iaStorV - ok
23:00:57.0420 0x0970  IEEtwCollectorService - ok
23:00:57.0537 0x0970  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:00:57.0639 0x0970  igfx - ok
23:00:57.0703 0x0970  [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:00:57.0724 0x0970  IKEEXT - ok
23:00:57.0761 0x0970  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
23:00:57.0762 0x0970  intaud_WaveExtensible - ok
23:00:57.0872 0x0970  [ 6C7970A8E0546A4D9466E0045C7DB199, 70F2D58514C8E1A1E10B833236213F87F34AEB06ACC0D4C0DF61FCD69F8F1E07 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:00:57.0920 0x0970  IntcAzAudAddService - ok
23:00:57.0950 0x0970  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:00:57.0959 0x0970  IntcDAud - ok
23:00:58.0091 0x0970  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:00:58.0105 0x0970  Intel(R) Capability Licensing Service Interface - ok
23:00:58.0131 0x0970  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
23:00:58.0148 0x0970  Intel(R) Capability Licensing Service TCP IP Interface - ok
23:00:58.0184 0x0970  [ 726BFAF3DC2071218F0AE53C919A4D3B, 7934BB42C16F1DAA80AB92FA4AF4BFDD2B8AF73EF55D95950E4A77DBB3DCBF4A ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
23:00:58.0186 0x0970  Intel(R) ME Service - ok
23:00:58.0197 0x0970  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:00:58.0198 0x0970  intelide - ok
23:00:58.0219 0x0970  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\Windows\system32\drivers\intelpep.sys
23:00:58.0220 0x0970  intelpep - ok
23:00:58.0253 0x0970  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
23:00:58.0255 0x0970  intelppm - ok
23:00:58.0274 0x0970  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:00:58.0277 0x0970  IpFilterDriver - ok
23:00:58.0337 0x0970  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:00:58.0356 0x0970  iphlpsvc - ok
23:00:58.0392 0x0970  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
23:00:58.0393 0x0970  IPMIDRV - ok
23:00:58.0412 0x0970  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:00:58.0415 0x0970  IPNAT - ok
23:00:58.0450 0x0970  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:00:58.0451 0x0970  IRENUM - ok
23:00:58.0459 0x0970  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:00:58.0460 0x0970  isapnp - ok
23:00:58.0507 0x0970  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
23:00:58.0513 0x0970  iScsiPrt - ok
23:00:58.0555 0x0970  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
23:00:58.0556 0x0970  iwdbus - ok
23:00:58.0580 0x0970  [ 1128B38EEC9DAF1B36373B65E87C00A3, 071E9454B9B442C2C3272FBC1AE5E92911A23CDB99F1C718C34067A70B99F910 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:00:58.0583 0x0970  jhi_service - ok
23:00:58.0616 0x0970  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
23:00:58.0617 0x0970  kbdclass - ok
23:00:58.0628 0x0970  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
23:00:58.0630 0x0970  kbdhid - ok
23:00:58.0649 0x0970  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
23:00:58.0651 0x0970  kbfiltr - ok
23:00:58.0664 0x0970  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
23:00:58.0664 0x0970  kdnic - ok
23:00:58.0675 0x0970  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\Windows\system32\lsass.exe
23:00:58.0679 0x0970  KeyIso - ok
23:00:58.0698 0x0970  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:00:58.0700 0x0970  KSecDD - ok
23:00:58.0733 0x0970  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:00:58.0738 0x0970  KSecPkg - ok
23:00:58.0753 0x0970  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:00:58.0755 0x0970  ksthunk - ok
23:00:58.0807 0x0970  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:00:58.0816 0x0970  KtmRm - ok
23:00:58.0853 0x0970  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:00:58.0862 0x0970  LanmanServer - ok
23:00:58.0891 0x0970  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:00:58.0901 0x0970  LanmanWorkstation - ok
23:00:58.0946 0x0970  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
23:00:58.0957 0x0970  lfsvc - ok
23:00:58.0989 0x0970  [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
23:00:58.0990 0x0970  lirsgt - ok
23:00:59.0009 0x0970  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:00:59.0011 0x0970  lltdio - ok
23:00:59.0052 0x0970  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:00:59.0059 0x0970  lltdsvc - ok
23:00:59.0091 0x0970  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:00:59.0094 0x0970  lmhosts - ok
23:00:59.0138 0x0970  [ D5F9C50082FA5F82C35922998B3DAD6E, 4957FB1888EC69E16E6D019F2D984EE810F8532FAB504B30D32518E4D3F01FDB ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
23:00:59.0143 0x0970  LMIGuardianSvc - ok
23:00:59.0203 0x0970  [ 388B04A767082D0B0581AF475DF943D9, B1E12445B79C4D1EFAABB38096EED2C8A127479AF1602476DFDDECC122A828CA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:00:59.0208 0x0970  LMS - ok
23:00:59.0242 0x0970  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:00:59.0244 0x0970  LSI_SAS - ok
23:00:59.0261 0x0970  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:00:59.0263 0x0970  LSI_SAS2 - ok
23:00:59.0278 0x0970  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
23:00:59.0280 0x0970  LSI_SAS3 - ok
23:00:59.0296 0x0970  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
23:00:59.0298 0x0970  LSI_SSS - ok
23:00:59.0343 0x0970  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\Windows\System32\lsm.dll
23:00:59.0358 0x0970  LSM - ok
23:00:59.0401 0x0970  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:00:59.0403 0x0970  luafv - ok
23:00:59.0415 0x0970  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
23:00:59.0416 0x0970  megasas - ok
23:00:59.0440 0x0970  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
23:00:59.0451 0x0970  megasr - ok
23:00:59.0462 0x0970  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
23:00:59.0464 0x0970  MEIx64 - ok
23:00:59.0491 0x0970  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
23:00:59.0494 0x0970  MMCSS - ok
23:00:59.0553 0x0970  [ 38106C7BD34EAE89D2769AC0BA2E846B, 8A33C138C84ED3E6C9408BB66FDEA65E35DD3600AF3ED2C967B8C3D5D54EC3C4 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
23:00:59.0559 0x0970  Mobile Partner. RunOuc - ok
23:00:59.0570 0x0970  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
23:00:59.0571 0x0970  Modem - ok
23:00:59.0600 0x0970  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
23:00:59.0602 0x0970  monitor - ok
23:00:59.0615 0x0970  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
23:00:59.0617 0x0970  mouclass - ok
23:00:59.0646 0x0970  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\Windows\System32\drivers\mouhid.sys
23:00:59.0647 0x0970  mouhid - ok
23:00:59.0665 0x0970  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:00:59.0668 0x0970  mountmgr - ok
23:00:59.0720 0x0970  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:00:59.0723 0x0970  MozillaMaintenance - ok
23:00:59.0742 0x0970  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:00:59.0744 0x0970  mpsdrv - ok
23:00:59.0793 0x0970  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:00:59.0828 0x0970  MpsSvc - ok
23:00:59.0868 0x0970  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:00:59.0872 0x0970  MRxDAV - ok
23:00:59.0917 0x0970  [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:00:59.0923 0x0970  mrxsmb - ok
23:00:59.0946 0x0970  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:00:59.0952 0x0970  mrxsmb10 - ok
23:01:00.0162 0x0970  [ DBA635C6398782C549E3BE45CF1D0411, E9806E075F401D3E7357E876C7F941F7DAFFBBEE065DC3FE556014F5D92EDAC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:01:00.0165 0x0970  mrxsmb20 - ok
23:01:00.0200 0x0970  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
23:01:00.0202 0x0970  MsBridge - ok
23:01:00.0239 0x0970  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
23:01:00.0244 0x0970  MSDTC - ok
23:01:00.0266 0x0970  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:01:00.0267 0x0970  Msfs - ok
23:01:00.0288 0x0970  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
23:01:00.0289 0x0970  msgpiowin32 - ok
23:01:00.0300 0x0970  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:01:00.0301 0x0970  mshidkmdf - ok
23:01:00.0320 0x0970  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
23:01:00.0320 0x0970  mshidumdf - ok
23:01:00.0350 0x0970  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:01:00.0351 0x0970  msisadrv - ok
23:01:00.0395 0x0970  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:01:00.0400 0x0970  MSiSCSI - ok
23:01:00.0403 0x0970  msiserver - ok
23:01:00.0417 0x0970  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:01:00.0418 0x0970  MSKSSRV - ok
23:01:00.0439 0x0970  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
23:01:00.0441 0x0970  MsLldp - ok
23:01:00.0459 0x0970  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:01:00.0460 0x0970  MSPCLOCK - ok
23:01:00.0465 0x0970  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:01:00.0466 0x0970  MSPQM - ok
23:01:00.0490 0x0970  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:01:00.0496 0x0970  MsRPC - ok
23:01:00.0510 0x0970  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
23:01:00.0511 0x0970  mssmbios - ok
23:01:00.0519 0x0970  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:01:00.0520 0x0970  MSTEE - ok
23:01:00.0528 0x0970  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
23:01:00.0529 0x0970  MTConfig - ok
23:01:00.0550 0x0970  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
23:01:00.0552 0x0970  Mup - ok
23:01:00.0564 0x0970  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
23:01:00.0566 0x0970  mvumis - ok
23:01:00.0623 0x0970  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
23:01:00.0632 0x0970  napagent - ok
23:01:00.0648 0x0970  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:01:00.0655 0x0970  NativeWifiP - ok
23:01:00.0698 0x0970  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
23:01:00.0703 0x0970  NcaSvc - ok
23:01:00.0725 0x0970  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
23:01:00.0731 0x0970  NcbService - ok
23:01:00.0743 0x0970  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
23:01:00.0746 0x0970  NcdAutoSetup - ok
23:01:00.0797 0x0970  [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:01:00.0813 0x0970  NDIS - ok
23:01:00.0848 0x0970  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:01:00.0850 0x0970  NdisCap - ok
23:01:00.0862 0x0970  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
23:01:00.0864 0x0970  NdisImPlatform - ok
23:01:00.0881 0x0970  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:01:00.0882 0x0970  NdisTapi - ok
23:01:00.0890 0x0970  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:01:00.0892 0x0970  Ndisuio - ok
23:01:00.0909 0x0970  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
23:01:00.0910 0x0970  NdisVirtualBus - ok
23:01:00.0926 0x0970  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:01:00.0931 0x0970  NdisWan - ok
23:01:00.0937 0x0970  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
23:01:00.0941 0x0970  NdisWanLegacy - ok
23:01:00.0951 0x0970  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:01:00.0953 0x0970  NDProxy - ok
23:01:00.0986 0x0970  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
23:01:00.0988 0x0970  Ndu - ok
23:01:01.0003 0x0970  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:01:01.0004 0x0970  NetBIOS - ok
23:01:01.0028 0x0970  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:01:01.0033 0x0970  NetBT - ok
23:01:01.0050 0x0970  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\Windows\system32\lsass.exe
23:01:01.0054 0x0970  Netlogon - ok
23:01:01.0113 0x0970  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
23:01:01.0121 0x0970  Netman - ok
23:01:01.0167 0x0970  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
23:01:01.0180 0x0970  netprofm - ok
23:01:01.0228 0x0970  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:01:01.0231 0x0970  NetTcpPortSharing - ok
23:01:01.0275 0x0970  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
23:01:01.0277 0x0970  netvsc - ok
23:01:01.0303 0x0970  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:01:01.0313 0x0970  NlaSvc - ok
23:01:01.0332 0x0970  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:01:01.0334 0x0970  Npfs - ok
23:01:01.0370 0x0970  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
23:01:01.0371 0x0970  npsvctrig - ok
23:01:01.0389 0x0970  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
23:01:01.0393 0x0970  nsi - ok
23:01:01.0408 0x0970  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:01:01.0409 0x0970  nsiproxy - ok
23:01:01.0493 0x0970  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:01:01.0540 0x0970  Ntfs - ok
23:01:01.0554 0x0970  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
23:01:01.0554 0x0970  Null - ok
23:01:01.0861 0x0970  [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:01:02.0153 0x0970  nvlddmkm - ok
23:01:02.0276 0x0970  [ 048C6FACA905A7DF0A86D3CC31D7E6AE, 7222B301DBBDFF15B038E13FEA076759D8AC392F5145ECD60A640BDA6CFABE8C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:01:02.0299 0x0970  NvNetworkService - ok
23:01:02.0311 0x0970  [ C045199456CE8B823AD85CB9507DEA3C, 9C070B7463AB22D1AFC116E89C690FD552ED68D138F9DD3BA9FAD9BB652DC940 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
23:01:02.0312 0x0970  nvpciflt - ok
23:01:02.0344 0x0970  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:01:02.0347 0x0970  nvraid - ok
23:01:02.0356 0x0970  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:01:02.0360 0x0970  nvstor - ok
23:01:02.0405 0x0970  [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
23:01:02.0421 0x0970  nvsvc - ok
23:01:02.0438 0x0970  nvvad_WaveExtensible - ok
23:01:02.0458 0x0970  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:01:02.0461 0x0970  nv_agp - ok
23:01:02.0508 0x0970  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:01:02.0518 0x0970  p2pimsvc - ok
23:01:02.0532 0x0970  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:01:02.0543 0x0970  p2psvc - ok
23:01:02.0557 0x0970  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
23:01:02.0560 0x0970  Parport - ok
23:01:02.0575 0x0970  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:01:02.0577 0x0970  partmgr - ok
23:01:02.0589 0x0970  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:01:02.0601 0x0970  PcaSvc - ok
23:01:02.0630 0x0970  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\Windows\system32\drivers\pci.sys
23:01:02.0638 0x0970  pci - ok
23:01:02.0655 0x0970  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:01:02.0656 0x0970  pciide - ok
23:01:02.0670 0x0970  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:01:02.0673 0x0970  pcmcia - ok
23:01:02.0686 0x0970  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:01:02.0688 0x0970  pcw - ok
23:01:02.0701 0x0970  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\Windows\system32\drivers\pdc.sys
23:01:02.0704 0x0970  pdc - ok
23:01:02.0749 0x0970  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:01:02.0759 0x0970  PEAUTH - ok
23:01:02.0831 0x0970  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:01:02.0834 0x0970  PerfHost - ok
23:01:02.0905 0x0970  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
23:01:02.0962 0x0970  pla - ok
23:01:02.0994 0x0970  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:01:02.0998 0x0970  PlugPlay - ok
23:01:03.0011 0x0970  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:01:03.0014 0x0970  PNRPAutoReg - ok
23:01:03.0041 0x0970  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:01:03.0049 0x0970  PNRPsvc - ok
23:01:03.0084 0x0970  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:01:03.0094 0x0970  PolicyAgent - ok
23:01:03.0130 0x0970  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
23:01:03.0135 0x0970  Power - ok
23:01:03.0259 0x0970  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
23:01:03.0326 0x0970  PrintNotify - ok
23:01:03.0356 0x0970  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
23:01:03.0358 0x0970  Processor - ok
23:01:03.0394 0x0970  [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc         C:\Windows\system32\profsvc.dll
23:01:03.0400 0x0970  ProfSvc - ok
23:01:03.0441 0x0970  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:01:03.0444 0x0970  Psched - ok
23:01:03.0471 0x0970  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
23:01:03.0480 0x0970  QWAVE - ok
23:01:03.0494 0x0970  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:01:03.0496 0x0970  QWAVEdrv - ok
23:01:03.0514 0x0970  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:01:03.0515 0x0970  RasAcd - ok
23:01:03.0548 0x0970  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
23:01:03.0553 0x0970  RasAuto - ok
23:01:03.0577 0x0970  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\Windows\System32\rasmans.dll
23:01:03.0591 0x0970  RasMan - ok
23:01:03.0612 0x0970  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:01:03.0614 0x0970  RasPppoe - ok
23:01:03.0638 0x0970  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:01:03.0647 0x0970  rdbss - ok
23:01:03.0661 0x0970  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
23:01:03.0662 0x0970  rdpbus - ok
23:01:03.0696 0x0970  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:01:03.0700 0x0970  RDPDR - ok
23:01:03.0718 0x0970  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:01:03.0719 0x0970  RdpVideoMiniport - ok
23:01:03.0743 0x0970  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:01:03.0748 0x0970  rdyboost - ok
23:01:03.0783 0x0970  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
23:01:03.0801 0x0970  ReFS - ok
23:01:03.0836 0x0970  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:01:03.0843 0x0970  RemoteAccess - ok
23:01:03.0898 0x0970  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:01:03.0904 0x0970  RemoteRegistry - ok
23:01:03.0921 0x0970  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:01:03.0925 0x0970  RFCOMM - ok
23:01:03.0959 0x0970  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:01:03.0964 0x0970  RpcEptMapper - ok
23:01:03.0994 0x0970  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
23:01:03.0997 0x0970  RpcLocator - ok
23:01:04.0029 0x0970  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\Windows\system32\rpcss.dll
23:01:04.0043 0x0970  RpcSs - ok
23:01:04.0077 0x0970  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:01:04.0079 0x0970  rspndr - ok
23:01:04.0124 0x0970  [ E7B780F2E7A124264AA487C13107BDFF, 2AE4E7227F3E28FCEF685AC54771D949845339D7881A7855810A6C33E9B179D7 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
23:01:04.0131 0x0970  RSUSBVSTOR - ok
23:01:04.0163 0x0970  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
23:01:04.0175 0x0970  RTL8168 - ok
23:01:04.0188 0x0970  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
23:01:04.0189 0x0970  s3cap - ok
23:01:04.0201 0x0970  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\Windows\system32\lsass.exe
23:01:04.0204 0x0970  SamSs - ok
23:01:04.0238 0x0970  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:01:04.0241 0x0970  sbp2port - ok
23:01:04.0279 0x0970  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:01:04.0285 0x0970  SCardSvr - ok
23:01:04.0306 0x0970  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
23:01:04.0311 0x0970  ScDeviceEnum - ok
23:01:04.0330 0x0970  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:01:04.0331 0x0970  scfilter - ok
23:01:04.0377 0x0970  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\Windows\system32\schedsvc.dll
23:01:04.0422 0x0970  Schedule - ok
23:01:04.0462 0x0970  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:01:04.0465 0x0970  SCPolicySvc - ok
23:01:04.0485 0x0970  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\Windows\System32\drivers\sdbus.sys
23:01:04.0491 0x0970  sdbus - ok
23:01:04.0500 0x0970  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
23:01:04.0501 0x0970  sdstor - ok
23:01:04.0530 0x0970  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:01:04.0532 0x0970  secdrv - ok
23:01:04.0540 0x0970  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\Windows\system32\seclogon.dll
23:01:04.0544 0x0970  seclogon - ok
23:01:04.0559 0x0970  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
23:01:04.0564 0x0970  SENS - ok
23:01:04.0576 0x0970  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:01:04.0583 0x0970  SensrSvc - ok
23:01:04.0627 0x0970  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
23:01:04.0628 0x0970  SerCx - ok
23:01:04.0650 0x0970  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
23:01:04.0654 0x0970  SerCx2 - ok
23:01:04.0671 0x0970  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
23:01:04.0672 0x0970  Serenum - ok
23:01:04.0686 0x0970  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
23:01:04.0688 0x0970  Serial - ok
23:01:04.0706 0x0970  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
23:01:04.0707 0x0970  sermouse - ok
23:01:04.0750 0x0970  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:01:04.0759 0x0970  SessionEnv - ok
23:01:04.0774 0x0970  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
23:01:04.0775 0x0970  sfloppy - ok
23:01:04.0803 0x0970  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:01:04.0813 0x0970  SharedAccess - ok
23:01:04.0885 0x0970  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:01:04.0900 0x0970  ShellHWDetection - ok
23:01:04.0920 0x0970  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:01:04.0921 0x0970  SiSRaid2 - ok
23:01:04.0936 0x0970  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:01:04.0938 0x0970  SiSRaid4 - ok
23:01:04.0977 0x0970  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\Windows\System32\smphost.dll
23:01:04.0980 0x0970  smphost - ok
23:01:05.0024 0x0970  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:01:05.0028 0x0970  SNMPTRAP - ok
23:01:05.0069 0x0970  [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
23:01:05.0078 0x0970  spaceport - ok
23:01:05.0100 0x0970  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
23:01:05.0102 0x0970  SpbCx - ok
23:01:05.0131 0x0970  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\Windows\System32\spoolsv.exe
23:01:05.0148 0x0970  Spooler - ok
23:01:05.0348 0x0970  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
23:01:05.0505 0x0970  sppsvc - ok
23:01:05.0533 0x0970  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:01:05.0540 0x0970  srv - ok
23:01:05.0587 0x0970  [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:01:05.0597 0x0970  srv2 - ok
23:01:05.0617 0x0970  [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:01:05.0621 0x0970  srvnet - ok
23:01:05.0662 0x0970  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:01:05.0670 0x0970  SSDPSRV - ok
23:01:05.0702 0x0970  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:01:05.0708 0x0970  SstpSvc - ok
23:01:05.0746 0x0970  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:01:05.0747 0x0970  stexstor - ok
23:01:05.0797 0x0970  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
23:01:05.0812 0x0970  stisvc - ok
23:01:05.0834 0x0970  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
23:01:05.0836 0x0970  storahci - ok
23:01:05.0850 0x0970  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
23:01:05.0851 0x0970  storflt - ok
23:01:05.0866 0x0970  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
23:01:05.0867 0x0970  stornvme - ok
23:01:05.0915 0x0970  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
23:01:05.0918 0x0970  StorSvc - ok
23:01:05.0938 0x0970  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:01:05.0940 0x0970  storvsc - ok
23:01:05.0980 0x0970  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
23:01:05.0984 0x0970  svsvc - ok
23:01:05.0999 0x0970  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
23:01:06.0000 0x0970  swenum - ok
23:01:06.0042 0x0970  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\Windows\System32\swprv.dll
23:01:06.0058 0x0970  swprv - ok
23:01:06.0105 0x0970  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\Windows\system32\sysmain.dll
23:01:06.0150 0x0970  SysMain - ok
23:01:06.0170 0x0970  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
23:01:06.0180 0x0970  SystemEventsBroker - ok
23:01:06.0212 0x0970  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
23:01:06.0218 0x0970  TabletInputService - ok
23:01:06.0239 0x0970  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:01:06.0249 0x0970  TapiSrv - ok
23:01:06.0323 0x0970  [ D7566BE560B040C47F6F35EB980D8377, 51487FCBFE4BD07FCFEF324B6C7711E56A7D8893450F808BD50C2FD44BBFED99 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:01:06.0387 0x0970  Tcpip - ok
23:01:06.0456 0x0970  [ D7566BE560B040C47F6F35EB980D8377, 51487FCBFE4BD07FCFEF324B6C7711E56A7D8893450F808BD50C2FD44BBFED99 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:01:06.0491 0x0970  TCPIP6 - ok
23:01:06.0536 0x0970  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:01:06.0537 0x0970  tcpipreg - ok
23:01:06.0574 0x0970  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:01:06.0576 0x0970  tdx - ok
23:01:06.0614 0x0970  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
23:01:06.0616 0x0970  terminpt - ok
23:01:06.0675 0x0970  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\Windows\System32\termsrv.dll
23:01:06.0693 0x0970  TermService - ok
23:01:06.0721 0x0970  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
23:01:06.0725 0x0970  Themes - ok
23:01:06.0747 0x0970  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
23:01:06.0750 0x0970  THREADORDER - ok
23:01:06.0763 0x0970  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
23:01:06.0771 0x0970  TimeBroker - ok
23:01:06.0795 0x0970  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
23:01:06.0799 0x0970  TPM - ok
23:01:06.0813 0x0970  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
23:01:06.0819 0x0970  TrkWks - ok
23:01:06.0876 0x0970  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:01:06.0878 0x0970  TrustedInstaller - ok
23:01:06.0900 0x0970  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:01:06.0902 0x0970  TsUsbFlt - ok
23:01:06.0917 0x0970  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
23:01:06.0919 0x0970  TsUsbGD - ok
23:01:06.0957 0x0970  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:01:06.0960 0x0970  tunnel - ok
23:01:06.0999 0x0970  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:01:07.0001 0x0970  uagp35 - ok
23:01:07.0016 0x0970  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
23:01:07.0018 0x0970  UASPStor - ok
23:01:07.0034 0x0970  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
23:01:07.0037 0x0970  UCX01000 - ok
23:01:07.0072 0x0970  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:01:07.0077 0x0970  udfs - ok
23:01:07.0094 0x0970  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
23:01:07.0095 0x0970  UEFI - ok
23:01:07.0124 0x0970  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:01:07.0127 0x0970  UI0Detect - ok
23:01:07.0142 0x0970  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:01:07.0143 0x0970  uliagpkx - ok
23:01:07.0156 0x0970  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
23:01:07.0157 0x0970  umbus - ok
23:01:07.0166 0x0970  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
23:01:07.0168 0x0970  UmPass - ok
23:01:07.0211 0x0970  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:01:07.0220 0x0970  UmRdpService - ok
23:01:07.0241 0x0970  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
23:01:07.0252 0x0970  upnphost - ok
23:01:07.0270 0x0970  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
23:01:07.0274 0x0970  usbccgp - ok
23:01:07.0308 0x0970  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
23:01:07.0312 0x0970  usbcir - ok
23:01:07.0333 0x0970  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
23:01:07.0335 0x0970  usbehci - ok
23:01:07.0363 0x0970  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
23:01:07.0371 0x0970  usbhub - ok
23:01:07.0413 0x0970  [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
23:01:07.0424 0x0970  USBHUB3 - ok
23:01:07.0443 0x0970  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
23:01:07.0444 0x0970  usbohci - ok
23:01:07.0459 0x0970  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
23:01:07.0460 0x0970  usbprint - ok
23:01:07.0481 0x0970  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:01:07.0482 0x0970  usbscan - ok
23:01:07.0495 0x0970  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
23:01:07.0500 0x0970  USBSTOR - ok
23:01:07.0518 0x0970  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
23:01:07.0519 0x0970  usbuhci - ok
23:01:07.0553 0x0970  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:01:07.0559 0x0970  usbvideo - ok
23:01:07.0583 0x0970  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
23:01:07.0588 0x0970  USBXHCI - ok
23:01:07.0608 0x0970  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:01:07.0610 0x0970  VaultSvc - ok
23:01:07.0618 0x0970  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:01:07.0620 0x0970  vdrvroot - ok
23:01:07.0690 0x0970  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\Windows\System32\vds.exe
23:01:07.0735 0x0970  vds - ok
23:01:07.0772 0x0970  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
23:01:07.0776 0x0970  VerifierExt - ok
23:01:07.0803 0x0970  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
23:01:07.0817 0x0970  vhdmp - ok
23:01:07.0834 0x0970  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:01:07.0836 0x0970  viaide - ok
23:01:07.0848 0x0970  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:01:07.0850 0x0970  vmbus - ok
23:01:07.0860 0x0970  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
23:01:07.0862 0x0970  VMBusHID - ok
23:01:07.0912 0x0970  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
23:01:07.0924 0x0970  vmicguestinterface - ok
23:01:07.0937 0x0970  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
23:01:07.0946 0x0970  vmicheartbeat - ok
23:01:07.0958 0x0970  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
23:01:07.0966 0x0970  vmickvpexchange - ok
23:01:07.0979 0x0970  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
23:01:07.0988 0x0970  vmicrdv - ok
23:01:08.0000 0x0970  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
23:01:08.0009 0x0970  vmicshutdown - ok
23:01:08.0022 0x0970  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
23:01:08.0031 0x0970  vmictimesync - ok
23:01:08.0043 0x0970  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
23:01:08.0052 0x0970  vmicvss - ok
23:01:08.0066 0x0970  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:01:08.0069 0x0970  volmgr - ok
23:01:08.0092 0x0970  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:01:08.0100 0x0970  volmgrx - ok
23:01:08.0116 0x0970  [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:01:08.0122 0x0970  volsnap - ok
23:01:08.0153 0x0970  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\Windows\System32\drivers\vpci.sys
23:01:08.0155 0x0970  vpci - ok
23:01:08.0190 0x0970  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:01:08.0194 0x0970  vsmraid - ok
23:01:08.0237 0x0970  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\Windows\system32\vssvc.exe
23:01:08.0293 0x0970  VSS - ok
23:01:08.0317 0x0970  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
23:01:08.0323 0x0970  VSTXRAID - ok
23:01:08.0336 0x0970  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:01:08.0337 0x0970  vwifibus - ok
23:01:08.0351 0x0970  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:01:08.0353 0x0970  vwififlt - ok
23:01:08.0369 0x0970  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:01:08.0370 0x0970  vwifimp - ok
23:01:08.0413 0x0970  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
23:01:08.0425 0x0970  W32Time - ok
23:01:08.0445 0x0970  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
23:01:08.0446 0x0970  WacomPen - ok
23:01:08.0514 0x0970  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\Windows\system32\wbengine.exe
23:01:08.0570 0x0970  wbengine - ok
23:01:08.0602 0x0970  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:01:08.0614 0x0970  WbioSrvc - ok
23:01:08.0630 0x0970  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
23:01:08.0641 0x0970  Wcmsvc - ok
23:01:08.0660 0x0970  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:01:08.0673 0x0970  wcncsvc - ok
23:01:08.0689 0x0970  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:01:08.0693 0x0970  WcsPlugInService - ok
23:01:08.0730 0x0970  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
23:01:08.0731 0x0970  WdBoot - ok
23:01:08.0779 0x0970  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:01:08.0795 0x0970  Wdf01000 - ok
23:01:08.0831 0x0970  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
23:01:08.0837 0x0970  WdFilter - ok
23:01:08.0860 0x0970  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:01:08.0864 0x0970  WdiServiceHost - ok
23:01:08.0870 0x0970  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:01:08.0875 0x0970  WdiSystemHost - ok
23:01:08.0900 0x0970  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
23:01:08.0903 0x0970  WdNisDrv - ok
23:01:08.0951 0x0970  WdNisSvc - ok
23:01:08.0974 0x0970  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\Windows\System32\webclnt.dll
23:01:08.0983 0x0970  WebClient - ok
23:01:08.0998 0x0970  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:01:09.0005 0x0970  Wecsvc - ok
23:01:09.0018 0x0970  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
23:01:09.0022 0x0970  WEPHOSTSVC - ok
23:01:09.0027 0x0970  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:01:09.0032 0x0970  wercplsupport - ok
23:01:09.0052 0x0970  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:01:09.0059 0x0970  WerSvc - ok
23:01:09.0092 0x0970  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
23:01:09.0095 0x0970  WFPLWFS - ok
23:01:09.0131 0x0970  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
23:01:09.0136 0x0970  WiaRpc - ok
23:01:09.0156 0x0970  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:01:09.0157 0x0970  WIMMount - ok
23:01:09.0159 0x0970  WinDefend - ok
23:01:09.0217 0x0970  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
23:01:09.0235 0x0970  WinHttpAutoProxySvc - ok
23:01:09.0295 0x0970  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:01:09.0301 0x0970  Winmgmt - ok
23:01:09.0391 0x0970  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\Windows\system32\WsmSvc.dll
23:01:09.0461 0x0970  WinRM - ok
23:01:09.0522 0x0970  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
23:01:09.0524 0x0970  WinUSB - ok
23:01:09.0593 0x0970  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc         C:\Windows\System32\wlansvc.dll
23:01:09.0638 0x0970  WlanSvc - ok
23:01:09.0697 0x0970  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
23:01:09.0742 0x0970  wlidsvc - ok
23:01:09.0772 0x0970  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
23:01:09.0773 0x0970  WmiAcpi - ok
23:01:09.0816 0x0970  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:01:09.0827 0x0970  wmiApSrv - ok
23:01:09.0827 0x1744  Object required for P2P: [ E0EF6C1399A9B1AAA0B28590411BED04 ] MEIx64
23:01:09.0860 0x0970  WMPNetworkSvc - ok
23:01:09.0904 0x0970  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
23:01:09.0908 0x0970  Wof - ok
23:01:09.0980 0x0970  [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
23:01:10.0024 0x0970  workfolderssvc - ok
23:01:10.0057 0x0970  [ C1F564F324685C088ECAB1933576CF91, 022F0EC160352AB73AF7DA557D1A5798964231B82C556F22F4163E8B3E4088B2 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
23:01:10.0059 0x0970  wpcfltr - ok
23:01:10.0089 0x0970  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:01:10.0093 0x0970  WPCSvc - ok
23:01:10.0109 0x0970  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:01:10.0114 0x0970  WPDBusEnum - ok
23:01:10.0129 0x0970  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
23:01:10.0131 0x0970  WpdUpFltr - ok
23:01:10.0184 0x0970  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:01:10.0185 0x0970  ws2ifsl - ok
23:01:10.0219 0x0970  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:01:10.0255 0x0970  wscsvc - ok
23:01:10.0258 0x0970  WSearch - ok
23:01:10.0354 0x0970  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\Windows\System32\WSService.dll
23:01:10.0444 0x0970  WSService - ok
23:01:10.0556 0x0970  [ 7E609FBF50774CC5A239420FE34EBB9C, 69B643B11717D51BC5D3F1CDE47D4C9E198AB8D9160C852DBE9B940E40AD8A57 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:01:10.0646 0x0970  wuauserv - ok
23:01:10.0682 0x0970  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:01:10.0685 0x0970  WudfPf - ok
23:01:10.0710 0x0970  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
23:01:10.0716 0x0970  WUDFRd - ok
23:01:10.0733 0x0970  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:01:10.0739 0x0970  wudfsvc - ok
23:01:10.0746 0x0970  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
23:01:10.0750 0x0970  WUDFWpdFs - ok
23:01:10.0756 0x0970  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
23:01:10.0760 0x0970  WUDFWpdMtp - ok
23:01:10.0791 0x0970  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:01:10.0805 0x0970  WwanSvc - ok
23:01:10.0864 0x0970  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
23:01:10.0871 0x0970  ZAtheros Bt and Wlan Coex Agent - ok
23:01:10.0886 0x0970  ================ Scan global ===============================
23:01:10.0933 0x0970  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
23:01:10.0962 0x0970  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
23:01:10.0994 0x0970  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
23:01:11.0046 0x0970  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
23:01:11.0055 0x0970  [ Global ] - ok
23:01:11.0055 0x0970  ================ Scan MBR ==================================
23:01:11.0065 0x0970  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:01:11.0070 0x0970  \Device\Harddisk0\DR0 - ok
23:01:11.0070 0x0970  ================ Scan VBR ==================================
23:01:11.0073 0x0970  [ BEA05B48D9AF9E855B5E02C08D07ADB0 ] \Device\Harddisk0\DR0\Partition1
23:01:11.0079 0x0970  \Device\Harddisk0\DR0\Partition1 - ok
23:01:11.0098 0x0970  [ B1887DFACAD3441F7902CDB0B7D238A9 ] \Device\Harddisk0\DR0\Partition2
23:01:11.0106 0x0970  \Device\Harddisk0\DR0\Partition2 - ok
23:01:11.0121 0x0970  [ 68B925D4145038CE8C678CF65A540867 ] \Device\Harddisk0\DR0\Partition3
23:01:11.0122 0x0970  \Device\Harddisk0\DR0\Partition3 - ok
23:01:11.0130 0x0970  [ F9835B280F18BF49BD40F778D87DEE6B ] \Device\Harddisk0\DR0\Partition4
23:01:11.0143 0x0970  \Device\Harddisk0\DR0\Partition4 - ok
23:01:11.0177 0x0970  [ 25A8179E4D85D62DE8D0471443BE39AB ] \Device\Harddisk0\DR0\Partition5
23:01:11.0194 0x0970  \Device\Harddisk0\DR0\Partition5 - ok
23:01:11.0195 0x0970  ================ Scan generic autorun ======================
23:01:11.0239 0x0970  [ 33ECE216B2B85850BD00CAD23046C200, 36B5915C213DA22B92C615E944195D628F5A2243969EF7810EC3739EA5655F2A ] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
23:01:11.0242 0x0970  DptfPolicyLpmServiceHelper - ok
23:01:11.0279 0x0970  [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe
23:01:11.0288 0x0970  IgfxTray - ok
23:01:11.0314 0x0970  [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe
23:01:11.0331 0x0970  HotKeysCmds - ok
23:01:11.0357 0x0970  [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe
23:01:11.0373 0x0970  Persistence - ok
23:01:11.0763 0x0970  [ 637C513A8A3FFBB3AA05FAFAC3F9174D, 5BFE633BE091A1BCED55AB2E99A6FEB92B7166921249BFB4B05386EA3856B735 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:01:12.0061 0x0970  RTHDVCPL - ok
23:01:12.0110 0x0970  [ F66CE44D86EA704B31BED2BF2BEDDF75, EC0B3AB0B2011B718299BFF743A28117A3436E9431B6F31CF34416D68AAF1B56 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:01:12.0143 0x0970  RtHDVBg - ok
23:01:12.0170 0x0970  Nvtmru - ok
23:01:12.0265 0x0970  [ 436A83E5555A8449B9BFBE1AAB314654, DE956310B2EF80B43399E63E309E659018879942EBBA5063B9A366C2314E8158 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:01:12.0296 0x0970  NvBackend - ok
23:01:12.0349 0x0970  [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
23:01:12.0352 0x0970  Classic Start Menu - ok
23:01:12.0462 0x0970  [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
23:01:12.0548 0x0970  ASUSPRP - ok
23:01:12.0692 0x0970  [ 26AFC1F16494FFE66F2197153B342A27, 817436E38F832500E120F196941F2F8392B192262E16D5E52CD5DFAC34749C15 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:01:12.0746 0x0970  AvastUI.exe - ok
23:01:12.0863 0x0970  [ D1A8E603EC38F299B29EA5DBF05F7AC1, 386B80157268A55F40CF9C80DF5D805EB9138883F3B5048ED2A7F796FB56EAFD ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
23:01:12.0914 0x0970  LogMeIn Hamachi Ui - ok
23:01:12.0970 0x0970  [ E350385CF8113BE4A1D5ABEFC2B0F04C, CCE22F609274A1782F9EA563E5841786AAD142C246698648A8710C113073BFC1 ] C:\Program Files (x86)\EMET 4.1\EMET_agent.exe
23:01:12.0971 0x0970  EMET Agent - ok
23:01:12.0972 0x0970  Waiting for KSN requests completion. In queue: 277
23:01:13.0541 0x1744  Object send P2P result: true
23:01:13.0972 0x0970  Waiting for KSN requests completion. In queue: 106
23:01:14.0973 0x0970  Waiting for KSN requests completion. In queue: 106
23:01:16.0058 0x0970  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
23:01:16.0066 0x0970  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
23:01:16.0067 0x0970  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41010 ( enabled )
23:01:18.0522 0x0970  ============================================================
23:01:18.0522 0x0970  Scan finished
23:01:18.0522 0x0970  ============================================================
23:01:18.0528 0x0f6c  Detected object count: 0
23:01:18.0528 0x0f6c  Actual detected object count: 0
23:01:48.0937 0x0578  KLMD registered as C:\Windows\system32\drivers\73687819.sys
23:01:49.0778 0x0578  Deinitialize success
         
Ich hoffe einer kann mir helfen und bedanke mich schon mal tausendmal im Voraus

PS: Würde es mir vielleicht weniger Arbeit bescherren wenn ich die Resetfunktion bei Windows 8 nutze. Naja solange der Bios nicht befallen ist kann man dadurch doch auch den "Viehern den Saft abdrehen", oder?

Alt 09.07.2014, 07:07   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 09.07.2014, 09:30   #3
Klmzt
 
Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



frst

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by ...... (ATTENTION: The logged in user is not administrator) on ......PC on 09-07-2014 08:22:52
Running from C:\Users\......\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-04-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-29] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKLM-x32\...\Run: [EMET Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-12] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe" "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware " [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] ( (Atheros Communications))
HKU\S-1-5-21-2245838751-742312130-2388482474-1002\...\MountPoints2: {5c8fe0b5-e111-11e3-be97-240a646972a8} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2245838751-742312130-2388482474-1002\...\MountPoints2: {8b0beb88-e8aa-11e3-be99-001e101f1644} - "D:\AutoRun.exe" 
HKU\S-1-5-21-2245838751-742312130-2388482474-1002\...\MountPoints2: {962e5970-dd10-11e3-824f-806e6f6e6963} - "E:\Autorun.exe" 
HKU\S-1-5-21-2245838751-742312130-2388482474-1002\...\MountPoints2: {a6ee66ce-ea59-11e3-be9b-001e101f3209} - "D:\AutoRun.exe" 
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-2245838751-742312130-2388482474-1002\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {5DEF82FF-896B-440B-A950-65918429C723} URL = https://startpage.com/do/search?query={searchTerms}&cat=web&pl=ie&language=deutsch
SearchScopes: HKCU - {6BC5FF23-8B20-4EB6-B0E6-CDE31292C42A} URL = hxxp://ecosia.org/search?q={searchTerms}&addon=opsensearch-ie
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9F07244D-7427-439B-95FB-32926EF0840D}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{B857F7ED-0985-4E7C-95F4-11FBF6CD5111}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{DCCC6BCF-D2E9-413D-A111-815E6C12B145}: [NameServer]213.162.69.1 213.162.69.169

FireFox:
========
FF ProfilePath: C:\Users\......\AppData\Roaming\Mozilla\Firefox\Profiles\mvta7r0w.default
FF Homepage: hxxp://www.orf.at/
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\......\AppData\Roaming\Mozilla\Firefox\Profiles\mvta7r0w.default\Extensions\https-everywhere@eff.org [2014-06-16]
FF Extension: Disconnect - C:\Users\......\AppData\Roaming\Mozilla\Firefox\Profiles\mvta7r0w.default\Extensions\2.0@disconnect.me.xpi [2014-06-16]
FF Extension: BetterPrivacy - C:\Users\......\AppData\Roaming\Mozilla\Firefox\Profiles\mvta7r0w.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-07-08]
FF Extension: Adblock Edge - C:\Users\......\AppData\Roaming\Mozilla\Firefox\Profiles\mvta7r0w.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-05-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-21]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (SNT) - C:\Users\......\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpkpegjnbjbkkiehpkfhodbgnikjmfdm [2014-05-15]
CHR Extension: (DeskSMS  Send and Receive Texts Messages) - C:\Users\......\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfdmgcfldfkehdgoancleciikdlnf [2014-05-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-29]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-06-29] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-04-22] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-04-22] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-04-22] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-04-22] (Intel Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [218624 2013-12-20] () [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-29] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-29] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-29] (AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-06-16] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-29] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-02-05] ()
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-04-22] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-04-22] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-04-22] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-04-22] (Intel Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2013-12-20] (Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-04-15] (LogMeIn Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-02-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-16] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2018-06-16 22:04 - 2018-06-16 22:04 - 00000000 ____D () C:\Users\......\AppData\Roaming\AVAST Software
2014-07-09 08:22 - 2014-07-09 08:23 - 00015030 _____ () C:\Users\......\Downloads\FRST.txt
2014-07-09 08:22 - 2014-07-09 08:22 - 02084352 _____ (Farbar) C:\Users\......\Downloads\FRST64.exe
2014-07-09 08:22 - 2014-07-09 08:22 - 00000000 ____D () C:\FRST
2014-07-09 00:06 - 2014-02-19 11:57 - 93612840 _____ (GOG.com ) C:\Users\......\Downloads\setup_banished_2.0.0.3.exe
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 ____D () C:\Users\Admin
2014-07-08 21:55 - 2014-07-08 21:56 - 00002183 _____ () C:\Users\......\Desktop\malwarebytes.txt
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-08 21:44 - 2014-07-08 21:44 - 09755584 _____ (SurfRight B.V.) C:\Users\......\Downloads\hitmanpro_x64.exe
2014-07-08 21:22 - 2014-07-08 21:22 - 02278856 _____ () C:\Users\......\Downloads\avira_pc_cleaner_de.exe
2014-07-08 20:56 - 2014-07-08 20:57 - 01889616 _____ (SurfRight B.V.) C:\Users\......\Downloads\hmpalert.exe
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Users\......\AppData\Local\Secunia PSI
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-07-04 23:54 - 2014-07-04 23:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 23:34 - 2014-07-04 23:34 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 23:34 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-04 23:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-04 23:18 - 2014-07-04 23:23 - 00000000 ____D () C:\AdwCleaner
2014-07-04 23:10 - 2014-07-05 09:26 - 00000000 ____D () C:\Users\......\Downloads\Malwaretools
2014-07-04 23:09 - 2014-07-04 23:09 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 22:20 - 2014-07-08 22:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 22:20 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:20 - 2014-07-04 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-04 22:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 22:07 - 2014-07-04 22:07 - 00083427 _____ () C:\Users\......\Desktop\ht.txt
2014-07-04 22:02 - 2014-07-04 22:02 - 00085697 _____ () C:\Users\......\Desktop\Gmer.txt
2014-07-04 21:53 - 2014-07-04 21:53 - 718638958 _____ () C:\Windows\MEMORY.DMP
2014-07-04 20:05 - 2014-07-04 20:05 - 00140626 _____ () C:\Users\......\Downloads\OTL.Txt
2014-07-04 16:24 - 2014-07-04 17:00 - 1017118720 _____ () C:\Users\......\Downloads\ubuntu-14.04-desktop-i386.iso
2014-07-04 15:54 - 2014-07-04 22:50 - 00001590 _____ () C:\Windows\setupact.log
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-04 14:12 - 2014-07-04 14:12 - 00000136 _____ () C:\Users\......\Desktop\Anno 1404 - Venice.lnk
2014-07-04 14:07 - 2014-07-04 14:07 - 00001790 _____ () C:\Users\......\Desktop\Anno1404.lnk
2014-07-04 13:40 - 2014-07-09 00:09 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-04 00:25 - 2014-07-04 00:26 - 00018511 _____ () C:\Windows\DirectX.log
2014-07-03 23:58 - 2014-07-04 00:48 - 00000000 ____D () C:\Users\......\Downloads\venedig
2014-07-03 23:41 - 2014-07-03 23:41 - 00000000 ____D () C:\Users\......\AppData\Roaming\WinRAR
2014-07-03 23:34 - 2014-07-09 00:06 - 00000000 ____D () C:\Users\......\Downloads\Anno Venedig
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\Program Files (x86)\EMET 4.1
2014-07-03 22:30 - 2014-07-03 22:30 - 00000000 ____D () C:\Users\......\AppData\Roaming\QuickScan
2014-07-02 22:39 - 2014-07-02 22:41 - 00000000 ____D () C:\Users\......\Downloads\LibreOfficePortable
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-01 14:16 - 2014-07-01 14:16 - 00000000 ____D () C:\Users\......\AppData\Roaming\NVIDIA
2014-07-01 14:13 - 2014-07-01 14:13 - 00675988 _____ () C:\Users\......\Desktop\Minecraft.exe
2014-06-30 00:05 - 2014-06-30 00:05 - 00335992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 00:04 - 2014-07-08 23:34 - 00028092 _____ () C:\Windows\PFRO.log
2014-06-29 23:54 - 2014-07-01 07:06 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-29 23:54 - 2014-07-01 07:06 - 00000000 ____D () C:\Windows\system32\NV
2014-06-29 23:54 - 2014-06-29 23:54 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-29 23:53 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-29 23:53 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-06-29 23:49 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\LastGood
2014-06-29 23:48 - 2014-06-29 23:48 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00001121 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-29 23:46 - 2014-06-29 23:47 - 29677544 _____ (Mozilla) C:\Users\......\Downloads\Firefox Setup 30.0.exe
2014-06-29 23:34 - 2014-06-29 23:34 - 00001990 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 23:33 - 2014-06-29 23:33 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 23:33 - 2014-06-29 23:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 23:33 - 2014-06-29 23:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 23:30 - 2014-06-29 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 23:29 - 2014-07-04 13:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 23:29 - 2014-06-29 23:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 23:29 - 2014-06-29 23:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1404077405578
2014-06-29 23:25 - 2014-06-29 23:25 - 00001348 _____ () C:\Users\......\AppData\Roaming\Microsoft\Windows\Start Menu\Anno 1404.lnk
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-29 21:48 - 2014-07-09 07:36 - 00873865 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 21:28 - 2014-06-17 21:28 - 00000000 ____D () C:\Users\......\AppData\Roaming\LibreOffice
2014-06-17 21:24 - 2014-06-17 21:26 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-06-17 16:51 - 2014-06-17 16:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\......\AppData\Local\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\......\AppData\Local\Avg2014
2014-06-16 21:14 - 2014-06-29 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-16 21:08 - 2014-06-16 21:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2014-06-16 18:15 - 2014-06-16 18:15 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402935353687
2014-06-16 18:15 - 2014-06-16 18:15 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402935353687
2014-06-16 09:56 - 2014-06-16 09:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-06-16 09:40 - 2014-06-16 09:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 09:30 - 2014-05-27 18:12 - 00918952 _____ (Oracle Corporation) C:\Users\......\Downloads\jxpiinstall.exe
2014-06-16 08:56 - 2014-06-29 22:49 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-06-12 13:18 - 2014-06-12 13:18 - 00000000 ____D () C:\Users\......\AppData\Roaming\java
2014-06-11 20:04 - 2014-06-29 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2014-06-11 20:04 - 2014-06-11 20:04 - 00000000 ____D () C:\Program Files (x86)\Intelore
2014-06-10 13:19 - 2014-06-10 13:19 - 06869696 _____ (IvoSoft) C:\Users\......\Downloads\ClassicShellSetup_4_1_0-de.exe
2014-06-09 16:26 - 2014-06-09 16:48 - 2463242240 _____ () C:\Users\......\Downloads\win7 homeprem32.iso

==================== One Month Modified Files and Folders =======

2018-06-16 22:04 - 2018-06-16 22:04 - 00000000 ____D () C:\Users\......\AppData\Roaming\AVAST Software
2014-07-09 08:23 - 2014-07-09 08:22 - 00015030 _____ () C:\Users\......\Downloads\FRST.txt
2014-07-09 08:22 - 2014-07-09 08:22 - 02084352 _____ (Farbar) C:\Users\......\Downloads\FRST64.exe
2014-07-09 08:22 - 2014-07-09 08:22 - 00000000 ____D () C:\FRST
2014-07-09 08:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-09 07:36 - 2014-06-29 21:48 - 00873865 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 07:29 - 2014-04-26 20:25 - 00000000 ____D () C:\Users\......\AppData\Roaming\.minecraft
2014-07-09 00:41 - 2013-12-20 16:14 - 00000000 ____D () C:\Users\......\AppData\Roaming\ClassicShell
2014-07-09 00:09 - 2014-07-04 13:40 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 00:09 - 2014-03-18 11:25 - 00773008 _____ () C:\Windows\system32\perfh007.dat
2014-07-09 00:09 - 2014-03-18 11:25 - 00162310 _____ () C:\Windows\system32\perfc007.dat
2014-07-09 00:06 - 2014-07-03 23:34 - 00000000 ____D () C:\Users\......\Downloads\Anno Venedig
2014-07-09 00:05 - 2014-04-25 22:30 - 00000000 ____D () C:\Users\......\AppData\Local\LogMeIn Hamachi
2014-07-09 00:05 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 ____D () C:\Users\Admin
2014-07-08 23:35 - 2014-05-16 18:19 - 00000660 __RSH () C:\Users\......\ntuser.pol
2014-07-08 23:35 - 2014-05-16 17:53 - 00000000 ____D () C:\Users\......
2014-07-08 23:34 - 2014-06-30 00:04 - 00028092 _____ () C:\Windows\PFRO.log
2014-07-08 23:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Vss
2014-07-08 22:59 - 2014-07-04 22:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 21:56 - 2014-07-08 21:55 - 00002183 _____ () C:\Users\......\Desktop\malwarebytes.txt
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-08 21:44 - 2014-07-08 21:44 - 09755584 _____ (SurfRight B.V.) C:\Users\......\Downloads\hitmanpro_x64.exe
2014-07-08 21:22 - 2014-07-08 21:22 - 02278856 _____ () C:\Users\......\Downloads\avira_pc_cleaner_de.exe
2014-07-08 20:57 - 2014-07-08 20:56 - 01889616 _____ (SurfRight B.V.) C:\Users\......\Downloads\hmpalert.exe
2014-07-06 17:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-06 17:46 - 2013-12-20 15:53 - 00000000 ____D () C:\ProgramData\DatacardService
2014-07-05 09:26 - 2014-07-04 23:10 - 00000000 ____D () C:\Users\......\Downloads\Malwaretools
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Users\......\AppData\Local\Secunia PSI
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-07-04 23:54 - 2014-07-04 23:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 23:34 - 2014-07-04 23:34 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 23:23 - 2014-07-04 23:18 - 00000000 ____D () C:\AdwCleaner
2014-07-04 23:23 - 2014-05-17 22:07 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-04 23:09 - 2014-07-04 23:09 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 22:50 - 2014-07-04 15:54 - 00001590 _____ () C:\Windows\setupact.log
2014-07-04 22:30 - 2014-07-04 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-04 22:07 - 2014-07-04 22:07 - 00083427 _____ () C:\Users\......\Desktop\ht.txt
2014-07-04 22:02 - 2014-07-04 22:02 - 00085697 _____ () C:\Users\......\Desktop\Gmer.txt
2014-07-04 21:53 - 2014-07-04 21:53 - 718638958 _____ () C:\Windows\MEMORY.DMP
2014-07-04 21:53 - 2014-05-18 18:16 - 00000000 ____D () C:\Windows\Minidump
2014-07-04 20:05 - 2014-07-04 20:05 - 00140626 _____ () C:\Users\......\Downloads\OTL.Txt
2014-07-04 17:00 - 2014-07-04 16:24 - 1017118720 _____ () C:\Users\......\Downloads\ubuntu-14.04-desktop-i386.iso
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-04 14:12 - 2014-07-04 14:12 - 00000136 _____ () C:\Users\......\Desktop\Anno 1404 - Venice.lnk
2014-07-04 14:07 - 2014-07-04 14:07 - 00001790 _____ () C:\Users\......\Desktop\Anno1404.lnk
2014-07-04 13:33 - 2014-06-29 23:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-04 00:48 - 2014-07-03 23:58 - 00000000 ____D () C:\Users\......\Downloads\venedig
2014-07-04 00:35 - 2014-01-01 21:51 - 00000000 ____D () C:\Users\......\AppData\Roaming\Ubisoft
2014-07-04 00:29 - 2014-01-25 21:52 - 00000000 ____D () C:\ProgramData\Solidshield
2014-07-04 00:28 - 2013-07-19 16:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-04 00:26 - 2014-07-04 00:25 - 00018511 _____ () C:\Windows\DirectX.log
2014-07-03 23:41 - 2014-07-03 23:41 - 00000000 ____D () C:\Users\......\AppData\Roaming\WinRAR
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\Program Files (x86)\EMET 4.1
2014-07-03 22:30 - 2014-07-03 22:30 - 00000000 ____D () C:\Users\......\AppData\Roaming\QuickScan
2014-07-02 22:41 - 2014-07-02 22:39 - 00000000 ____D () C:\Users\......\Downloads\LibreOfficePortable
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-01 14:16 - 2014-07-01 14:16 - 00000000 ____D () C:\Users\......\AppData\Roaming\NVIDIA
2014-07-01 14:13 - 2014-07-01 14:13 - 00675988 _____ () C:\Users\......\Desktop\Minecraft.exe
2014-07-01 13:32 - 2014-01-18 11:29 - 00000000 ____D () C:\ProgramData\Origin
2014-07-01 13:24 - 2014-01-18 11:29 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-01 07:06 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-01 07:06 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\system32\NV
2014-06-30 15:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-06-30 00:05 - 2014-06-30 00:05 - 00335992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-29 23:57 - 2014-01-04 14:08 - 00000000 ____D () C:\Users\......\AppData\Local\NVIDIA Corporation
2014-06-29 23:57 - 2014-01-04 14:05 - 00000000 ____D () C:\Users\......\AppData\Local\NVIDIA
2014-06-29 23:54 - 2014-06-29 23:54 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-29 23:54 - 2014-06-29 23:49 - 00000000 ____D () C:\Windows\LastGood
2014-06-29 23:54 - 2014-05-16 17:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-29 23:48 - 2014-06-29 23:48 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00001121 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-29 23:47 - 2014-06-29 23:46 - 29677544 _____ (Mozilla) C:\Users\......\Downloads\Firefox Setup 30.0.exe
2014-06-29 23:40 - 2014-04-28 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-29 23:40 - 2014-01-31 22:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-29 23:34 - 2014-06-29 23:34 - 00001990 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 23:34 - 2014-06-29 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 23:33 - 2014-06-29 23:33 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 23:33 - 2014-06-29 23:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 23:33 - 2014-06-29 23:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 23:33 - 2014-06-29 23:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 23:29 - 2014-06-29 23:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1404077405578
2014-06-29 23:25 - 2014-06-29 23:25 - 00001348 _____ () C:\Users\......\AppData\Roaming\Microsoft\Windows\Start Menu\Anno 1404.lnk
2014-06-29 23:18 - 2013-04-26 01:17 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-29 23:18 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\en-GB
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-29 22:49 - 2014-06-16 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-29 22:49 - 2014-06-16 08:56 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-06-29 22:49 - 2014-06-11 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2014-06-29 22:49 - 2014-05-16 19:19 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-06-29 22:49 - 2014-05-16 17:45 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-29 22:49 - 2014-01-31 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-29 22:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\security
2014-06-29 22:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2014-06-29 22:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-06-29 22:49 - 2013-07-19 16:26 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-06-29 22:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2014-06-29 22:35 - 2014-05-15 21:47 - 00000000 ____D () C:\Users\......\AppData\Local\Mozilla
2014-06-29 22:35 - 2013-12-17 21:12 - 00000000 ____D () C:\Users\......\AppData\Local\Packages
2014-06-29 22:34 - 2014-01-19 17:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-29 18:56 - 2014-02-07 17:41 - 00000000 ____D () C:\Users\......\Desktop\Mods
2014-06-29 17:25 - 2014-06-03 15:16 - 00000000 ____D () C:\Users\......\Documents\Battlefield 3
2014-06-29 17:25 - 2014-03-15 19:57 - 00000000 ____D () C:\Users\......\Documents\!DOKUMENTE!
2014-06-17 21:28 - 2014-06-17 21:28 - 00000000 ____D () C:\Users\......\AppData\Roaming\LibreOffice
2014-06-17 21:26 - 2014-06-17 21:24 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-06-17 16:52 - 2014-06-17 16:51 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\......\AppData\Local\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\......\AppData\Local\Avg2014
2014-06-16 22:17 - 2014-05-07 22:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-16 22:17 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\......\AppData\Local\Android
2014-06-16 22:16 - 2014-05-18 21:42 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-16 21:08 - 2014-06-16 21:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2014-06-16 18:15 - 2014-06-16 18:15 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402935353687
2014-06-16 18:15 - 2014-06-16 18:15 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402935353687
2014-06-16 09:56 - 2014-06-16 09:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-06-16 09:40 - 2014-06-16 09:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 09:24 - 2013-04-26 01:16 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-06-16 08:56 - 2014-05-16 17:45 - 00153969 _____ () C:\Windows\system32\Drivers\RTWAVES30.dat
2014-06-12 13:18 - 2014-06-12 13:18 - 00000000 ____D () C:\Users\......\AppData\Roaming\java
2014-06-11 20:04 - 2014-06-11 20:04 - 00000000 ____D () C:\Program Files (x86)\Intelore
2014-06-10 13:24 - 2013-04-26 01:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-06-10 13:19 - 2014-06-10 13:19 - 06869696 _____ (IvoSoft) C:\Users\......\Downloads\ClassicShellSetup_4_1_0-de.exe
2014-06-09 21:30 - 2014-05-16 19:57 - 00000000 ____D () C:\Users\......\AppData\Local\Windows Live
2014-06-09 16:48 - 2014-06-09 16:26 - 2463242240 _____ () C:\Users\......\Downloads\win7 homeprem32.iso

Files to move or delete:
====================
C:\Users\......\AppData\Roaming\Camdata.ini
C:\Users\......\AppData\Roaming\CamLayout.ini
C:\Users\......\AppData\Roaming\CamShapes.ini
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\......\.gdocs.dat


Some content of TEMP:
====================
C:\Users\......\AppData\Local\Temp\hitmanpro_x64.exe
C:\Users\......\AppData\Local\Temp\Quarantine.exe
C:\Users\......\AppData\Local\Temp\ubi26D9.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by ........ at 2014-07-09 08:23:37
Running from C:\Users\........\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.0.5008.0 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1404 Modification Manager (HKLM-x32\...\Anno 1404 Modification Manager) (Version: 4.2.0.0 - Corona Development)
Anno 1404 Modification Manager (x32 Version: 4.2.0.0 - Corona Development) Hidden
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ASUS FaceKey (HKLM-x32\...\{ACE24C70-743B-43B0-8045-817FF050800B}) (Version: 4.1.0.0 - )
ASUS Video DSP (HKLM-x32\...\{B80DB514-46E5-43AA-B68C-1EBBF5CF7D34}) (Version: 1.0.000 - )
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Banished (HKLM-x32\...\GOGPACKBANISHED_is1) (Version: 2.0.0.3 - GOG.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Die*Sims*Mittelalter (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
EMET 4.1 (HKLM-x32\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1550 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.0.56 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MegaTrainer eXperience V1.1.0.4 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.003.28.00.152 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
SuperTux Version 0.3.4 (HKLM-x32\...\{5095BBEC-9A2F-4DA1-B5EF-511C728A2FF6}_is1) (Version: 0.3.4 - SuperTux Development Team)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============


==================== Loaded Modules (whitelisted) =============

2013-04-24 17:09 - 2013-04-24 17:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-24 17:07 - 2013-04-24 17:07 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00114176 _____ () C:\Program Files (x86)\EMET 4.1\HelperLib.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00028672 _____ () C:\Program Files (x86)\EMET 4.1\ReportingSubsystem.dll
2013-06-12 15:53 - 2013-06-12 15:53 - 00348160 _____ () C:\Program Files (x86)\EMET 4.1\DevExpress.UserSkins.HighContrast.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00023040 _____ () C:\Program Files (x86)\EMET 4.1\TrayIconSubsystem.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00042496 _____ () C:\Program Files (x86)\EMET 4.1\PKIPinningSubsystem.dll
2013-04-24 17:12 - 2013-04-24 17:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\........\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\81239427.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\81239427.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run: => "DptfPolicyLpmServiceHelper"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "Nvtmru"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "Nvtmru"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== Faulty Device Manager Devices =============

Name: Intel(R) Display-Audio
Description: Intel(R) Display-Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcDAud
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2014 00:05:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x900
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3
Vollständiger Name des fehlerhaften Pakets: HeciServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HeciServer.exe5

Error: (07/08/2014 11:35:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x92c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3
Vollständiger Name des fehlerhaften Pakets: HeciServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HeciServer.exe5

Error: (07/06/2014 11:48:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoRun.exe_AutoRun, Version: 2.0.0.42, Zeitstempel: 0x4ce28921
Name des fehlerhaften Moduls: AutoRun.exe, Version: 2.0.0.42, Zeitstempel: 0x4ce28921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000068b9
ID des fehlerhaften Prozesses: 0x71c
Startzeit der fehlerhaften Anwendung: 0xAutoRun.exe_AutoRun0
Pfad der fehlerhaften Anwendung: AutoRun.exe_AutoRun1
Pfad des fehlerhaften Moduls: AutoRun.exe_AutoRun2
Berichtskennung: AutoRun.exe_AutoRun3
Vollständiger Name des fehlerhaften Pakets: AutoRun.exe_AutoRun4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AutoRun.exe_AutoRun5

Error: (07/05/2014 09:25:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/05/2014 08:59:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/04/2014 11:54:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/04/2014 11:54:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/04/2014 11:41:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/04/2014 11:36:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/04/2014 11:36:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (07/09/2014 00:06:34 AM) (Source: DCOM) (EventID: 10010) (User: ........PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/09/2014 00:05:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/09/2014 00:05:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (07/09/2014 00:05:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/09/2014 00:05:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (07/08/2014 11:36:55 PM) (Source: DCOM) (EventID: 10010) (User: ........PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/08/2014 11:35:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/08/2014 11:35:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (07/08/2014 11:35:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/08/2014 11:35:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.


Microsoft Office Sessions:
=========================
Error: (07/09/2014 00:05:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.28.487.1518e67a1HeciServer.exe1.28.487.1518e67a140000015000000000005d23990001cf9af8b2f48699C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exef996ae9b-06eb-11e4-bebd-240a646972a8

Error: (07/08/2014 11:35:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.28.487.1518e67a1HeciServer.exe1.28.487.1518e67a140000015000000000005d23992c01cf9af47c8d2f69C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exec3341e02-06e7-11e4-bebc-240a646972a8

Error: (07/06/2014 11:48:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoRun.exe_AutoRun2.0.0.424ce28921AutoRun.exe2.0.0.424ce28921c0000005000068b971c01cf98ff614dffe3D:\AutoRun.exeD:\AutoRun.exea106ad80-04f2-11e4-bebb-240a646972a8

Error: (07/05/2014 09:25:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\........\Downloads\esetsmartinstaller_deu.exe

Error: (07/05/2014 08:59:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\........\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 11:54:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\........\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 11:54:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\........\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 11:41:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\........\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 11:36:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\........\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 11:36:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\........\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-05-16 22:02:11.341
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:11.294
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:11.185
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:11.138
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:10.951
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:10.919
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:10.763
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:10.732
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:10.685
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-16 22:02:10.654
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 8075.22 MB
Available physical RAM: 6306.78 MB
Total Pagefile: 16267.22 MB
Available Pagefile: 14451.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444.45 GB) (Free:299.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (anno) (CDROM) (Total:2.75 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
Habe frst nicht auf dem Desktop ausgeführt und auch nicht als Admin, aber ich glaube das siehst du sowieso.
__________________

Alt 10.07.2014, 09:01   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.07.2014, 23:02   #5
Klmzt
 
Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



Ich glaub er 'meckert'
Ha alles wie gesagt gemacht aber combofix sagt: not meant to run in compatibility mode. ??


Alt 11.07.2014, 13:51   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



Mein Fehler. Combofix geht hier nicht. Alle anderen Tools bitte immer mit Adminrechten starten.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Dropper- und Trojanerfund durch avast und malware bytes

Alt 12.07.2014, 11:42   #7
Klmzt
 
Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



mbam
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 12.07.2014
Suchlauf-Zeit: 11:48:49
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.12.01
Rootkit Datenbank: v2014.07.09.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332388
Verstrichene Zeit: 10 Min, 1 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
adwc
Code:
ATTFilter
# AdwCleaner v3.215 - Bericht erstellt am 12/07/2014 um 11:19:36
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Admin - NICOLASPC
# Gestartet von : C:\Users\Marcel\Downloads\adwcleaner_3.215.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6inlgg9z.default\prefs.js ]


[ Datei : C:\Users\.......\AppData\Roaming\Mozilla\Firefox\Profiles\mvta7r0w.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [7600 octets] - [04/07/2014 23:18:56]
AdwCleaner[R1].txt - [1115 octets] - [12/07/2014 11:18:32]
AdwCleaner[S0].txt - [7746 octets] - [04/07/2014 23:23:40]
AdwCleaner[S1].txt - [1039 octets] - [12/07/2014 11:19:36]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [1099 octets] ##########
         
jrt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Admin on 12.07.2014 at 12:15:38,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2245838751-742312130-2388482474-1006\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.07.2014 at 12:21:39,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
frst

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Admin (administrator) on ........PC on 12-07-2014 12:36:34
Running from C:\Users\Admin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Thisisu) C:\Users\Admin\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-04-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-29] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKLM-x32\...\Run: [EMET Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-12] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] ( (Atheros Communications))
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-2245838751-742312130-2388482474-1002\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9F07244D-7427-439B-95FB-32926EF0840D}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{B857F7ED-0985-4E7C-95F4-11FBF6CD5111}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{DCCC6BCF-D2E9-413D-A111-815E6C12B145}: [NameServer]213.162.69.1 213.162.69.169

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6inlgg9z.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-21]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-06-29] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-04-22] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-04-22] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-04-22] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-04-22] (Intel Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [218624 2013-12-20] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-29] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-29] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-29] (AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-06-16] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-29] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-02-05] ()
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-04-22] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-04-22] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-04-22] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-04-22] (Intel Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2013-12-20] (Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-04-15] (LogMeIn Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-02-05] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-16] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2018-06-16 22:04 - 2018-06-16 22:04 - 00000000 ____D () C:\Users\........\AppData\Roaming\AVAST Software
2014-07-12 12:36 - 2014-07-12 12:36 - 02084864 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-07-12 12:36 - 2014-07-12 12:36 - 00013818 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-07-12 12:21 - 2014-07-12 12:21 - 00001341 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-12 12:15 - 2014-07-12 12:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ClassicShell
2014-07-12 12:14 - 2014-07-12 12:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-07-12 12:08 - 2014-07-12 12:09 - 00000000 ____D () C:\AdwCleaner
2014-07-12 12:07 - 2014-07-12 12:07 - 01348263 _____ () C:\Users\Admin\Desktop\adwcleaner_3.215.exe
2014-07-12 11:59 - 2014-07-12 11:59 - 00001145 _____ () C:\Users\Admin\Desktop\mbam.txt
2014-07-12 11:36 - 2014-07-12 11:36 - 00001143 _____ () C:\Users\........\Desktop\mbam.txt
2014-07-12 11:19 - 2014-07-12 11:19 - 00001177 _____ () C:\Users\Admin\Desktop\AdwCleaner[S1].txt
2014-07-12 11:18 - 2014-07-12 11:19 - 00001115 _____ () C:\Users\Admin\Desktop\AdwCleaner[R1].txt
2014-07-12 11:18 - 2014-07-12 11:18 - 01348263 _____ () C:\Users\........\Downloads\adwcleaner_3.215.exe
2014-07-11 00:05 - 2014-07-11 00:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-07-11 00:05 - 2014-07-11 00:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-07-10 23:37 - 2014-07-12 12:23 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2245838751-742312130-2388482474-1006
2014-07-10 23:36 - 2014-07-10 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-07-10 23:36 - 2014-07-10 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-07-10 23:32 - 2014-07-10 23:32 - 00000000 ____D () C:\Users\Admin\Documents\Bluetooth Folder
2014-07-10 23:32 - 2014-07-10 23:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Atheros
2014-07-10 23:32 - 2014-07-10 23:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\BMExplorer
2014-07-10 23:31 - 2014-07-10 23:35 - 00000000 ____D () C:\Users\Admin\AppData\Local\Packages
2014-07-10 23:31 - 2014-07-10 23:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-07-10 23:19 - 2014-07-10 23:19 - 05217324 _____ (Swearware) C:\Users\........\Desktop\ComboFix.exe
2014-07-09 10:03 - 2014-07-09 10:03 - 00000000 ____D () C:\Users\........\Desktop\Neuer Ordner
2014-07-09 08:23 - 2014-07-09 08:23 - 00032074 _____ () C:\Users\........\Downloads\Addition.txt
2014-07-09 08:22 - 2014-07-12 12:36 - 00000000 ____D () C:\FRST
2014-07-09 08:22 - 2014-07-09 08:23 - 00045340 _____ () C:\Users\........\Downloads\FRST.txt
2014-07-09 08:22 - 2014-07-09 08:22 - 02084352 _____ (Farbar) C:\Users\........\Desktop\FRST64.exe
2014-07-09 00:06 - 2014-02-19 11:57 - 93612840 _____ (GOG.com ) C:\Users\........\Downloads\setup_banished_2.0.0.3.exe
2014-07-08 23:41 - 2014-07-12 11:18 - 00000000 ____D () C:\Users\Admin
2014-07-08 23:41 - 2014-07-08 23:41 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Vorlagen
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Startmenü
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Lokale Einstellungen
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Eigene Dateien
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Anwendungsdaten
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Anwendungsdaten
2014-07-08 23:41 - 2014-05-16 19:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-07-08 23:41 - 2014-05-16 18:36 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-08 23:41 - 2014-03-18 12:31 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-08 23:41 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-07-08 23:41 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-07-08 23:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-08 23:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-08 21:44 - 2014-07-08 21:44 - 09755584 _____ (SurfRight B.V.) C:\Users\........\Downloads\hitmanpro_x64.exe
2014-07-08 21:22 - 2014-07-08 21:22 - 02278856 _____ () C:\Users\........\Downloads\avira_pc_cleaner_de.exe
2014-07-08 20:56 - 2014-07-08 20:57 - 01889616 _____ (SurfRight B.V.) C:\Users\........\Downloads\hmpalert.exe
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Users\........\AppData\Local\Secunia PSI
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-07-04 23:54 - 2014-07-04 23:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 23:34 - 2014-07-04 23:34 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 23:34 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-04 23:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-04 23:10 - 2014-07-05 09:26 - 00000000 ____D () C:\Users\........\Downloads\Malwaretools
2014-07-04 23:09 - 2014-07-04 23:09 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 22:20 - 2014-07-12 11:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 22:20 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:20 - 2014-07-04 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-04 22:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 21:53 - 2014-07-04 21:53 - 718638958 _____ () C:\Windows\MEMORY.DMP
2014-07-04 21:53 - 2014-07-04 21:53 - 00302056 _____ () C:\Windows\Minidump\070414-5976750-01.dmp
2014-07-04 20:05 - 2014-07-04 20:05 - 00140626 _____ () C:\Users\........\Downloads\OTL.Txt
2014-07-04 16:24 - 2014-07-04 17:00 - 1017118720 _____ () C:\Users\........\Downloads\ubuntu-14.04-desktop-i386.iso
2014-07-04 15:54 - 2014-07-04 22:50 - 00001590 _____ () C:\Windows\setupact.log
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-04 14:12 - 2014-07-04 14:12 - 00000136 _____ () C:\Users\........\Desktop\Anno 1404 - Venice.lnk
2014-07-04 14:07 - 2014-07-04 14:07 - 00001790 _____ () C:\Users\........\Desktop\Anno1404.lnk
2014-07-04 13:40 - 2014-07-12 12:15 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-04 00:25 - 2014-07-04 00:26 - 00018511 _____ () C:\Windows\DirectX.log
2014-07-03 23:58 - 2014-07-04 00:48 - 00000000 ____D () C:\Users\........\Downloads\venedig
2014-07-03 23:41 - 2014-07-03 23:41 - 00000000 ____D () C:\Users\........\AppData\Roaming\WinRAR
2014-07-03 23:34 - 2014-07-09 00:06 - 00000000 ____D () C:\Users\........\Downloads\Anno Venedig
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\Program Files (x86)\EMET 4.1
2014-07-03 22:30 - 2014-07-03 22:30 - 00000000 ____D () C:\Users\........\AppData\Roaming\QuickScan
2014-07-02 22:39 - 2014-07-02 22:41 - 00000000 ____D () C:\Users\........\Downloads\LibreOfficePortable
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-01 14:16 - 2014-07-01 14:16 - 00000000 ____D () C:\Users\........\AppData\Roaming\NVIDIA
2014-07-01 14:13 - 2014-07-01 14:13 - 00675988 _____ () C:\Users\........\Desktop\Minecraft.exe
2014-06-30 00:05 - 2014-06-30 00:05 - 00335992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 00:04 - 2014-07-12 12:09 - 00029062 _____ () C:\Windows\PFRO.log
2014-06-29 23:54 - 2014-07-01 07:06 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-29 23:54 - 2014-07-01 07:06 - 00000000 ____D () C:\Windows\system32\NV
2014-06-29 23:54 - 2014-06-29 23:54 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-29 23:53 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-29 23:53 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-06-29 23:49 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\LastGood
2014-06-29 23:48 - 2014-06-29 23:48 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00001121 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-29 23:46 - 2014-06-29 23:47 - 29677544 _____ (Mozilla) C:\Users\........\Downloads\Firefox Setup 30.0.exe
2014-06-29 23:34 - 2014-06-29 23:34 - 00001990 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 23:33 - 2014-06-29 23:33 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 23:33 - 2014-06-29 23:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 23:33 - 2014-06-29 23:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 23:30 - 2014-06-29 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 23:29 - 2014-07-04 13:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 23:29 - 2014-06-29 23:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-29 23:29 - 2014-06-29 23:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1404077405578
2014-06-29 23:25 - 2014-06-29 23:25 - 00001348 _____ () C:\Users\........\AppData\Roaming\Microsoft\Windows\Start Menu\Anno 1404.lnk
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-29 21:48 - 2014-07-12 11:19 - 01072015 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 21:28 - 2014-06-17 21:28 - 00000000 ____D () C:\Users\........\AppData\Roaming\LibreOffice
2014-06-17 21:24 - 2014-06-17 21:26 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-06-17 16:51 - 2014-06-17 16:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\Avg2014
2014-06-16 21:14 - 2014-06-29 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-16 21:08 - 2014-06-16 21:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2014-06-16 18:15 - 2014-06-16 18:15 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402935353687
2014-06-16 18:15 - 2014-06-16 18:15 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402935353687
2014-06-16 09:56 - 2014-06-16 09:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-06-16 09:40 - 2014-06-16 09:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 09:30 - 2014-05-27 18:12 - 00918952 _____ (Oracle Corporation) C:\Users\........\Downloads\jxpiinstall.exe
2014-06-16 08:56 - 2014-06-29 22:49 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-06-12 13:18 - 2014-06-12 13:18 - 00000000 ____D () C:\Users\........\AppData\Roaming\java

==================== One Month Modified Files and Folders =======

2018-06-16 22:04 - 2018-06-16 22:04 - 00000000 ____D () C:\Users\........\AppData\Roaming\AVAST Software
2014-07-12 12:36 - 2014-07-12 12:36 - 02084864 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-07-12 12:36 - 2014-07-12 12:36 - 00013818 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-07-12 12:36 - 2014-07-09 08:22 - 00000000 ____D () C:\FRST
2014-07-12 12:23 - 2014-07-10 23:37 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2245838751-742312130-2388482474-1006
2014-07-12 12:21 - 2014-07-12 12:21 - 00001341 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-12 12:15 - 2014-07-12 12:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ClassicShell
2014-07-12 12:15 - 2014-07-04 13:40 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 12:15 - 2014-03-18 11:25 - 00773008 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 12:15 - 2014-03-18 11:25 - 00162310 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 12:14 - 2014-07-12 12:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-07-12 12:10 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 12:09 - 2014-07-12 12:08 - 00000000 ____D () C:\AdwCleaner
2014-07-12 12:09 - 2014-06-30 00:04 - 00029062 _____ () C:\Windows\PFRO.log
2014-07-12 12:09 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-07-12 12:07 - 2014-07-12 12:07 - 01348263 _____ () C:\Users\Admin\Desktop\adwcleaner_3.215.exe
2014-07-12 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-12 11:59 - 2014-07-12 11:59 - 00001145 _____ () C:\Users\Admin\Desktop\mbam.txt
2014-07-12 11:41 - 2014-01-03 11:07 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2245838751-742312130-2388482474-1002
2014-07-12 11:37 - 2014-07-04 22:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 11:36 - 2014-07-12 11:36 - 00001143 _____ () C:\Users\........\Desktop\mbam.txt
2014-07-12 11:36 - 2013-12-20 16:14 - 00000000 ____D () C:\Users\........\AppData\Roaming\ClassicShell
2014-07-12 11:21 - 2014-04-25 22:30 - 00000000 ____D () C:\Users\........\AppData\Local\LogMeIn Hamachi
2014-07-12 11:19 - 2014-07-12 11:19 - 00001177 _____ () C:\Users\Admin\Desktop\AdwCleaner[S1].txt
2014-07-12 11:19 - 2014-07-12 11:18 - 00001115 _____ () C:\Users\Admin\Desktop\AdwCleaner[R1].txt
2014-07-12 11:19 - 2014-06-29 21:48 - 01072015 _____ () C:\Windows\WindowsUpdate.log
2014-07-12 11:18 - 2014-07-12 11:18 - 01348263 _____ () C:\Users\........\Downloads\adwcleaner_3.215.exe
2014-07-12 11:18 - 2014-07-08 23:41 - 00000000 ____D () C:\Users\Admin
2014-07-11 00:05 - 2014-07-11 00:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-07-11 00:05 - 2014-07-11 00:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-07-10 23:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-10 23:36 - 2014-07-10 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-07-10 23:36 - 2014-07-10 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-07-10 23:35 - 2014-07-10 23:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Packages
2014-07-10 23:32 - 2014-07-10 23:32 - 00000000 ____D () C:\Users\Admin\Documents\Bluetooth Folder
2014-07-10 23:32 - 2014-07-10 23:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Atheros
2014-07-10 23:32 - 2014-07-10 23:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\BMExplorer
2014-07-10 23:31 - 2014-07-10 23:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-07-10 23:19 - 2014-07-10 23:19 - 05217324 _____ (Swearware) C:\Users\........\Desktop\ComboFix.exe
2014-07-09 10:03 - 2014-07-09 10:03 - 00000000 ____D () C:\Users\........\Desktop\Neuer Ordner
2014-07-09 08:23 - 2014-07-09 08:23 - 00032074 _____ () C:\Users\........\Downloads\Addition.txt
2014-07-09 08:23 - 2014-07-09 08:22 - 00045340 _____ () C:\Users\........\Downloads\FRST.txt
2014-07-09 08:22 - 2014-07-09 08:22 - 02084352 _____ (Farbar) C:\Users\........\Desktop\FRST64.exe
2014-07-09 07:29 - 2014-04-26 20:25 - 00000000 ____D () C:\Users\........\AppData\Roaming\.minecraft
2014-07-09 00:06 - 2014-07-03 23:34 - 00000000 ____D () C:\Users\........\Downloads\Anno Venedig
2014-07-08 23:41 - 2014-07-08 23:41 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Vorlagen
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Startmenü
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Lokale Einstellungen
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Eigene Dateien
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Anwendungsdaten
2014-07-08 23:41 - 2014-07-08 23:41 - 00000000 _SHDL () C:\Users\Admin\Anwendungsdaten
2014-07-08 23:35 - 2014-05-16 18:19 - 00000660 __RSH () C:\Users\........\ntuser.pol
2014-07-08 23:35 - 2014-05-16 17:53 - 00000000 ____D () C:\Users\........
2014-07-08 23:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Vss
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-08 21:44 - 2014-07-08 21:44 - 09755584 _____ (SurfRight B.V.) C:\Users\........\Downloads\hitmanpro_x64.exe
2014-07-08 21:22 - 2014-07-08 21:22 - 02278856 _____ () C:\Users\........\Downloads\avira_pc_cleaner_de.exe
2014-07-08 20:57 - 2014-07-08 20:56 - 01889616 _____ (SurfRight B.V.) C:\Users\........\Downloads\hmpalert.exe
2014-07-06 17:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-06 17:46 - 2013-12-20 15:53 - 00000000 ____D () C:\ProgramData\DatacardService
2014-07-05 09:26 - 2014-07-04 23:10 - 00000000 ____D () C:\Users\........\Downloads\Malwaretools
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Users\........\AppData\Local\Secunia PSI
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-07-04 23:54 - 2014-07-04 23:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 23:34 - 2014-07-04 23:34 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 23:23 - 2014-05-17 22:07 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-04 23:09 - 2014-07-04 23:09 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 22:50 - 2014-07-04 15:54 - 00001590 _____ () C:\Windows\setupact.log
2014-07-04 22:30 - 2014-07-04 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-04 21:53 - 2014-07-04 21:53 - 718638958 _____ () C:\Windows\MEMORY.DMP
2014-07-04 21:53 - 2014-07-04 21:53 - 00302056 _____ () C:\Windows\Minidump\070414-5976750-01.dmp
2014-07-04 21:53 - 2014-05-18 18:16 - 00000000 ____D () C:\Windows\Minidump
2014-07-04 20:05 - 2014-07-04 20:05 - 00140626 _____ () C:\Users\........\Downloads\OTL.Txt
2014-07-04 17:00 - 2014-07-04 16:24 - 1017118720 _____ () C:\Users\........\Downloads\ubuntu-14.04-desktop-i386.iso
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-04 14:12 - 2014-07-04 14:12 - 00000136 _____ () C:\Users\........\Desktop\Anno 1404 - Venice.lnk
2014-07-04 14:07 - 2014-07-04 14:07 - 00001790 _____ () C:\Users\........\Desktop\Anno1404.lnk
2014-07-04 13:33 - 2014-06-29 23:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-04 00:48 - 2014-07-03 23:58 - 00000000 ____D () C:\Users\........\Downloads\venedig
2014-07-04 00:35 - 2014-01-01 21:51 - 00000000 ____D () C:\Users\........\AppData\Roaming\Ubisoft
2014-07-04 00:29 - 2014-01-25 21:52 - 00000000 ____D () C:\ProgramData\Solidshield
2014-07-04 00:28 - 2013-07-19 16:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-04 00:26 - 2014-07-04 00:25 - 00018511 _____ () C:\Windows\DirectX.log
2014-07-03 23:41 - 2014-07-03 23:41 - 00000000 ____D () C:\Users\........\AppData\Roaming\WinRAR
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\Program Files (x86)\EMET 4.1
2014-07-03 22:30 - 2014-07-03 22:30 - 00000000 ____D () C:\Users\........\AppData\Roaming\QuickScan
2014-07-02 22:41 - 2014-07-02 22:39 - 00000000 ____D () C:\Users\........\Downloads\LibreOfficePortable
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-01 14:16 - 2014-07-01 14:16 - 00000000 ____D () C:\Users\........\AppData\Roaming\NVIDIA
2014-07-01 14:13 - 2014-07-01 14:13 - 00675988 _____ () C:\Users\........\Desktop\Minecraft.exe
2014-07-01 13:32 - 2014-01-18 11:29 - 00000000 ____D () C:\ProgramData\Origin
2014-07-01 13:24 - 2014-01-18 11:29 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-01 07:06 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-01 07:06 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\system32\NV
2014-07-01 07:05 - 2014-05-21 20:10 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9CB70B38-EF3C-4BFD-BB6B-48498E7F25B3}
2014-06-30 15:01 - 2014-03-29 12:16 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-30 00:05 - 2014-06-30 00:05 - 00335992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-29 23:57 - 2014-01-04 14:08 - 00000000 ____D () C:\Users\........\AppData\Local\NVIDIA Corporation
2014-06-29 23:57 - 2014-01-04 14:05 - 00000000 ____D () C:\Users\........\AppData\Local\NVIDIA
2014-06-29 23:54 - 2014-06-29 23:54 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-29 23:54 - 2014-06-29 23:49 - 00000000 ____D () C:\Windows\LastGood
2014-06-29 23:54 - 2014-05-16 17:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-29 23:48 - 2014-06-29 23:48 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00001121 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-29 23:47 - 2014-06-29 23:46 - 29677544 _____ (Mozilla) C:\Users\........\Downloads\Firefox Setup 30.0.exe
2014-06-29 23:40 - 2014-04-28 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-29 23:40 - 2014-01-31 22:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-29 23:34 - 2014-06-29 23:34 - 00001990 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 23:34 - 2014-06-29 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 23:33 - 2014-06-29 23:33 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 23:33 - 2014-06-29 23:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 23:33 - 2014-06-29 23:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 23:33 - 2014-06-29 23:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-29 23:29 - 2014-06-29 23:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1404077405578
2014-06-29 23:25 - 2014-06-29 23:25 - 00001348 _____ () C:\Users\........\AppData\Roaming\Microsoft\Windows\Start Menu\Anno 1404.lnk
2014-06-29 23:18 - 2013-04-26 01:17 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-29 23:18 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\en-GB
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-29 22:55 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-29 22:49 - 2014-06-16 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-29 22:49 - 2014-06-16 08:56 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-06-29 22:49 - 2014-06-11 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2014-06-29 22:49 - 2014-05-16 19:19 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-06-29 22:49 - 2014-05-16 17:45 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-29 22:49 - 2014-01-31 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-29 22:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\security
2014-06-29 22:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2014-06-29 22:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-06-29 22:49 - 2013-07-19 16:26 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-06-29 22:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2014-06-29 22:35 - 2014-05-15 21:47 - 00000000 ____D () C:\Users\........\AppData\Local\Mozilla
2014-06-29 22:35 - 2013-12-17 21:12 - 00000000 ____D () C:\Users\........\AppData\Local\Packages
2014-06-29 22:34 - 2014-01-19 17:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-29 18:56 - 2014-02-07 17:41 - 00000000 ____D () C:\Users\........\Desktop\Mods
2014-06-29 17:25 - 2014-06-03 15:16 - 00000000 ____D () C:\Users\........\Documents\Battlefield 3
2014-06-29 17:25 - 2014-03-15 19:57 - 00000000 ____D () C:\Users\........\Documents\!DOKUMENTE!
2014-06-17 21:28 - 2014-06-17 21:28 - 00000000 ____D () C:\Users\........\AppData\Roaming\LibreOffice
2014-06-17 21:26 - 2014-06-17 21:24 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-06-17 16:52 - 2014-06-17 16:51 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\Avg2014
2014-06-16 22:17 - 2014-05-07 22:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-16 22:17 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\........\AppData\Local\Android
2014-06-16 22:16 - 2014-05-18 21:42 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-16 21:08 - 2014-06-16 21:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2014-06-16 18:15 - 2014-06-16 18:15 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402935353687
2014-06-16 18:15 - 2014-06-16 18:15 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402935353687
2014-06-16 09:56 - 2014-06-16 09:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-06-16 09:40 - 2014-06-16 09:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 09:24 - 2013-04-26 01:16 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-06-16 08:56 - 2014-05-16 17:45 - 00153969 _____ () C:\Windows\system32\Drivers\RTWAVES30.dat
2014-06-15 23:11 - 2014-03-25 22:57 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2245838751-742312130-2388482474-1005
2014-06-12 13:18 - 2014-06-12 13:18 - 00000000 ____D () C:\Users\........\AppData\Roaming\java

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\........\.gdocs.dat


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\........\AppData\Local\Temp\hitmanpro_x64.exe
C:\Users\........\AppData\Local\Temp\Quarantine.exe
C:\Users\........\AppData\Local\Temp\ubi26D9.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-09 12:04

==================== End Of Log ============================
         
--- --- ---

Alt 13.07.2014, 08:17   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.07.2014, 13:52   #9
Klmzt
 
Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



sec check
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.85  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 60  
 Mozilla Firefox (30.0) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 Mobile Partner OnlineUpdate ouc.exe  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
eset
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=dbb97658751f364380d985484ef1c4f6
# engine=19157
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-13 09:55:44
# local_time=2014-07-13 11:55:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 1209050 1211153 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1213249 5030353 0 0
# scanned=210939
# found=2
# cleaned=0
# scan_time=5717
sh=CC5DA4CF0697E1747D81C4D09838DE4C92354DD0 ft=1 fh=ceecdeac6d7b9dfb vn="Variante von Win32/InstallCore.NU evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1002\$RMZ59SM.exe"
sh=6276F390A7013814D21A2C86E2CDE726DE9DD673 ft=1 fh=4e01f83b5f9d4dcd vn="Win32/Packed.VMProtect.D Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2245838751-742312130-2388482474-1006\$RAAMP1Q.exe"
         



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by ........ (ATTENTION: The logged in user is not administrator) on ........PC on 14-07-2014 00:12:58
Running from C:\Users\TEMP\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-04-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-29] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKLM-x32\...\Run: [EMET Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-12] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] ( (Atheros Communications))
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-2245838751-742312130-2388482474-1002\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9F07244D-7427-439B-95FB-32926EF0840D}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{B857F7ED-0985-4E7C-95F4-11FBF6CD5111}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{DCCC6BCF-D2E9-413D-A111-815E6C12B145}: [NameServer]213.162.69.1 213.162.69.169

FireFox:
========
FF ProfilePath: C:\Users\TEMP\AppData\Roaming\Mozilla\Firefox\Profiles\6ff0w6nc.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-21]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-06-29] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-04-22] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-04-22] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-04-22] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-04-22] (Intel Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [218624 2013-12-20] () [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-29] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-29] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-29] (AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-06-16] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-29] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-02-05] ()
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-04-22] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-04-22] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-04-22] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-04-22] (Intel Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2013-12-20] (Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-04-15] (LogMeIn Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-02-05] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-16] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2018-06-16 22:04 - 2018-06-16 22:04 - 00000000 ____D () C:\Users\........\AppData\Roaming\AVAST Software
2014-07-14 00:12 - 2014-07-14 00:12 - 02086912 _____ (Farbar) C:\Users\TEMP\Downloads\FRST64.exe
2014-07-14 00:12 - 2014-07-14 00:12 - 00011964 _____ () C:\Users\TEMP\Downloads\FRST.txt
2014-07-14 00:07 - 2014-07-14 00:07 - 00854390 _____ () C:\Users\TEMP\Downloads\SecurityCheck.exe
2014-07-13 17:32 - 2014-07-13 20:05 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\.minecraft
2014-07-13 17:32 - 2014-07-13 17:32 - 00001104 _____ () C:\Users\TEMP\Desktop\Minecraft - Verknüpfung.lnk
2014-07-13 15:30 - 2014-07-13 15:30 - 02347384 _____ (ESET) C:\Users\TEMP\Downloads\esetsmartinstaller_deu(2).exe
2014-07-13 13:32 - 2014-07-13 13:32 - 00001062 _____ () C:\eset.txt
2014-07-13 11:23 - 2014-07-13 11:23 - 02347384 _____ (ESET) C:\Users\TEMP\Downloads\esetsmartinstaller_deu(1).exe
2014-07-13 11:09 - 2014-07-13 11:09 - 02347384 _____ (ESET) C:\Users\TEMP\Downloads\esetsmartinstaller_deu.exe
2014-07-13 11:00 - 2014-07-13 11:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Mozilla
2014-07-13 11:00 - 2014-07-13 11:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Mozilla
2014-07-13 10:56 - 2014-07-14 00:10 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\ClassicShell
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\Documents\Bluetooth Folder
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\AVAST Software
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\AppData\Local\BMExplorer
2014-07-13 10:55 - 2014-07-13 19:28 - 00000000 ____D () C:\Users\TEMP\AppData\Local\VirtualStore
2014-07-13 10:55 - 2014-07-13 10:55 - 00000660 __RSH () C:\Users\TEMP\ntuser.pol
2014-07-13 10:55 - 2014-07-13 10:55 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Vorlagen
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Lokale Einstellungen
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Eigene Dateien
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Anwendungsdaten
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Anwendungsdaten
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Atheros
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Packages
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 ____D () C:\Users\TEMP
2014-07-13 10:55 - 2014-05-16 19:51 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2014-07-13 10:55 - 2014-05-16 18:36 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-13 10:55 - 2014-03-18 12:31 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 10:55 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-07-13 10:55 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-07-13 10:55 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-13 10:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-13 10:54 - 2014-07-13 21:15 - 00239732 _____ () C:\Windows\WindowsUpdate.log
2014-07-12 12:08 - 2014-07-12 12:09 - 00000000 ____D () C:\AdwCleaner
2014-07-12 11:36 - 2014-07-12 11:36 - 00001143 _____ () C:\Users\........\Desktop\mbam.txt
2014-07-12 11:18 - 2014-07-12 11:18 - 01348263 _____ () C:\Users\........\Downloads\adwcleaner_3.215.exe
2014-07-10 23:19 - 2014-07-10 23:19 - 05217324 _____ (Swearware) C:\Users\........\Desktop\ComboFix.exe
2014-07-09 10:03 - 2014-07-09 10:03 - 00000000 ____D () C:\Users\........\Desktop\Neuer Ordner
2014-07-09 08:23 - 2014-07-09 08:23 - 00032074 _____ () C:\Users\........\Downloads\Addition.txt
2014-07-09 08:22 - 2014-07-14 00:13 - 00000000 ____D () C:\FRST
2014-07-09 08:22 - 2014-07-09 08:23 - 00045340 _____ () C:\Users\........\Downloads\FRST.txt
2014-07-09 08:22 - 2014-07-09 08:22 - 02084352 _____ (Farbar) C:\Users\........\Desktop\FRST64.exe
2014-07-09 00:06 - 2014-02-19 11:57 - 93612840 _____ (GOG.com ) C:\Users\........\Downloads\setup_banished_2.0.0.3.exe
2014-07-08 23:41 - 2014-07-12 11:18 - 00000000 ____D () C:\Users\Admin
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-08 21:44 - 2014-07-08 21:44 - 09755584 _____ (SurfRight B.V.) C:\Users\........\Downloads\hitmanpro_x64.exe
2014-07-08 21:22 - 2014-07-08 21:22 - 02278856 _____ () C:\Users\........\Downloads\avira_pc_cleaner_de.exe
2014-07-08 20:56 - 2014-07-08 20:57 - 01889616 _____ (SurfRight B.V.) C:\Users\........\Downloads\hmpalert.exe
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Users\........\AppData\Local\Secunia PSI
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-07-04 23:54 - 2014-07-04 23:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 23:34 - 2014-07-04 23:34 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 23:34 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-04 23:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-04 23:10 - 2014-07-05 09:26 - 00000000 ____D () C:\Users\........\Downloads\Malwaretools
2014-07-04 23:09 - 2014-07-04 23:09 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 22:20 - 2014-07-12 11:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 22:20 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 22:20 - 2014-07-04 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-04 22:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 20:05 - 2014-07-04 20:05 - 00140626 _____ () C:\Users\........\Downloads\OTL.Txt
2014-07-04 16:24 - 2014-07-04 17:00 - 1017118720 _____ () C:\Users\........\Downloads\ubuntu-14.04-desktop-i386.iso
2014-07-04 14:12 - 2014-07-04 14:12 - 00000136 _____ () C:\Users\........\Desktop\Anno 1404 - Venice.lnk
2014-07-04 14:07 - 2014-07-04 14:07 - 00001790 _____ () C:\Users\........\Desktop\Anno1404.lnk
2014-07-04 13:40 - 2014-07-13 10:57 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 23:58 - 2014-07-13 15:32 - 00000000 ____D () C:\Users\........\Downloads\venedig
2014-07-03 23:41 - 2014-07-03 23:41 - 00000000 ____D () C:\Users\........\AppData\Roaming\WinRAR
2014-07-03 23:34 - 2014-07-13 15:24 - 00000000 ____D () C:\Users\........\Downloads\Anno Venedig
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\Program Files (x86)\EMET 4.1
2014-07-03 22:30 - 2014-07-03 22:30 - 00000000 ____D () C:\Users\........\AppData\Roaming\QuickScan
2014-07-02 22:39 - 2014-07-02 22:41 - 00000000 ____D () C:\Users\........\Downloads\LibreOfficePortable
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-01 14:16 - 2014-07-01 14:16 - 00000000 ____D () C:\Users\........\AppData\Roaming\NVIDIA
2014-07-01 14:13 - 2014-07-01 14:13 - 00675988 _____ () C:\Users\........\Desktop\Minecraft.exe
2014-06-30 00:05 - 2014-06-30 00:05 - 00335992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-29 23:54 - 2014-07-01 07:06 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-29 23:54 - 2014-07-01 07:06 - 00000000 ____D () C:\Windows\system32\NV
2014-06-29 23:54 - 2014-06-29 23:54 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-29 23:53 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-29 23:53 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-29 23:53 - 2014-05-20 04:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-06-29 23:49 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\LastGood
2014-06-29 23:48 - 2014-06-29 23:48 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00001121 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-29 23:46 - 2014-06-29 23:47 - 29677544 _____ (Mozilla) C:\Users\........\Downloads\Firefox Setup 30.0.exe
2014-06-29 23:34 - 2014-06-29 23:34 - 00001990 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 23:33 - 2014-06-29 23:33 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 23:33 - 2014-06-29 23:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 23:33 - 2014-06-29 23:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 23:30 - 2014-06-29 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 23:29 - 2014-07-04 13:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 23:29 - 2014-06-29 23:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 23:29 - 2014-06-29 23:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 23:29 - 2014-06-29 23:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1404077405578
2014-06-29 23:25 - 2014-06-29 23:25 - 00001348 _____ () C:\Users\........\AppData\Roaming\Microsoft\Windows\Start Menu\Anno 1404.lnk
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-17 21:28 - 2014-06-17 21:28 - 00000000 ____D () C:\Users\........\AppData\Roaming\LibreOffice
2014-06-17 21:24 - 2014-06-17 21:26 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-06-17 16:51 - 2014-06-17 16:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\Avg2014
2014-06-16 21:14 - 2014-06-29 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-16 21:08 - 2014-06-16 21:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2014-06-16 18:15 - 2014-06-16 18:15 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402935353687
2014-06-16 18:15 - 2014-06-16 18:15 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402935353687
2014-06-16 09:56 - 2014-06-16 09:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-06-16 09:40 - 2014-06-16 09:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 09:30 - 2014-05-27 18:12 - 00918952 _____ (Oracle Corporation) C:\Users\........\Downloads\jxpiinstall.exe
2014-06-16 08:56 - 2014-06-29 22:49 - 00000000 ____D () C:\Windows\LastGood.Tmp

==================== One Month Modified Files and Folders =======

2018-06-16 22:04 - 2018-06-16 22:04 - 00000000 ____D () C:\Users\........\AppData\Roaming\AVAST Software
2014-07-14 00:13 - 2014-07-14 00:12 - 00011964 _____ () C:\Users\TEMP\Downloads\FRST.txt
2014-07-14 00:13 - 2014-07-09 08:22 - 00000000 ____D () C:\FRST
2014-07-14 00:12 - 2014-07-14 00:12 - 02086912 _____ (Farbar) C:\Users\TEMP\Downloads\FRST64.exe
2014-07-14 00:10 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\ClassicShell
2014-07-14 00:07 - 2014-07-14 00:07 - 00854390 _____ () C:\Users\TEMP\Downloads\SecurityCheck.exe
2014-07-14 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-13 21:15 - 2014-07-13 10:54 - 00239732 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 20:05 - 2014-07-13 17:32 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\.minecraft
2014-07-13 19:28 - 2014-07-13 10:55 - 00000000 ____D () C:\Users\TEMP\AppData\Local\VirtualStore
2014-07-13 17:32 - 2014-07-13 17:32 - 00001104 _____ () C:\Users\TEMP\Desktop\Minecraft - Verknüpfung.lnk
2014-07-13 15:32 - 2014-07-03 23:58 - 00000000 ____D () C:\Users\........\Downloads\venedig
2014-07-13 15:30 - 2014-07-13 15:30 - 02347384 _____ (ESET) C:\Users\TEMP\Downloads\esetsmartinstaller_deu(2).exe
2014-07-13 15:24 - 2014-07-03 23:34 - 00000000 ____D () C:\Users\........\Downloads\Anno Venedig
2014-07-13 13:32 - 2014-07-13 13:32 - 00001062 _____ () C:\eset.txt
2014-07-13 11:24 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-13 11:23 - 2014-07-13 11:23 - 02347384 _____ (ESET) C:\Users\TEMP\Downloads\esetsmartinstaller_deu(1).exe
2014-07-13 11:09 - 2014-07-13 11:09 - 02347384 _____ (ESET) C:\Users\TEMP\Downloads\esetsmartinstaller_deu.exe
2014-07-13 11:00 - 2014-07-13 11:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Mozilla
2014-07-13 11:00 - 2014-07-13 11:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Mozilla
2014-07-13 10:57 - 2014-07-04 13:40 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-13 10:57 - 2014-03-18 11:25 - 00773008 _____ () C:\Windows\system32\perfh007.dat
2014-07-13 10:57 - 2014-03-18 11:25 - 00162310 _____ () C:\Windows\system32\perfc007.dat
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\Documents\Bluetooth Folder
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\AVAST Software
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe
2014-07-13 10:56 - 2014-07-13 10:56 - 00000000 ____D () C:\Users\TEMP\AppData\Local\BMExplorer
2014-07-13 10:55 - 2014-07-13 10:55 - 00000660 __RSH () C:\Users\TEMP\ntuser.pol
2014-07-13 10:55 - 2014-07-13 10:55 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Vorlagen
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Lokale Einstellungen
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Eigene Dateien
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Anwendungsdaten
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 _SHDL () C:\Users\TEMP\Anwendungsdaten
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Atheros
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Packages
2014-07-13 10:55 - 2014-07-13 10:55 - 00000000 ____D () C:\Users\TEMP
2014-07-12 21:39 - 2014-05-18 18:16 - 00000000 ____D () C:\Windows\Minidump
2014-07-12 12:10 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 12:09 - 2014-07-12 12:08 - 00000000 ____D () C:\AdwCleaner
2014-07-12 11:37 - 2014-07-04 22:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 11:36 - 2014-07-12 11:36 - 00001143 _____ () C:\Users\........\Desktop\mbam.txt
2014-07-12 11:36 - 2013-12-20 16:14 - 00000000 ____D () C:\Users\........\AppData\Roaming\ClassicShell
2014-07-12 11:21 - 2014-04-25 22:30 - 00000000 ____D () C:\Users\........\AppData\Local\LogMeIn Hamachi
2014-07-12 11:18 - 2014-07-12 11:18 - 01348263 _____ () C:\Users\........\Downloads\adwcleaner_3.215.exe
2014-07-12 11:18 - 2014-07-08 23:41 - 00000000 ____D () C:\Users\Admin
2014-07-10 23:19 - 2014-07-10 23:19 - 05217324 _____ (Swearware) C:\Users\........\Desktop\ComboFix.exe
2014-07-09 10:03 - 2014-07-09 10:03 - 00000000 ____D () C:\Users\........\Desktop\Neuer Ordner
2014-07-09 08:23 - 2014-07-09 08:23 - 00032074 _____ () C:\Users\........\Downloads\Addition.txt
2014-07-09 08:23 - 2014-07-09 08:22 - 00045340 _____ () C:\Users\........\Downloads\FRST.txt
2014-07-09 08:22 - 2014-07-09 08:22 - 02084352 _____ (Farbar) C:\Users\........\Desktop\FRST64.exe
2014-07-09 07:29 - 2014-04-26 20:25 - 00000000 ____D () C:\Users\........\AppData\Roaming\.minecraft
2014-07-08 23:35 - 2014-05-16 18:19 - 00000660 __RSH () C:\Users\........\ntuser.pol
2014-07-08 23:35 - 2014-05-16 17:53 - 00000000 ____D () C:\Users\........
2014-07-08 23:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Vss
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-08 21:45 - 2014-07-08 21:45 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-08 21:44 - 2014-07-08 21:44 - 09755584 _____ (SurfRight B.V.) C:\Users\........\Downloads\hitmanpro_x64.exe
2014-07-08 21:22 - 2014-07-08 21:22 - 02278856 _____ () C:\Users\........\Downloads\avira_pc_cleaner_de.exe
2014-07-08 20:57 - 2014-07-08 20:56 - 01889616 _____ (SurfRight B.V.) C:\Users\........\Downloads\hmpalert.exe
2014-07-06 17:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-06 17:46 - 2013-12-20 15:53 - 00000000 ____D () C:\ProgramData\DatacardService
2014-07-05 09:26 - 2014-07-04 23:10 - 00000000 ____D () C:\Users\........\Downloads\Malwaretools
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Users\........\AppData\Local\Secunia PSI
2014-07-05 09:10 - 2014-07-05 09:10 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-07-04 23:54 - 2014-07-04 23:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 23:34 - 2014-07-04 23:34 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 23:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-04 23:34 - 2014-07-04 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 23:23 - 2014-05-17 22:07 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-04 23:09 - 2014-07-04 23:09 - 00000000 ____D () C:\Windows\ERUNT
2014-07-04 22:30 - 2014-07-04 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-04 20:05 - 2014-07-04 20:05 - 00140626 _____ () C:\Users\........\Downloads\OTL.Txt
2014-07-04 17:00 - 2014-07-04 16:24 - 1017118720 _____ () C:\Users\........\Downloads\ubuntu-14.04-desktop-i386.iso
2014-07-04 14:12 - 2014-07-04 14:12 - 00000136 _____ () C:\Users\........\Desktop\Anno 1404 - Venice.lnk
2014-07-04 14:07 - 2014-07-04 14:07 - 00001790 _____ () C:\Users\........\Desktop\Anno1404.lnk
2014-07-04 13:33 - 2014-06-29 23:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-04 00:35 - 2014-01-01 21:51 - 00000000 ____D () C:\Users\........\AppData\Roaming\Ubisoft
2014-07-04 00:29 - 2014-01-25 21:52 - 00000000 ____D () C:\ProgramData\Solidshield
2014-07-04 00:28 - 2013-07-19 16:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-03 23:41 - 2014-07-03 23:41 - 00000000 ____D () C:\Users\........\AppData\Roaming\WinRAR
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2014-07-03 23:25 - 2014-07-03 23:25 - 00000000 ____D () C:\Program Files (x86)\EMET 4.1
2014-07-03 22:30 - 2014-07-03 22:30 - 00000000 ____D () C:\Users\........\AppData\Roaming\QuickScan
2014-07-02 22:41 - 2014-07-02 22:39 - 00000000 ____D () C:\Users\........\Downloads\LibreOfficePortable
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-02 13:29 - 2014-07-02 13:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-01 14:16 - 2014-07-01 14:16 - 00000000 ____D () C:\Users\........\AppData\Roaming\NVIDIA
2014-07-01 14:13 - 2014-07-01 14:13 - 00675988 _____ () C:\Users\........\Desktop\Minecraft.exe
2014-07-01 13:32 - 2014-01-18 11:29 - 00000000 ____D () C:\ProgramData\Origin
2014-07-01 13:24 - 2014-01-18 11:29 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-01 07:06 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-01 07:06 - 2014-06-29 23:54 - 00000000 ____D () C:\Windows\system32\NV
2014-06-30 00:05 - 2014-06-30 00:05 - 00335992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-29 23:57 - 2014-05-16 17:44 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-29 23:57 - 2014-01-04 14:08 - 00000000 ____D () C:\Users\........\AppData\Local\NVIDIA Corporation
2014-06-29 23:57 - 2014-01-04 14:05 - 00000000 ____D () C:\Users\........\AppData\Local\NVIDIA
2014-06-29 23:54 - 2014-06-29 23:54 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-29 23:54 - 2014-06-29 23:49 - 00000000 ____D () C:\Windows\LastGood
2014-06-29 23:54 - 2014-05-16 17:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-29 23:48 - 2014-06-29 23:48 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00001121 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-29 23:48 - 2014-06-29 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-29 23:47 - 2014-06-29 23:46 - 29677544 _____ (Mozilla) C:\Users\........\Downloads\Firefox Setup 30.0.exe
2014-06-29 23:40 - 2014-04-28 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-29 23:40 - 2014-01-31 22:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-29 23:34 - 2014-06-29 23:34 - 00001990 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 23:34 - 2014-06-29 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 23:33 - 2014-06-29 23:33 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 23:33 - 2014-06-29 23:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 23:33 - 2014-06-29 23:33 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 23:33 - 2014-06-29 23:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 23:33 - 2014-06-29 23:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-29 23:29 - 2014-06-29 23:29 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1404077405578
2014-06-29 23:29 - 2014-06-29 23:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1404077405578
2014-06-29 23:25 - 2014-06-29 23:25 - 00001348 _____ () C:\Users\........\AppData\Roaming\Microsoft\Windows\Start Menu\Anno 1404.lnk
2014-06-29 23:18 - 2013-04-26 01:17 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-29 23:18 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\en-GB
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-29 23:13 - 2014-06-29 23:13 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-29 22:49 - 2014-06-16 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-29 22:49 - 2014-06-16 08:56 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-06-29 22:49 - 2014-06-11 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2014-06-29 22:49 - 2014-05-16 19:19 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-06-29 22:49 - 2014-05-16 17:45 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-29 22:49 - 2014-01-31 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-29 22:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\security
2014-06-29 22:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2014-06-29 22:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-06-29 22:49 - 2013-07-19 16:26 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-06-29 22:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2014-06-29 22:35 - 2014-05-15 21:47 - 00000000 ____D () C:\Users\........\AppData\Local\Mozilla
2014-06-29 22:35 - 2013-12-17 21:12 - 00000000 ____D () C:\Users\........\AppData\Local\Packages
2014-06-29 22:34 - 2014-01-19 17:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-29 18:56 - 2014-02-07 17:41 - 00000000 ____D () C:\Users\........\Desktop\Mods
2014-06-29 17:25 - 2014-06-03 15:16 - 00000000 ____D () C:\Users\........\Documents\Battlefield 3
2014-06-29 17:25 - 2014-03-15 19:57 - 00000000 ____D () C:\Users\........\Documents\!DOKUMENTE!
2014-06-17 21:28 - 2014-06-17 21:28 - 00000000 ____D () C:\Users\........\AppData\Roaming\LibreOffice
2014-06-17 21:26 - 2014-06-17 21:24 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-06-17 16:52 - 2014-06-17 16:51 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\MFAData
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Users\........\AppData\Local\Avg2014
2014-06-16 22:17 - 2014-05-07 22:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-16 22:17 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\........\AppData\Local\Android
2014-06-16 22:16 - 2014-05-18 21:42 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-16 21:08 - 2014-06-16 21:08 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402945752484
2014-06-16 21:08 - 2014-06-16 21:08 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2014-06-16 18:15 - 2014-06-16 18:15 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402935353687
2014-06-16 18:15 - 2014-06-16 18:15 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402935353687
2014-06-16 09:56 - 2014-06-16 09:56 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-06-16 09:40 - 2014-06-16 09:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-16 09:40 - 2014-06-16 09:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 09:24 - 2013-04-26 01:16 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-06-16 08:56 - 2014-05-16 17:45 - 00153969 _____ () C:\Windows\system32\Drivers\RTWAVES30.dat

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\........\.gdocs.dat


Some content of TEMP:
====================
C:\Users\........\AppData\Local\Temp\hitmanpro_x64.exe
C:\Users\........\AppData\Local\Temp\Quarantine.exe
C:\Users\........\AppData\Local\Temp\ubi26D9.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Alt 14.07.2014, 18:02   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\$Recycle.Bin
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\........\.gdocs.dat
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.07.2014, 19:53   #11
Klmzt
 
Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



Code:
ATTFilter
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-07-14 20:40:52)<=

==> ATTENTION: System is not rebooted.
C:\$Recycle.Bin => Moved successfully.
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.

==== End of Fixlog ====
         
...hm eigentlich habe ich neu gestartet.

-----------
Aber nun hast du dir noch mein Dankeschön verdient!

Ne Frage hätte ich noch: Bist du zufällig bei emsisoft tätig?
Ah noch was: Ist Firefox wirklich eindeutig ein sicherer Browser?
Ich benutz ihn zwar wirklich immer, aber mir kommt vor das die Browserunsicherheitsrate mit den Nutzern zunimmt. Zuerst hatten alle IE und er war unsicher (ich glaub er hat nun auch ne activx filterung), jetzt haben alle FE und bei diesem empfiehlt man den Wechsel (nun ja das BSI tut's mal) zu chrome. Dann wird mal dieser folgen.

Nach der Verbreitungs-Sicherheitstheorie, die gerne bei Linux<->Windows verwendet wird, müsst doch Opera recht sicher sein?

Geändert von Klmzt (14.07.2014 um 20:05 Uhr) Grund: rs fehler

Alt 15.07.2014, 19:23   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



Zitat:
Ne Frage hätte ich noch: Bist du zufällig bei emsisoft tätig?
zufällig ja
Zitat:
Ah noch was: Ist Firefox wirklich eindeutig ein sicherer Browser?
Firefox und Chrome geben sich nix, mittlerweile ist auch der IE "sicher", mich nervt immer noch dass es da keinen Adblocker für gibt.
Opera kenne ich gar nit.

Und was das BSI sagt, ist sowieso nit immer Gold
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.07.2014, 19:10   #13
Klmzt
 
Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



Hm, deswegen benutze ich auch FF.

Sorry das ich mich so spät melde aber der Thread kann abgeschlossen werden

Alt 24.07.2014, 17:21   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Dropper- und Trojanerfund durch avast und malware bytes - Standard

Dropper- und Trojanerfund durch avast und malware bytes



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Dropper- und Trojanerfund durch avast und malware bytes
antivirus, autorun, backdoor, browser, computer, defender, detected, dxgkrnl, firewall, fontcache, generic, malware, microsoft, pup.optional.amonetize, pup.optional.installcore, pup.optional.outbrowse, realtek, required, schutz, software, tunnel, windows



Ähnliche Themen: Dropper- und Trojanerfund durch avast und malware bytes


  1. Infektion mit spyware.passwords.ed (Scan mit malware bytes)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (15)
  2. ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 28.11.2014 (27)
  3. Malware Bytes , logfile erhalten
    Log-Analyse und Auswertung - 02.10.2014 (9)
  4. GDATA und Malware Bytes Anti Malware Premium sinnvoll
    Antiviren-, Firewall- und andere Schutzprogramme - 20.06.2014 (1)
  5. Win32 Dropper Gen Meldung von Avast, aber kein Fund durch Malwarebytes Anti-Rootkit
    Antiviren-, Firewall- und andere Schutzprogramme - 01.06.2014 (14)
  6. Avast findet win32:dropper-gen & win32:malware-gen
    Plagegeister aller Art und deren Bekämpfung - 19.04.2014 (24)
  7. 4 infizierte Objekte gefunden mit Malware Bytes
    Plagegeister aller Art und deren Bekämpfung - 05.01.2014 (19)
  8. Windows7PC - Win32Adware-gen und Win32:Dropper-gen erst nach vollst. Scan durch AVAST gefunden - Kreditkarte "gehackt"
    Log-Analyse und Auswertung - 28.10.2013 (9)
  9. Inkasso Mail mit Zip-Anhang geöffnet, Trojaner Fund mit Malware Bytes
    Log-Analyse und Auswertung - 19.05.2013 (25)
  10. Explorer_exe. Virus oder nicht (19 viren malware bytes gefunden)
    Log-Analyse und Auswertung - 16.01.2013 (4)
  11. Avast durch Malware deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (4)
  12. (2x) Malware Bytes Report
    Mülltonne - 03.06.2012 (1)
  13. Malware Bytes
    Log-Analyse und Auswertung - 11.07.2011 (1)
  14. Antivir meldet Virus trotz angeblicher ENtfernung durch Malware Bytes
    Log-Analyse und Auswertung - 12.07.2010 (1)
  15. unbekannte ip wird von malware bytes geblockt
    Plagegeister aller Art und deren Bekämpfung - 23.03.2010 (2)
  16. Trojanerfund tr/dropper.gen
    Plagegeister aller Art und deren Bekämpfung - 20.08.2009 (17)
  17. HJT-Log Malware Bytes Logs
    Log-Analyse und Auswertung - 19.06.2008 (3)

Zum Thema Dropper- und Trojanerfund durch avast und malware bytes - Durch einen Routine Check auf diese Plagegeister gestoßen. Malwarebytes hat eher Böses gefunden. Ich habe mich schon informiert und ahne schon schlimmstes, hoffentlich wurde kein Backdoor eingerichtet Naja hier ist - Dropper- und Trojanerfund durch avast und malware bytes...
Archiv
Du betrachtest: Dropper- und Trojanerfund durch avast und malware bytes auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.