| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7/ Hoher Ping - Sehr langsames InternetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.11.2014, 16:58
| #1 |
| |  Windows 7/ Hoher Ping - Sehr langsames Internet Hallo liebes Trojaner Board Team, habe folgendes Problem : Meine Internetleistung schwankt sehr stark. Bin zwar in einem Wohnheim mit ca 60 Clients, aber habe im Vergleich zu anderen Usern einen ca. 100-300ms höheren Ping, der sich auf ca. 500ms einpendelt. Oft ist dann gar keine Verbindung mehr zum Netzwerk möglich. Deaktivieren/Aktivieren der Netzwerkverbindung geht dann auch nicht mehr, da nach längerer Wartezeit einfach nichts passiert. Wenn ich dann versuche den PC neu zu starten, ist das nur durch einen reset machbar, da der Pc automatisch nicht mehr herunter fährt. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Dave (administrator) on DAVE-PC on 05-11-2014 16:05:54
Running from C:\Users\dave\Downloads
Loaded Profile: Dave (Available profiles: dave)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C-MEDIA Electronics INC.) C:\Program Files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
() C:\Users\Dave\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Program Files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe [278016 2011-07-15] (C-MEDIA Electronics INC.)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\...\MountPoints2: {6d351eca-c711-11e3-b698-90fba62302a2} - J:\Install\Install.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-25] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x777D5FD0A55CCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: YouTube Unblocker - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\youtubeunblocker@unblocker.yt [2014-10-16]
FF Extension: Flashblock - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-05-11]
FF Extension: Classic Theme Restorer - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-11]
FF Extension: {790062c4-0ee5-402e-a33f-5b8d2a723123} - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{790062c4-0ee5-402e-a33f-5b8d2a723123}.xpi [2014-07-27]
FF Extension: tab plugin - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{91af9ff8-8f43-4484-8bec-1af2989cb6d9}.xpi [2014-07-31]
FF Extension: Adblock Plus - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
R3 CMUAC; C:\Windows\System32\DRIVERS\CMUAC.SYS [111104 2011-07-14] (C-Media Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 FXDrv32; \??\D:\FXDrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-05 16:05 - 2014-11-05 16:06 - 00013030 _____ () C:\Users\Dave\Downloads\FRST.txt
2014-11-05 16:05 - 2014-11-05 16:05 - 02114560 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2014-11-05 16:05 - 2014-11-05 16:05 - 00000000 ____D () C:\FRST
2014-11-05 16:03 - 2014-11-05 16:04 - 00000470 _____ () C:\Users\Dave\Downloads\defogger_disable.log
2014-11-05 16:03 - 2014-11-05 16:03 - 00050477 _____ () C:\Users\Dave\Downloads\Defogger.exe
2014-11-05 16:03 - 2014-11-05 16:03 - 00000000 _____ () C:\Users\Dave\defogger_reenable
2014-11-05 15:39 - 2014-11-05 15:39 - 00000000 ____D () C:\Program Files\Google
2014-11-05 15:38 - 2014-11-05 15:39 - 00000000 ____D () C:\ProgramData\Google
2014-11-05 15:37 - 2014-11-05 15:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 15:37 - 2014-11-05 15:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-05 15:37 - 2014-11-05 15:44 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-05 15:37 - 2014-11-05 15:44 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-05 15:37 - 2014-11-05 15:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-05 15:37 - 2014-11-05 15:37 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google
2014-11-05 15:36 - 2014-11-05 15:36 - 04976456 _____ (Piriform Ltd) C:\Users\Dave\Downloads\ccsetup419.exe
2014-11-05 15:30 - 2014-11-05 15:30 - 00339257 _____ () C:\Users\Dave\Downloads\CleanUp452.exe
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2014-11-05 15:18 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-11-05 15:18 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-11-05 15:18 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-05 15:18 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-05 15:18 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-11-05 15:18 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-11-05 15:18 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-11-05 15:18 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-11-05 15:07 - 2014-11-05 15:07 - 00008528 _____ () C:\Users\Dave\Downloads\hijackthis.log
2014-11-05 15:06 - 2014-11-05 15:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dave\Downloads\HijackThis.exe
2014-11-05 14:59 - 2014-11-05 14:59 - 00000000 ____D () C:\Windows\Sun
2014-11-04 13:12 - 2014-11-04 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-03 22:40 - 2014-11-03 22:40 - 13087456 _____ (Microsoft Corporation) C:\Users\Dave\Downloads\Silverlight_x64.exe
2014-10-21 18:09 - 2014-10-21 18:09 - 29791494 _____ () C:\Users\Dave\Downloads\wetransfer-132581.zip
2014-10-19 17:33 - 2014-10-19 17:33 - 00000015 _____ () C:\Users\Dave\Desktop\2014-11-19 1733.txt
2014-10-17 20:54 - 2014-10-17 20:55 - 99011288 _____ () C:\Users\Dave\Downloads\Enisum - Samoht Nara (2014).rar
2014-10-15 17:51 - 2014-10-16 12:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-05 16:05 - 2013-12-23 15:58 - 01879274 _____ () C:\Windows\WindowsUpdate.log
2014-11-05 16:03 - 2013-12-23 16:03 - 00000000 ____D () C:\Users\Dave
2014-11-05 15:49 - 2009-07-14 18:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2014-11-05 15:49 - 2009-07-14 18:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2014-11-05 15:49 - 2009-07-14 06:13 - 01634396 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-05 15:42 - 2013-12-23 16:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-05 15:41 - 2013-12-24 15:20 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\TS3Client
2014-11-05 15:40 - 2014-07-30 14:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-05 15:40 - 2013-12-23 15:54 - 00000000 ____D () C:\Windows\Panther
2014-11-05 15:35 - 2013-12-23 16:44 - 01590298 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-05 15:23 - 2013-12-23 18:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-05 14:35 - 2013-12-23 16:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-05 14:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-05 13:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-04 13:12 - 2014-09-19 09:57 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-04 13:12 - 2014-08-07 14:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-04 13:12 - 2013-12-23 16:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-04 00:27 - 2009-07-14 05:45 - 00012560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 00:27 - 2009-07-14 05:45 - 00012560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 23:15 - 2013-12-23 17:04 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\vlc
2014-10-22 22:30 - 2014-04-22 14:09 - 00000000 ___RD () C:\Users\Dave\Dropbox
2014-10-22 14:12 - 2014-04-22 14:08 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-10-22 14:12 - 2014-04-22 14:07 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Dropbox
2014-10-12 21:16 - 2013-12-23 16:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-10-07 11:31 - 2013-12-23 16:12 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 11:31 - 2013-12-23 16:12 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 11:31 - 2013-12-23 16:12 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
Some content of TEMP:
====================
C:\Users\Dave\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 17:15
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Dave at 2014-11-05 16:07:09
Running from C:\Users\Dave\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AutoHotkey 1.1.13.00 (HKLM\...\AutoHotkey) (Version: 1.1.13.00 - Lexikos)
Avira (HKLM-x32\...\{dc9a688a-12cb-4a22-b449-23d849d01dc7}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Broadcom Gigabit Integrated Controller (HKLM\...\{9E325417-AE9C-4EE1-A158-13DF451A5987}) (Version: 11.44.04 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Cooler Master Storm Sirus (HKLM-x32\...\{840C4737-CE18-4E8C-8DF7-584206A4B70C}) (Version: 1.0.0.5 - Cooler Master Co., Ltd.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1429369569-4198421278-2418284756-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
18-10-2014 23:37:06 Geplanter Prüfpunkt
26-10-2014 16:23:02 Geplanter Prüfpunkt
03-11-2014 15:51:00 Geplanter Prüfpunkt
05-11-2014 14:17:49 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {A8547597-CB39-49B9-824D-3C6A3F6D2F0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-05] (Google Inc.)
Task: {F88771CE-36EE-4989-BA90-42BA24C4F347} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-05] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-23 16:28 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-01-08 17:12 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-11-05 16:03 - 2014-11-05 16:03 - 00050477 _____ () C:\Users\Dave\Downloads\Defogger.exe
2011-01-08 17:12 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2014-08-28 23:41 - 2014-08-21 19:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 23:41 - 2014-08-21 19:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 23:41 - 2014-08-21 19:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-11-06 13:48 - 2014-10-02 00:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-23 13:08 - 2014-10-21 20:22 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 23:41 - 2014-08-21 19:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 23:41 - 2014-08-21 19:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-12-11 11:40 - 2014-10-21 20:22 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-11-06 13:48 - 2014-09-05 00:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-11-05 15:41 - 2014-11-05 15:41 - 00014336 _____ () C:\Users\Dave\AppData\Local\Temp\WDE1D31.tmp\ml_online.lng
2014-11-05 15:41 - 2014-11-05 15:41 - 00036352 _____ () C:\Users\Dave\AppData\Local\Temp\WDE1D31.tmp\ombrowser.lng
2013-12-13 03:47 - 2013-12-13 03:47 - 00333824 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2014-10-15 17:51 - 2014-10-15 17:51 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1429369569-4198421278-2418284756-500 - Administrator - Disabled)
Dave (S-1-5-21-1429369569-4198421278-2418284756-1001 - Administrator - Enabled) => C:\Users\Dave
Gast (S-1-5-21-1429369569-4198421278-2418284756-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1429369569-4198421278-2418284756-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: 802.11n-Drahtlos-LAN-Karte
Description: 802.11n-Drahtlos-LAN-Karte
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/05/2014 02:35:38 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (11/05/2014 02:13:03 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (11/05/2014 01:59:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6cc
Startzeit: 01cff8f7425be775
Endzeit: 206
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID:
Error: (11/05/2014 01:51:47 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (11/05/2014 01:45:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6dc
Startzeit: 01cff8f5c502efba
Endzeit: 14
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID:
Error: (11/05/2014 01:41:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (11/05/2014 01:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x16c4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (11/05/2014 11:28:05 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (11/04/2014 01:06:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (11/04/2014 00:12:54 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80070005
System errors:
=============
Error: (11/05/2014 02:13:13 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa8003a02040, 0xfffff8000445e510)C:\Windows\MEMORY.DMP110514-26504-01
Error: (11/05/2014 01:15:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (11/04/2014 05:24:46 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MARINA-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{F2ED052D-886C-41DC-B8CC-D8B9AF251C2E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (11/03/2014 03:12:53 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (11/01/2014 05:16:35 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{F2ED052D-886C-41DC-B8CC-D8B9AF251C2E}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (11/01/2014 01:14:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (10/26/2014 07:54:43 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (10/24/2014 07:44:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/24/2014 07:44:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (10/23/2014 06:12:22 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MARINA-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{F2ED052D-886C-41DC-B8CC-D8B9AF251C2E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (11/05/2014 02:35:38 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (11/05/2014 02:13:03 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (11/05/2014 01:59:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175146cc01cff8f7425be775206C:\Windows\Explorer.EXE
Error: (11/05/2014 01:51:47 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (11/05/2014 01:45:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175146dc01cff8f5c502efba14C:\Windows\Explorer.EXE
Error: (11/05/2014 01:41:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (11/05/2014 01:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb800000030000142516c401cff8f2192a5fd3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll7c257e18-64e7-11e4-bc48-90fba62302a2
Error: (11/05/2014 11:28:05 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (11/04/2014 01:06:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (11/04/2014 00:12:54 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 75%
Total physical RAM: 4087.12 MB
Available physical RAM: 1002.2 MB
Total Pagefile: 8172.41 MB
Available Pagefile: 3938.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:366.47 GB) NTFS
Drive i: (Hitlers mum) (Fixed) (Total:1863.01 GB) (Free:46.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6C873FCD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0003990F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-05 16:32:58
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD502HJ rev.1AJ100E4 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Dave\AppData\Local\Temp\kxldapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003201000 45 bytes [49, 6F, 20, 20, 0C, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff8000320102f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075261465 2 bytes [26, 75]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752614bb 2 bytes [26, 75]
.text ... * 2
.text C:\Users\Dave\Downloads\Gmer-19357.exe[5600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075261465 2 bytes [26, 75]
.text C:\Users\Dave\Downloads\Gmer-19357.exe[5600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752614bb 2 bytes [26, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5852:2688] 0000000076e97587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5852:2996] 000000005ba40cb3
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5852:5696] 0000000077822e65
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5852:4928] 0000000077823e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5852:3360] 0000000077823e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5852:5832] 0000000077823e85
---- EOF - GMER 2.1 ----
Code:
ATTFilter Die Datei 'C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\9gyzcj8o.default\cache2\entries\2227A3AB48E8CDABFD0A883B07F43D5AD6677594'
enthielt einen Virus oder unerwünschtes Programm 'HTML/Crypted.Gen' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50e070ee.qua' verschoben!
In der Datei 'C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\9gyzcj8o.default\cache2\entries\2227A3AB48E8CDABFD0A883B07F43D5AD6677594'
wurde ein Virus oder unerwünschtes Programm 'HTML/Crypted.Gen' [virus] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
Bis hierhin schonmal vielen Dank  Mfg Dave465 |
|
05.11.2014, 17:10
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7/ Hoher Ping - Sehr langsames Internet hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
05.11.2014, 17:32
| #3 |
| | Windows 7/ Hoher Ping - Sehr langsames InternetCode:
ATTFilter 17:29:55.0016 0x10e4 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
17:30:06.0038 0x10e4 ============================================================
17:30:06.0038 0x10e4 Current date / time: 2014/11/05 17:30:06.0038
17:30:06.0038 0x10e4 SystemInfo:
17:30:06.0038 0x10e4
17:30:06.0038 0x10e4 OS Version: 6.1.7601 ServicePack: 1.0
17:30:06.0038 0x10e4 Product type: Workstation
17:30:06.0039 0x10e4 ComputerName: DAVE-PC
17:30:06.0039 0x10e4 UserName: Dave
17:30:06.0039 0x10e4 Windows directory: C:\Windows
17:30:06.0039 0x10e4 System windows directory: C:\Windows
17:30:06.0039 0x10e4 Running under WOW64
17:30:06.0039 0x10e4 Processor architecture: Intel x64
17:30:06.0039 0x10e4 Number of processors: 4
17:30:06.0039 0x10e4 Page size: 0x1000
17:30:06.0039 0x10e4 Boot type: Normal boot
17:30:06.0039 0x10e4 ============================================================
17:30:09.0544 0x10e4 KLMD registered as C:\Windows\system32\drivers\67813510.sys
17:30:11.0317 0x10e4 System UUID: {B29F4A17-DE3E-2DA0-189F-D5E4441D3376}
17:30:15.0348 0x10e4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:15.0366 0x10e4 Drive \Device\Harddisk5\DR5 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:30:15.0368 0x10e4 ============================================================
17:30:15.0368 0x10e4 \Device\Harddisk0\DR0:
17:30:15.0368 0x10e4 MBR partitions:
17:30:15.0368 0x10e4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:30:15.0368 0x10e4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:30:15.0368 0x10e4 \Device\Harddisk5\DR5:
17:30:15.0369 0x10e4 MBR partitions:
17:30:15.0369 0x10e4 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
17:30:15.0369 0x10e4 ============================================================
17:30:15.0400 0x10e4 C: <-> \Device\Harddisk0\DR0\Partition2
17:30:15.0795 0x10e4 I: <-> \Device\Harddisk5\DR5\Partition1
17:30:15.0796 0x10e4 ============================================================
17:30:15.0796 0x10e4 Initialize success
17:30:15.0796 0x10e4 ============================================================
17:30:18.0495 0x07f8 ============================================================
17:30:18.0495 0x07f8 Scan started
17:30:18.0495 0x07f8 Mode: Manual;
17:30:18.0495 0x07f8 ============================================================
17:30:18.0495 0x07f8 KSN ping started
17:30:21.0293 0x07f8 KSN ping finished: true
17:30:24.0485 0x07f8 ================ Scan system memory ========================
17:30:24.0485 0x07f8 Scan was interrupted by user!
17:30:24.0650 0x07f8 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
17:30:24.0697 0x07f8 Win FW state via NFP2: enabled
17:30:27.0444 0x07f8 ============================================================
17:30:27.0444 0x07f8 Scan finished
17:30:27.0444 0x07f8 ============================================================
17:30:27.0451 0x066c Detected object count: 0
17:30:27.0451 0x066c Actual detected object count: 0
17:30:42.0454 0x14ec ============================================================
17:30:42.0454 0x14ec Scan started
17:30:42.0454 0x14ec Mode: Manual; SigCheck; TDLFS;
17:30:42.0454 0x14ec ============================================================
17:30:42.0454 0x14ec KSN ping started
17:30:45.0224 0x14ec KSN ping finished: true
17:30:48.0443 0x14ec ================ Scan system memory ========================
17:30:48.0443 0x14ec System memory - ok
17:30:48.0444 0x14ec ================ Scan services =============================
17:30:48.0693 0x14ec [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:30:48.0789 0x14ec 1394ohci - ok
17:30:48.0833 0x14ec [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:30:48.0849 0x14ec ACPI - ok
17:30:48.0906 0x14ec [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:30:48.0979 0x14ec AcpiPmi - ok
17:30:49.0137 0x14ec [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:49.0159 0x14ec AdobeARMservice - ok
17:30:49.0193 0x14ec [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:30:49.0220 0x14ec adp94xx - ok
17:30:49.0256 0x14ec [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:30:49.0277 0x14ec adpahci - ok
17:30:49.0292 0x14ec [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:30:49.0309 0x14ec adpu320 - ok
17:30:49.0353 0x14ec [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:30:49.0458 0x14ec AeLookupSvc - ok
17:30:49.0545 0x14ec [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
17:30:49.0616 0x14ec AFD - ok
17:30:49.0639 0x14ec [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:30:49.0653 0x14ec agp440 - ok
17:30:49.0667 0x14ec [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:30:49.0711 0x14ec ALG - ok
17:30:49.0736 0x14ec [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:30:49.0748 0x14ec aliide - ok
17:30:49.0759 0x14ec [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:30:49.0771 0x14ec amdide - ok
17:30:49.0799 0x14ec [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:30:49.0889 0x14ec AmdK8 - ok
17:30:49.0902 0x14ec [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:30:49.0952 0x14ec AmdPPM - ok
17:30:50.0007 0x14ec [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:30:50.0037 0x14ec amdsata - ok
17:30:50.0087 0x14ec [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:30:50.0105 0x14ec amdsbs - ok
17:30:50.0112 0x14ec [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:30:50.0125 0x14ec amdxata - ok
17:30:50.0308 0x14ec [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:30:50.0336 0x14ec AntiVirSchedulerService - ok
17:30:50.0368 0x14ec [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:30:50.0389 0x14ec AntiVirService - ok
17:30:50.0432 0x14ec [ B0BC20ADD485E48DDFC613941CBBCFD0, FCC89EA77B327D5715C3A5816522F78FD4002CC2DAFB30CB075D9C501C5181EE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:30:50.0471 0x14ec AntiVirWebService - ok
17:30:50.0518 0x14ec [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:30:50.0674 0x14ec AppID - ok
17:30:50.0707 0x14ec [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:30:50.0760 0x14ec AppIDSvc - ok
17:30:50.0786 0x14ec [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:30:50.0861 0x14ec Appinfo - ok
17:30:50.0921 0x14ec [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:30:50.0963 0x14ec AppMgmt - ok
17:30:51.0007 0x14ec [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:30:51.0023 0x14ec arc - ok
17:30:51.0048 0x14ec [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:30:51.0063 0x14ec arcsas - ok
17:30:51.0182 0x14ec [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:30:51.0223 0x14ec aspnet_state - ok
17:30:51.0249 0x14ec [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:51.0285 0x14ec AsyncMac - ok
17:30:51.0319 0x14ec [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:30:51.0329 0x14ec atapi - ok
17:30:51.0389 0x14ec [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:51.0485 0x14ec AudioEndpointBuilder - ok
17:30:51.0502 0x14ec [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:30:51.0541 0x14ec AudioSrv - ok
17:30:51.0573 0x14ec [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:30:51.0592 0x14ec avgntflt - ok
17:30:51.0617 0x14ec [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:30:51.0634 0x14ec avipbb - ok
17:30:51.0729 0x14ec [ 67955F48704C0551254E55025077DD55, 7276CDC98B5A7819733A1394AA0028C803F487CDE7710B3B716DB83EA15F6AE3 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
17:30:51.0744 0x14ec Avira.OE.ServiceHost - ok
17:30:51.0778 0x14ec [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:30:51.0790 0x14ec avkmgr - ok
17:30:51.0815 0x14ec [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:30:51.0827 0x14ec avnetflt - ok
17:30:51.0860 0x14ec [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:30:51.0900 0x14ec AxInstSV - ok
17:30:51.0948 0x14ec [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:30:52.0002 0x14ec b06bdrv - ok
17:30:52.0034 0x14ec [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:52.0087 0x14ec b57nd60a - ok
17:30:52.0148 0x14ec [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:30:52.0197 0x14ec BDESVC - ok
17:30:52.0226 0x14ec [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:30:52.0310 0x14ec Beep - ok
17:30:52.0398 0x14ec [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:30:52.0449 0x14ec BFE - ok
17:30:52.0506 0x14ec [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:30:52.0577 0x14ec BITS - ok
17:30:52.0624 0x14ec [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:52.0656 0x14ec blbdrive - ok
17:30:52.0692 0x14ec [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:30:52.0735 0x14ec bowser - ok
17:30:52.0756 0x14ec [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:30:52.0798 0x14ec BrFiltLo - ok
17:30:52.0819 0x14ec [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:30:52.0833 0x14ec BrFiltUp - ok
17:30:52.0860 0x14ec [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:30:52.0895 0x14ec Browser - ok
17:30:52.0917 0x14ec [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:30:52.0952 0x14ec Brserid - ok
17:30:52.0964 0x14ec [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:52.0996 0x14ec BrSerWdm - ok
17:30:52.0999 0x14ec [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:53.0026 0x14ec BrUsbMdm - ok
17:30:53.0048 0x14ec [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:53.0061 0x14ec BrUsbSer - ok
17:30:53.0068 0x14ec [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:30:53.0106 0x14ec BTHMODEM - ok
17:30:53.0156 0x14ec [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:30:53.0202 0x14ec bthserv - ok
17:30:53.0227 0x14ec [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:30:53.0276 0x14ec cdfs - ok
17:30:53.0324 0x14ec [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:30:53.0360 0x14ec cdrom - ok
17:30:53.0400 0x14ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:30:53.0443 0x14ec CertPropSvc - ok
17:30:53.0496 0x14ec [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:30:53.0532 0x14ec circlass - ok
17:30:53.0582 0x14ec [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:30:53.0622 0x14ec CLFS - ok
17:30:53.0692 0x14ec [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:53.0709 0x14ec clr_optimization_v2.0.50727_32 - ok
17:30:53.0776 0x14ec [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:53.0792 0x14ec clr_optimization_v2.0.50727_64 - ok
17:30:53.0878 0x14ec [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:53.0933 0x14ec clr_optimization_v4.0.30319_32 - ok
17:30:53.0955 0x14ec [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:53.0965 0x14ec clr_optimization_v4.0.30319_64 - ok
17:30:53.0982 0x14ec [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:30:53.0996 0x14ec CmBatt - ok
17:30:54.0018 0x14ec [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:30:54.0030 0x14ec cmdide - ok
17:30:54.0070 0x14ec [ 14CD09D6F1D01DD99CB572FFC933B5A8, 5BCE94D2BA4843FC9897FA02638FD7AAFAB33713F64425B2649ABA2D504CECD4 ] CMUAC C:\Windows\system32\DRIVERS\CMUAC.SYS
17:30:54.0092 0x14ec CMUAC - ok
17:30:54.0149 0x14ec [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
17:30:54.0179 0x14ec CNG - ok
17:30:54.0193 0x14ec [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:30:54.0206 0x14ec Compbatt - ok
17:30:54.0255 0x14ec [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:30:54.0312 0x14ec CompositeBus - ok
17:30:54.0325 0x14ec COMSysApp - ok
17:30:54.0339 0x14ec [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:30:54.0352 0x14ec crcdisk - ok
17:30:54.0395 0x14ec [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:30:54.0430 0x14ec CryptSvc - ok
17:30:54.0463 0x14ec [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
17:30:54.0540 0x14ec CSC - ok
17:30:54.0578 0x14ec [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
17:30:54.0609 0x14ec CscService - ok
17:30:54.0649 0x14ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:30:54.0705 0x14ec DcomLaunch - ok
17:30:54.0801 0x14ec [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:30:54.0840 0x14ec defragsvc - ok
17:30:54.0881 0x14ec [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:30:54.0923 0x14ec DfsC - ok
17:30:54.0953 0x14ec [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:30:55.0028 0x14ec Dhcp - ok
17:30:55.0060 0x14ec [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:30:55.0092 0x14ec discache - ok
17:30:55.0126 0x14ec [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:30:55.0141 0x14ec Disk - ok
17:30:55.0168 0x14ec [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:30:55.0228 0x14ec Dnscache - ok
17:30:55.0278 0x14ec [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:30:55.0334 0x14ec dot3svc - ok
17:30:55.0381 0x14ec [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:30:55.0421 0x14ec DPS - ok
17:30:55.0459 0x14ec [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:30:55.0501 0x14ec drmkaud - ok
17:30:55.0649 0x14ec [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:30:55.0683 0x14ec DXGKrnl - ok
17:30:55.0718 0x14ec [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:30:55.0767 0x14ec EapHost - ok
17:30:55.0888 0x14ec [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:30:56.0011 0x14ec ebdrv - ok
17:30:56.0045 0x14ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
17:30:56.0095 0x14ec EFS - ok
17:30:56.0164 0x14ec [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:30:56.0223 0x14ec ehRecvr - ok
17:30:56.0240 0x14ec [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:30:56.0259 0x14ec ehSched - ok
17:30:56.0322 0x14ec [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
17:30:56.0334 0x14ec ElbyCDIO - ok
17:30:56.0375 0x14ec [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:30:56.0402 0x14ec elxstor - ok
17:30:56.0425 0x14ec [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:30:56.0462 0x14ec ErrDev - ok
17:30:56.0539 0x14ec [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:30:56.0590 0x14ec EventSystem - ok
17:30:56.0615 0x14ec [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:30:56.0665 0x14ec exfat - ok
17:30:56.0684 0x14ec [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:30:56.0742 0x14ec fastfat - ok
17:30:56.0818 0x14ec [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:30:56.0883 0x14ec Fax - ok
17:30:56.0887 0x14ec [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:30:56.0901 0x14ec fdc - ok
17:30:56.0920 0x14ec [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:30:56.0966 0x14ec fdPHost - ok
17:30:56.0990 0x14ec [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:30:57.0035 0x14ec FDResPub - ok
17:30:57.0047 0x14ec [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:30:57.0061 0x14ec FileInfo - ok
17:30:57.0070 0x14ec [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:30:57.0117 0x14ec Filetrace - ok
17:30:57.0133 0x14ec [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:30:57.0146 0x14ec flpydisk - ok
17:30:57.0168 0x14ec [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:30:57.0190 0x14ec FltMgr - ok
17:30:57.0265 0x14ec [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:30:57.0319 0x14ec FontCache - ok
17:30:57.0376 0x14ec [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:57.0384 0x14ec FontCache3.0.0.0 - ok
17:30:57.0397 0x14ec [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:30:57.0412 0x14ec FsDepends - ok
17:30:57.0438 0x14ec [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:30:57.0451 0x14ec Fs_Rec - ok
17:30:57.0487 0x14ec [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:30:57.0511 0x14ec fvevol - ok
17:30:57.0513 0x14ec FXDrv32 - ok
17:30:57.0535 0x14ec [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:30:57.0549 0x14ec gagp30kx - ok
17:30:57.0593 0x14ec [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:30:57.0658 0x14ec gpsvc - ok
17:30:57.0734 0x14ec [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:30:57.0743 0x14ec gupdate - ok
17:30:57.0748 0x14ec [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:30:57.0755 0x14ec gupdatem - ok
17:30:57.0844 0x14ec [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:30:57.0864 0x14ec gusvc - ok
17:30:57.0887 0x14ec [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:30:57.0916 0x14ec hcw85cir - ok
17:30:57.0973 0x14ec [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:30:58.0032 0x14ec HdAudAddService - ok
17:30:58.0069 0x14ec [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:30:58.0098 0x14ec HDAudBus - ok
17:30:58.0106 0x14ec [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:30:58.0133 0x14ec HidBatt - ok
17:30:58.0161 0x14ec [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:30:58.0184 0x14ec HidBth - ok
17:30:58.0202 0x14ec [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:30:58.0240 0x14ec HidIr - ok
17:30:58.0282 0x14ec [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:30:58.0317 0x14ec hidserv - ok
17:30:58.0336 0x14ec [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:30:58.0364 0x14ec HidUsb - ok
17:30:58.0395 0x14ec [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:30:58.0455 0x14ec hkmsvc - ok
17:30:58.0501 0x14ec [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:58.0543 0x14ec HomeGroupListener - ok
17:30:58.0579 0x14ec [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:58.0607 0x14ec HomeGroupProvider - ok
17:30:58.0643 0x14ec [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:30:58.0660 0x14ec HpSAMD - ok
17:30:58.0733 0x14ec [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:30:58.0798 0x14ec HTTP - ok
17:30:58.0828 0x14ec [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:30:58.0840 0x14ec hwpolicy - ok
17:30:58.0880 0x14ec [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:30:58.0897 0x14ec i8042prt - ok
17:30:58.0922 0x14ec [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:30:58.0945 0x14ec iaStorV - ok
17:30:59.0000 0x14ec [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:59.0043 0x14ec idsvc - ok
17:30:59.0057 0x14ec IEEtwCollectorService - ok
17:30:59.0076 0x14ec [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:30:59.0090 0x14ec iirsp - ok
17:30:59.0137 0x14ec [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:30:59.0178 0x14ec IKEEXT - ok
17:30:59.0189 0x14ec [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:30:59.0202 0x14ec intelide - ok
17:30:59.0221 0x14ec [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:30:59.0258 0x14ec intelppm - ok
17:30:59.0290 0x14ec [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:30:59.0348 0x14ec IPBusEnum - ok
17:30:59.0380 0x14ec [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:59.0430 0x14ec IpFilterDriver - ok
17:30:59.0474 0x14ec [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:30:59.0541 0x14ec iphlpsvc - ok
17:30:59.0572 0x14ec [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:30:59.0602 0x14ec IPMIDRV - ok
17:30:59.0617 0x14ec [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:30:59.0658 0x14ec IPNAT - ok
17:30:59.0681 0x14ec [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:30:59.0733 0x14ec IRENUM - ok
17:30:59.0778 0x14ec [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:30:59.0791 0x14ec isapnp - ok
17:30:59.0816 0x14ec [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:30:59.0837 0x14ec iScsiPrt - ok
17:30:59.0883 0x14ec [ 249EE2D26CB1530F3BEDE0AC8B9E3099, 6EBF72DCCDC1EFCD9FE712B895D61359F46C2AF41F1EC47A3C486E79AA1BC026 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
17:30:59.0900 0x14ec k57nd60a - ok
17:30:59.0929 0x14ec [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:30:59.0943 0x14ec kbdclass - ok
17:30:59.0971 0x14ec [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:30:59.0985 0x14ec kbdhid - ok
17:31:00.0011 0x14ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
17:31:00.0022 0x14ec KeyIso - ok
17:31:00.0040 0x14ec [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:31:00.0055 0x14ec KSecDD - ok
17:31:00.0072 0x14ec [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:31:00.0089 0x14ec KSecPkg - ok
17:31:00.0114 0x14ec [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:31:00.0151 0x14ec ksthunk - ok
17:31:00.0190 0x14ec [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:31:00.0246 0x14ec KtmRm - ok
17:31:00.0273 0x14ec [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:31:00.0323 0x14ec LanmanServer - ok
17:31:00.0359 0x14ec [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:31:00.0404 0x14ec LanmanWorkstation - ok
17:31:00.0427 0x14ec [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
17:31:00.0437 0x14ec LGBusEnum - ok
17:31:00.0488 0x14ec [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
17:31:00.0501 0x14ec LGSHidFilt - ok
17:31:00.0533 0x14ec [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
17:31:00.0544 0x14ec LGSUsbFilt - ok
17:31:00.0606 0x14ec [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
17:31:00.0616 0x14ec LGVirHid - ok
17:31:00.0650 0x14ec [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:31:00.0693 0x14ec lltdio - ok
17:31:00.0801 0x14ec [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:31:00.0859 0x14ec lltdsvc - ok
17:31:00.0881 0x14ec [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:31:00.0921 0x14ec lmhosts - ok
17:31:00.0947 0x14ec [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:31:00.0962 0x14ec LSI_FC - ok
17:31:00.0967 0x14ec [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:31:00.0982 0x14ec LSI_SAS - ok
17:31:00.0986 0x14ec [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:31:01.0000 0x14ec LSI_SAS2 - ok
17:31:01.0005 0x14ec [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:31:01.0020 0x14ec LSI_SCSI - ok
17:31:01.0040 0x14ec [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:31:01.0086 0x14ec luafv - ok
17:31:01.0106 0x14ec [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:31:01.0140 0x14ec Mcx2Svc - ok
17:31:01.0175 0x14ec [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:31:01.0201 0x14ec megasas - ok
17:31:01.0220 0x14ec [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:31:01.0240 0x14ec MegaSR - ok
17:31:01.0276 0x14ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:31:01.0335 0x14ec MMCSS - ok
17:31:01.0355 0x14ec [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:31:01.0385 0x14ec Modem - ok
17:31:01.0409 0x14ec [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:31:01.0442 0x14ec monitor - ok
17:31:01.0468 0x14ec [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:31:01.0481 0x14ec mouclass - ok
17:31:01.0489 0x14ec [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:31:01.0515 0x14ec mouhid - ok
17:31:01.0561 0x14ec [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:31:01.0576 0x14ec mountmgr - ok
17:31:01.0609 0x14ec [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:31:01.0627 0x14ec mpio - ok
17:31:01.0649 0x14ec [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:31:01.0681 0x14ec mpsdrv - ok
17:31:01.0727 0x14ec [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:31:01.0798 0x14ec MpsSvc - ok
17:31:01.0825 0x14ec [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:31:01.0856 0x14ec MRxDAV - ok
17:31:01.0883 0x14ec [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:01.0946 0x14ec mrxsmb - ok
17:31:01.0973 0x14ec [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:02.0009 0x14ec mrxsmb10 - ok
17:31:02.0044 0x14ec [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:02.0073 0x14ec mrxsmb20 - ok
17:31:02.0088 0x14ec [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:31:02.0101 0x14ec msahci - ok
17:31:02.0116 0x14ec [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:31:02.0133 0x14ec msdsm - ok
17:31:02.0152 0x14ec [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:31:02.0186 0x14ec MSDTC - ok
17:31:02.0214 0x14ec [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:31:02.0243 0x14ec Msfs - ok
17:31:02.0277 0x14ec [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:31:02.0315 0x14ec mshidkmdf - ok
17:31:02.0344 0x14ec [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:31:02.0356 0x14ec msisadrv - ok
17:31:02.0382 0x14ec [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:31:02.0421 0x14ec MSiSCSI - ok
17:31:02.0424 0x14ec msiserver - ok
17:31:02.0449 0x14ec [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:31:02.0491 0x14ec MSKSSRV - ok
17:31:02.0505 0x14ec [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:02.0554 0x14ec MSPCLOCK - ok
17:31:02.0574 0x14ec [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:31:02.0610 0x14ec MSPQM - ok
17:31:02.0669 0x14ec [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:31:02.0691 0x14ec MsRPC - ok
17:31:02.0736 0x14ec [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:31:02.0745 0x14ec mssmbios - ok
17:31:02.0759 0x14ec [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:31:02.0800 0x14ec MSTEE - ok
17:31:02.0819 0x14ec [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:31:02.0833 0x14ec MTConfig - ok
17:31:02.0851 0x14ec [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:31:02.0864 0x14ec Mup - ok
17:31:02.0905 0x14ec [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:31:02.0949 0x14ec napagent - ok
17:31:02.0996 0x14ec [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:31:03.0036 0x14ec NativeWifiP - ok
17:31:03.0067 0x14ec [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:31:03.0097 0x14ec NDIS - ok
17:31:03.0108 0x14ec [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:03.0138 0x14ec NdisCap - ok
17:31:03.0156 0x14ec [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:03.0201 0x14ec NdisTapi - ok
17:31:03.0226 0x14ec [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:03.0271 0x14ec Ndisuio - ok
17:31:03.0298 0x14ec [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:03.0340 0x14ec NdisWan - ok
17:31:03.0364 0x14ec [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:31:03.0408 0x14ec NDProxy - ok
17:31:03.0423 0x14ec [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:31:03.0456 0x14ec NetBIOS - ok
17:31:03.0494 0x14ec [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:31:03.0543 0x14ec NetBT - ok
17:31:03.0563 0x14ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
17:31:03.0574 0x14ec Netlogon - ok
17:31:03.0609 0x14ec [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:31:03.0659 0x14ec Netman - ok
17:31:03.0683 0x14ec [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:03.0726 0x14ec NetMsmqActivator - ok
17:31:03.0730 0x14ec [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:03.0740 0x14ec NetPipeActivator - ok
17:31:03.0814 0x14ec [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:31:03.0868 0x14ec netprofm - ok
17:31:03.0914 0x14ec [ B72BB9496A126FCFC7FC5945DED9B411, FA5CC4E93761FB2B59B9B34C699B1486560BDB39280AB1125DE42DB7C4BE303A ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
17:31:03.0973 0x14ec netr28x - ok
17:31:03.0978 0x14ec [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:03.0987 0x14ec NetTcpActivator - ok
17:31:03.0992 0x14ec [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:04.0001 0x14ec NetTcpPortSharing - ok
17:31:04.0037 0x14ec [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:31:04.0050 0x14ec nfrd960 - ok
17:31:04.0074 0x14ec [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:31:04.0140 0x14ec NlaSvc - ok
17:31:04.0159 0x14ec [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:31:04.0188 0x14ec Npfs - ok
17:31:04.0209 0x14ec [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:31:04.0253 0x14ec nsi - ok
17:31:04.0274 0x14ec [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:31:04.0320 0x14ec nsiproxy - ok
17:31:04.0400 0x14ec [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:31:04.0460 0x14ec Ntfs - ok
17:31:04.0470 0x14ec [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:31:04.0507 0x14ec Null - ok
17:31:04.0844 0x14ec [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:31:05.0131 0x14ec nvlddmkm - ok
17:31:05.0253 0x14ec [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:31:05.0307 0x14ec NvNetworkService - ok
17:31:05.0337 0x14ec [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:31:05.0354 0x14ec nvraid - ok
17:31:05.0368 0x14ec [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:31:05.0385 0x14ec nvstor - ok
17:31:05.0505 0x14ec [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:31:05.0515 0x14ec NvStreamKms - ok
17:31:06.0014 0x14ec [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:31:06.0556 0x14ec NvStreamSvc - ok
17:31:06.0656 0x14ec [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:31:06.0690 0x14ec nvsvc - ok
17:31:06.0720 0x14ec [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:31:06.0732 0x14ec nvvad_WaveExtensible - ok
17:31:06.0765 0x14ec [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:31:06.0782 0x14ec nv_agp - ok
17:31:06.0800 0x14ec [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:31:06.0836 0x14ec ohci1394 - ok
17:31:06.0875 0x14ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:31:06.0918 0x14ec p2pimsvc - ok
17:31:06.0940 0x14ec [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:31:06.0968 0x14ec p2psvc - ok
17:31:06.0998 0x14ec [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:31:07.0015 0x14ec Parport - ok
17:31:07.0072 0x14ec [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:31:07.0104 0x14ec partmgr - ok
17:31:07.0128 0x14ec [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:31:07.0170 0x14ec PcaSvc - ok
17:31:07.0230 0x14ec [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:31:07.0257 0x14ec pci - ok
17:31:07.0272 0x14ec [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:31:07.0284 0x14ec pciide - ok
17:31:07.0295 0x14ec [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:31:07.0314 0x14ec pcmcia - ok
17:31:07.0328 0x14ec [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:31:07.0341 0x14ec pcw - ok
17:31:07.0365 0x14ec [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:31:07.0424 0x14ec PEAUTH - ok
17:31:07.0556 0x14ec [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:31:07.0631 0x14ec PeerDistSvc - ok
17:31:07.0734 0x14ec [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:31:07.0752 0x14ec PerfHost - ok
17:31:07.0812 0x14ec [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:31:07.0906 0x14ec pla - ok
17:31:07.0963 0x14ec [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:31:08.0000 0x14ec PlugPlay - ok
17:31:08.0016 0x14ec [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:31:08.0049 0x14ec PNRPAutoReg - ok
17:31:08.0075 0x14ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:31:08.0092 0x14ec PNRPsvc - ok
17:31:08.0134 0x14ec [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:31:08.0194 0x14ec PolicyAgent - ok
17:31:08.0216 0x14ec [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:31:08.0262 0x14ec Power - ok
17:31:08.0341 0x14ec [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:31:08.0460 0x14ec PptpMiniport - ok
17:31:08.0487 0x14ec [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:31:08.0532 0x14ec Processor - ok
17:31:08.0586 0x14ec [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll
17:31:08.0638 0x14ec ProfSvc - ok
17:31:08.0663 0x14ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:08.0673 0x14ec ProtectedStorage - ok
17:31:08.0724 0x14ec [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:31:08.0752 0x14ec Psched - ok
17:31:08.0805 0x14ec [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:31:08.0858 0x14ec ql2300 - ok
17:31:08.0872 0x14ec [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:31:08.0896 0x14ec ql40xx - ok
17:31:08.0928 0x14ec [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:31:08.0965 0x14ec QWAVE - ok
17:31:08.0982 0x14ec [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:31:09.0015 0x14ec QWAVEdrv - ok
17:31:09.0029 0x14ec [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:31:09.0056 0x14ec RasAcd - ok
17:31:09.0084 0x14ec [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:09.0157 0x14ec RasAgileVpn - ok
17:31:09.0173 0x14ec [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:31:09.0208 0x14ec RasAuto - ok
17:31:09.0228 0x14ec [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:09.0269 0x14ec Rasl2tp - ok
17:31:09.0297 0x14ec [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:31:09.0338 0x14ec RasMan - ok
17:31:09.0350 0x14ec [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:09.0412 0x14ec RasPppoe - ok
17:31:09.0434 0x14ec [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:31:09.0476 0x14ec RasSstp - ok
17:31:09.0517 0x14ec [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:31:09.0559 0x14ec rdbss - ok
17:31:09.0568 0x14ec [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:31:09.0592 0x14ec rdpbus - ok
17:31:09.0612 0x14ec [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:09.0641 0x14ec RDPCDD - ok
17:31:09.0679 0x14ec [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:31:09.0697 0x14ec RDPDR - ok
17:31:09.0727 0x14ec [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:31:09.0764 0x14ec RDPENCDD - ok
17:31:09.0772 0x14ec [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:31:09.0800 0x14ec RDPREFMP - ok
17:31:09.0836 0x14ec [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:31:09.0870 0x14ec RDPWD - ok
17:31:09.0894 0x14ec [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:31:09.0915 0x14ec rdyboost - ok
17:31:09.0937 0x14ec [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:31:09.0995 0x14ec RemoteAccess - ok
17:31:10.0022 0x14ec [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:31:10.0062 0x14ec RemoteRegistry - ok
17:31:10.0076 0x14ec [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:31:10.0129 0x14ec RpcEptMapper - ok
17:31:10.0150 0x14ec [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:31:10.0163 0x14ec RpcLocator - ok
17:31:10.0207 0x14ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:31:10.0244 0x14ec RpcSs - ok
17:31:10.0278 0x14ec [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:31:10.0318 0x14ec rspndr - ok
17:31:10.0335 0x14ec [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:31:10.0363 0x14ec s3cap - ok
17:31:10.0385 0x14ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
17:31:10.0396 0x14ec SamSs - ok
17:31:10.0419 0x14ec [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:31:10.0436 0x14ec sbp2port - ok
17:31:10.0464 0x14ec [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:31:10.0522 0x14ec SCardSvr - ok
17:31:10.0553 0x14ec [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:31:10.0595 0x14ec scfilter - ok
17:31:10.0654 0x14ec [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:31:10.0727 0x14ec Schedule - ok
17:31:10.0771 0x14ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:31:10.0800 0x14ec SCPolicySvc - ok
17:31:10.0834 0x14ec [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:31:10.0873 0x14ec SDRSVC - ok
17:31:10.0907 0x14ec [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:31:10.0960 0x14ec secdrv - ok
17:31:10.0997 0x14ec [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:31:11.0026 0x14ec seclogon - ok
17:31:11.0045 0x14ec [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:31:11.0084 0x14ec SENS - ok
17:31:11.0108 0x14ec [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:31:11.0125 0x14ec SensrSvc - ok
17:31:11.0160 0x14ec [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:31:11.0174 0x14ec Serenum - ok
17:31:11.0188 0x14ec [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:31:11.0220 0x14ec Serial - ok
17:31:11.0234 0x14ec [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:31:11.0295 0x14ec sermouse - ok
17:31:11.0354 0x14ec [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:31:11.0441 0x14ec SessionEnv - ok
17:31:11.0464 0x14ec [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:31:11.0499 0x14ec sffdisk - ok
17:31:11.0510 0x14ec [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:31:11.0536 0x14ec sffp_mmc - ok
17:31:11.0542 0x14ec [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:31:11.0572 0x14ec sffp_sd - ok
17:31:11.0590 0x14ec [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:31:11.0603 0x14ec sfloppy - ok
17:31:11.0689 0x14ec [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:31:11.0755 0x14ec SharedAccess - ok
17:31:11.0784 0x14ec [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:11.0840 0x14ec ShellHWDetection - ok
17:31:11.0854 0x14ec [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:31:11.0868 0x14ec SiSRaid2 - ok
17:31:11.0886 0x14ec [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:31:11.0901 0x14ec SiSRaid4 - ok
17:31:11.0957 0x14ec [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:31:12.0009 0x14ec SkypeUpdate - ok
17:31:12.0051 0x14ec [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:31:12.0100 0x14ec Smb - ok
17:31:12.0150 0x14ec [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:31:12.0179 0x14ec SNMPTRAP - ok
17:31:12.0205 0x14ec [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:31:12.0217 0x14ec spldr - ok
17:31:12.0258 0x14ec [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
17:31:12.0302 0x14ec Spooler - ok
17:31:12.0417 0x14ec [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:31:12.0683 0x14ec sppsvc - ok
17:31:12.0728 0x14ec [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:31:12.0774 0x14ec sppuinotify - ok
17:31:12.0841 0x14ec [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:31:12.0902 0x14ec srv - ok
17:31:12.0932 0x14ec [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:31:12.0977 0x14ec srv2 - ok
17:31:13.0000 0x14ec [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:31:13.0029 0x14ec srvnet - ok
17:31:13.0046 0x14ec [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:31:13.0093 0x14ec SSDPSRV - ok
17:31:13.0116 0x14ec [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:31:13.0143 0x14ec SstpSvc - ok
17:31:13.0204 0x14ec [ A993E6FD9549499099461A0B192EEC3F, EC17EBE9A0EF481E704E64D07D257C3380046CBB5D9CAFABA90D21A2B84191FF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:31:13.0235 0x14ec Steam Client Service - ok
17:31:13.0316 0x14ec [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:31:13.0339 0x14ec Stereo Service - ok
17:31:13.0358 0x14ec [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:31:13.0370 0x14ec stexstor - ok
17:31:13.0414 0x14ec [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:31:13.0464 0x14ec stisvc - ok
17:31:13.0499 0x14ec [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:31:13.0513 0x14ec storflt - ok
17:31:13.0535 0x14ec [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
17:31:13.0558 0x14ec StorSvc - ok
17:31:13.0580 0x14ec [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:31:13.0593 0x14ec storvsc - ok
17:31:13.0622 0x14ec [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:31:13.0636 0x14ec swenum - ok
17:31:13.0746 0x14ec [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:31:13.0820 0x14ec swprv - ok
17:31:13.0987 0x14ec [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:31:14.0061 0x14ec SysMain - ok
17:31:14.0090 0x14ec [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:14.0120 0x14ec TabletInputService - ok
17:31:14.0143 0x14ec [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:31:14.0194 0x14ec TapiSrv - ok
17:31:14.0212 0x14ec [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:31:14.0240 0x14ec TBS - ok
17:31:14.0311 0x14ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:31:14.0380 0x14ec Tcpip - ok
17:31:14.0436 0x14ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:31:14.0485 0x14ec TCPIP6 - ok
17:31:14.0510 0x14ec [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:31:14.0561 0x14ec tcpipreg - ok
17:31:14.0591 0x14ec [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:31:14.0615 0x14ec TDPIPE - ok
17:31:14.0629 0x14ec [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:31:14.0671 0x14ec TDTCP - ok
17:31:14.0701 0x14ec [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:31:14.0735 0x14ec tdx - ok
17:31:14.0764 0x14ec [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:31:14.0779 0x14ec TermDD - ok
17:31:14.0870 0x14ec [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
17:31:14.0910 0x14ec TermService - ok
17:31:14.0927 0x14ec [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:31:14.0966 0x14ec Themes - ok
17:31:15.0004 0x14ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:31:15.0032 0x14ec THREADORDER - ok
17:31:15.0058 0x14ec [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:31:15.0099 0x14ec TrkWks - ok
17:31:15.0148 0x14ec [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:15.0185 0x14ec TrustedInstaller - ok
17:31:15.0203 0x14ec [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:15.0226 0x14ec tssecsrv - ok
17:31:15.0253 0x14ec [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:31:15.0286 0x14ec TsUsbFlt - ok
17:31:15.0339 0x14ec [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:31:15.0383 0x14ec tunnel - ok
17:31:15.0406 0x14ec [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:31:15.0420 0x14ec uagp35 - ok
17:31:15.0459 0x14ec [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:31:15.0504 0x14ec udfs - ok
17:31:15.0519 0x14ec [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:31:15.0543 0x14ec UI0Detect - ok
17:31:15.0591 0x14ec [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:31:15.0616 0x14ec uliagpkx - ok
17:31:15.0653 0x14ec [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
17:31:15.0698 0x14ec umbus - ok
17:31:15.0750 0x14ec [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:31:15.0790 0x14ec UmPass - ok
17:31:15.0834 0x14ec [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
17:31:15.0902 0x14ec UmRdpService - ok
17:31:15.0993 0x14ec [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:31:16.0036 0x14ec upnphost - ok
17:31:16.0078 0x14ec [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:31:16.0142 0x14ec usbaudio - ok
17:31:16.0185 0x14ec [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:16.0229 0x14ec usbccgp - ok
17:31:16.0329 0x14ec [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:31:16.0389 0x14ec usbcir - ok
17:31:16.0417 0x14ec [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:31:16.0431 0x14ec usbehci - ok
17:31:16.0477 0x14ec [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:31:16.0545 0x14ec usbhub - ok
17:31:16.0608 0x14ec [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:31:16.0649 0x14ec usbohci - ok
17:31:16.0683 0x14ec [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:31:16.0757 0x14ec usbprint - ok
17:31:16.0804 0x14ec [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:16.0846 0x14ec USBSTOR - ok
17:31:17.0097 0x14ec [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:31:17.0111 0x14ec usbuhci - ok
17:31:17.0133 0x14ec [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:31:17.0165 0x14ec UxSms - ok
17:31:17.0175 0x14ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
17:31:17.0186 0x14ec VaultSvc - ok
17:31:17.0258 0x14ec [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:31:17.0306 0x14ec VClone - ok
17:31:17.0333 0x14ec [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:31:17.0346 0x14ec vdrvroot - ok
17:31:17.0474 0x14ec [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:31:17.0558 0x14ec vds - ok
17:31:17.0607 0x14ec [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:17.0622 0x14ec vga - ok
17:31:17.0641 0x14ec [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:31:17.0691 0x14ec VgaSave - ok
17:31:17.0706 0x14ec [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:31:17.0726 0x14ec vhdmp - ok
17:31:17.0753 0x14ec [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:31:17.0776 0x14ec viaide - ok
17:31:17.0811 0x14ec [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:31:17.0834 0x14ec vmbus - ok
17:31:17.0869 0x14ec [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:31:17.0894 0x14ec VMBusHID - ok
17:31:17.0920 0x14ec [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:31:17.0935 0x14ec volmgr - ok
17:31:17.0991 0x14ec [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:31:18.0016 0x14ec volmgrx - ok
17:31:18.0106 0x14ec [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:31:18.0131 0x14ec volsnap - ok
17:31:18.0157 0x14ec [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:31:18.0174 0x14ec vsmraid - ok
17:31:18.0261 0x14ec [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:31:18.0353 0x14ec VSS - ok
17:31:18.0365 0x14ec [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:31:18.0381 0x14ec vwifibus - ok
17:31:18.0401 0x14ec [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:31:18.0441 0x14ec vwififlt - ok
17:31:18.0488 0x14ec [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:31:18.0503 0x14ec vwifimp - ok
17:31:18.0548 0x14ec [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:31:18.0621 0x14ec W32Time - ok
17:31:18.0636 0x14ec [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:31:18.0649 0x14ec WacomPen - ok
17:31:18.0679 0x14ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0721 0x14ec WANARP - ok
17:31:18.0725 0x14ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0753 0x14ec Wanarpv6 - ok
17:31:18.0837 0x14ec [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:31:18.0892 0x14ec WatAdminSvc - ok
17:31:18.0958 0x14ec [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:31:19.0017 0x14ec wbengine - ok
17:31:19.0035 0x14ec [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:31:19.0061 0x14ec WbioSrvc - ok
17:31:19.0158 0x14ec [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:31:19.0196 0x14ec wcncsvc - ok
17:31:19.0209 0x14ec [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:19.0226 0x14ec WcsPlugInService - ok
17:31:19.0246 0x14ec [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:31:19.0267 0x14ec Wd - ok
17:31:19.0316 0x14ec [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:31:19.0352 0x14ec Wdf01000 - ok
17:31:19.0371 0x14ec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:31:19.0404 0x14ec WdiServiceHost - ok
17:31:19.0408 0x14ec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:31:19.0423 0x14ec WdiSystemHost - ok
17:31:19.0452 0x14ec [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
17:31:19.0486 0x14ec WebClient - ok
17:31:19.0502 0x14ec [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:31:19.0558 0x14ec Wecsvc - ok
17:31:19.0593 0x14ec [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:31:19.0627 0x14ec wercplsupport - ok
17:31:19.0657 0x14ec [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:31:19.0693 0x14ec WerSvc - ok
17:31:19.0706 0x14ec [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:19.0735 0x14ec WfpLwf - ok
17:31:19.0751 0x14ec [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:31:19.0764 0x14ec WIMMount - ok
17:31:19.0795 0x14ec WinDefend - ok
17:31:19.0805 0x14ec WinHttpAutoProxySvc - ok
17:31:19.0857 0x14ec [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:31:19.0898 0x14ec Winmgmt - ok
17:31:19.0970 0x14ec [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:31:20.0078 0x14ec WinRM - ok
17:31:20.0123 0x14ec [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:31:20.0184 0x14ec WinUsb - ok
17:31:20.0283 0x14ec [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:31:20.0353 0x14ec Wlansvc - ok
17:31:20.0375 0x14ec [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:31:20.0388 0x14ec WmiAcpi - ok
17:31:20.0407 0x14ec [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:31:20.0435 0x14ec wmiApSrv - ok
17:31:20.0466 0x14ec WMPNetworkSvc - ok
17:31:20.0616 0x14ec [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
17:31:20.0666 0x14ec WMZuneComm - ok
17:31:20.0699 0x14ec [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:31:20.0730 0x14ec WPCSvc - ok
17:31:20.0765 0x14ec [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:31:20.0790 0x14ec WPDBusEnum - ok
17:31:20.0810 0x14ec [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:31:20.0860 0x14ec ws2ifsl - ok
17:31:20.0879 0x14ec [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:31:20.0916 0x14ec wscsvc - ok
17:31:20.0918 0x14ec WSearch - ok
17:31:21.0035 0x14ec [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
17:31:21.0106 0x14ec wuauserv - ok
17:31:21.0121 0x14ec [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:31:21.0170 0x14ec WudfPf - ok
17:31:21.0208 0x14ec [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:21.0260 0x14ec WUDFRd - ok
17:31:21.0285 0x14ec [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:31:21.0326 0x14ec wudfsvc - ok
17:31:21.0348 0x14ec [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:31:21.0397 0x14ec WwanSvc - ok
17:31:21.0805 0x14ec [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
17:31:22.0052 0x14ec ZuneNetworkSvc - ok
17:31:22.0115 0x14ec [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
17:31:22.0150 0x14ec ZuneWlanCfgSvc - ok
17:31:22.0185 0x14ec ================ Scan global ===============================
17:31:22.0232 0x14ec [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:31:22.0283 0x14ec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:31:22.0314 0x14ec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:31:22.0347 0x14ec [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:31:22.0386 0x14ec [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:31:22.0403 0x14ec [ Global ] - ok
17:31:22.0404 0x14ec ================ Scan MBR ==================================
17:31:22.0416 0x14ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:22.0680 0x14ec \Device\Harddisk0\DR0 - ok
17:31:22.0685 0x14ec [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5
17:31:23.0202 0x14ec \Device\Harddisk5\DR5 - ok
17:31:23.0203 0x14ec ================ Scan VBR ==================================
17:31:23.0208 0x14ec [ D52A7CF6C1732B0E7A0AB4485F439845 ] \Device\Harddisk0\DR0\Partition1
17:31:23.0210 0x14ec \Device\Harddisk0\DR0\Partition1 - ok
17:31:23.0214 0x14ec [ 040A013E604F9D6B982FF1887193D5BB ] \Device\Harddisk0\DR0\Partition2
17:31:23.0216 0x14ec \Device\Harddisk0\DR0\Partition2 - ok
17:31:23.0221 0x14ec [ 11B2D23E3D9E991D022D5FDBCC1C17C5 ] \Device\Harddisk5\DR5\Partition1
17:31:23.0310 0x14ec \Device\Harddisk5\DR5\Partition1 - ok
17:31:23.0312 0x14ec ================ Scan generic autorun ======================
17:31:23.0610 0x14ec [ 1539331FFDB2D977BFF14F5737F5063E, 29C6CDEDA01D406BEE2B6E06CC42491A9EA89E45751D92DB4A2E9C017527B44A ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:31:23.0925 0x14ec Launch LCore - ok
17:31:23.0932 0x14ec Nvtmru - ok
17:31:24.0027 0x14ec [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:31:24.0100 0x14ec NvBackend - ok
17:31:24.0121 0x14ec [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:31:24.0133 0x14ec ShadowPlay - ok
17:31:24.0197 0x14ec [ 2B0080C95A640FF916D5494F50440B10, F0B0E108766F18242A9ECA41EE21675B570DE85E16E75B7990CD82AA4BE37A78 ] C:\Program Files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe
17:31:24.0220 0x14ec Cm106Sound - detected UnsignedFile.Multi.Generic ( 1 )
17:31:27.0010 0x14ec Detect skipped due to KSN trusted
17:31:27.0010 0x14ec Cm106Sound - ok
17:31:27.0039 0x14ec [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files\Zune\ZuneLauncher.exe
17:31:27.0079 0x14ec Zune Launcher - ok
17:31:27.0161 0x14ec [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:31:27.0191 0x14ec avgnt - ok
17:31:27.0237 0x14ec [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:31:27.0277 0x14ec SunJavaUpdateSched - ok
17:31:27.0326 0x14ec [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
17:31:27.0357 0x14ec VirtualCloneDrive - ok
17:31:27.0435 0x14ec [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:31:27.0473 0x14ec Adobe ARM - ok
17:31:27.0537 0x14ec [ 5CBF14D14D559ABC5C9936B3120A1A45, A1706B92AC2E02023A342FF4CF9D53AB6D8587EFC3A207B615CD49C36ABE0B4D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
17:31:27.0569 0x14ec Avira Systray - ok
17:31:27.0682 0x14ec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:31:27.0765 0x14ec Sidebar - ok
17:31:27.0795 0x14ec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:31:27.0824 0x14ec mctadmin - ok
17:31:27.0867 0x14ec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:31:27.0905 0x14ec Sidebar - ok
17:31:27.0915 0x14ec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:31:27.0931 0x14ec mctadmin - ok
17:31:28.0102 0x14ec [ AECBBD0C048354B07A62D275D6DFE9F0, 9D163D281641676420DA480F331DE0C0E230ECEB97D413AEE2C9878F3DD77382 ] C:\Program Files (x86)\Steam\steam.exe
17:31:28.0147 0x14ec Steam - ok
17:31:28.0216 0x14ec [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files (x86)\RocketDock\RocketDock.exe
17:31:28.0266 0x14ec RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
17:31:31.0658 0x14ec Detect skipped due to KSN trusted
17:31:31.0658 0x14ec RocketDock - ok
17:31:31.0659 0x14ec Waiting for KSN requests completion. In queue: 11
17:31:32.0659 0x14ec Waiting for KSN requests completion. In queue: 11
17:31:33.0659 0x14ec Waiting for KSN requests completion. In queue: 11
17:31:34.0667 0x14ec AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
17:31:34.0673 0x14ec Win FW state via NFP2: enabled
17:31:37.0418 0x14ec ============================================================
17:31:37.0418 0x14ec Scan finished
17:31:37.0418 0x14ec ============================================================
17:31:37.0427 0x1454 Detected object count: 0
17:31:37.0427 0x1454 Actual detected object count: 0
|
|
06.11.2014, 11:16
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7/ Hoher Ping - Sehr langsames Internet hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.11.2014, 11:41
| #5 |
| | Windows 7/ Hoher Ping - Sehr langsames InternetCode:
ATTFilter ComboFix 14-10-29.01 - Dave 06.11.2014 11:24:58.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4087.2033 [GMT 1:00]
ausgeführt von:: c:\users\Dave\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dave\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
I:\Autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-10-06 bis 2014-11-06 ))))))))))))))))))))))))))))))
.
.
2014-11-05 15:05 . 2014-11-05 15:09 -------- d-----w- C:\FRST
2014-11-05 14:39 . 2014-11-05 14:39 -------- d-----w- c:\program files\Google
2014-11-05 14:37 . 2014-11-05 14:39 -------- d-----w- c:\program files (x86)\Google
2014-11-05 14:37 . 2014-11-05 14:37 -------- d-----w- c:\users\Dave\AppData\Local\Google
2014-11-05 14:18 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-11-05 14:18 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-11-05 14:18 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-11-05 14:18 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-11-05 14:18 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-11-05 14:18 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-11-05 14:18 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-11-05 14:18 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-11-05 14:05 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-11-05 14:04 . 2014-04-12 02:22 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-05 14:03 . 2014-09-29 00:58 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-05 13:59 . 2014-11-05 13:59 -------- d-----w- c:\windows\Sun
2014-11-03 21:41 . 2014-11-03 21:41 -------- d-----w- c:\program files\Microsoft Silverlight
2014-11-03 21:41 . 2014-11-03 21:41 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-07 10:31 . 2013-12-23 15:12 43064 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-10-07 10:31 . 2013-12-23 15:12 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-10-07 10:31 . 2013-12-23 15:12 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-10-03 09:02 . 2013-12-23 17:04 103265616 ----a-w- c:\windows\system32\MRT.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2014-01-06 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2014-01-06 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-10-21 1938624]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-11-06 703736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-09 124720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 FXDrv32;FXDrv32;d:\fxdrv64.sys;d:\FXDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n-Drahtlostreiber für Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 CMUAC;USB Audio Class 1.0 and 2.0 Device Driver;c:\windows\system32\DRIVERS\CMUAC.SYS;c:\windows\SYSNATIVE\DRIVERS\CMUAC.SYS [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-05 14:37]
.
2014-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-05 14:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"Cm106Sound"="c:\program files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe" [2011-07-15 278016]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
FF - ProfilePath - c:\users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Steam\bin\steamwebhelper.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-06 11:37:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-11-06 10:37
.
Vor Suchlauf: 11 Verzeichnis(se), 394.684.674.048 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 394.640.134.144 Bytes frei
.
- - End Of File - - E824FF2CA03DA4CC6B0699D737038366
A36C5E4F47E84449FF07ED3517B43A31
Geändert von dave465 (06.11.2014 um 12:21 Uhr) |
|
06.11.2014, 20:38
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7/ Hoher Ping - Sehr langsames Internet Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 7/ Hoher Ping - Sehr langsames Internet |
|
07.11.2014, 13:13
| #7 |
| | Windows 7/ Hoher Ping - Sehr langsames InternetCode:
ATTFilter # AdwCleaner v4.002 - Bericht erstellt am 07/11/2014 um 13:04:26
# Aktualisiert 27/10/2014 von Xplode
# Datenbank : 2014-11-02.1
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Dave - DAVE-PC
# Gestartet von : C:\Users\Dave\Downloads\AdwCleaner_4.002.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0 (x86 de)
*************************
AdwCleaner[R0].txt - [1119 octets] - [07/11/2014 13:01:16]
AdwCleaner[R1].txt - [1036 octets] - [07/11/2014 13:04:26]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1096 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 07.11.2014 Scan Time: 12:48:52 Logfile: mbam.txt Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.09.19.05 Rootkit Database: v2014.11.01.02 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Dave Scan Type: Threat Scan Result: Completed Objects Scanned: 313976 Time Elapsed: 9 min, 40 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Professional x64
Ran by Dave on 07.11.2014 at 13:07:19,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Dave\AppData\Roaming\mozilla\firefox\profiles\9gyzcj8o.default\minidumps [104 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.11.2014 at 13:09:33,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Dave (administrator) on DAVE-PC on 07-11-2014 13:11:11
Running from C:\Users\Dave\Downloads
Loaded Profiles: Dave & (Available profiles: Dave)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C-MEDIA Electronics INC.) C:\Program Files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Program Files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe [278016 2011-07-15] (C-MEDIA Electronics INC.)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x777D5FD0A55CCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: YouTube Unblocker - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\youtubeunblocker@unblocker.yt [2014-10-16]
FF Extension: Flashblock - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-05-11]
FF Extension: Classic Theme Restorer - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-11]
FF Extension: {790062c4-0ee5-402e-a33f-5b8d2a723123} - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{790062c4-0ee5-402e-a33f-5b8d2a723123}.xpi [2014-07-27]
FF Extension: tab plugin - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{91af9ff8-8f43-4484-8bec-1af2989cb6d9}.xpi [2014-07-31]
FF Extension: Adblock Plus - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
R3 CMUAC; C:\Windows\System32\DRIVERS\CMUAC.SYS [111104 2011-07-14] (C-Media Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FXDrv32; \??\D:\FXDrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-07 13:09 - 2014-11-07 13:09 - 00000826 _____ () C:\Users\Dave\Desktop\JRT.txt
2014-11-07 13:07 - 2014-11-07 13:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-07 13:07 - 2014-11-07 13:07 - 00000000 ____D () C:\Windows\ERUNT
2014-11-07 13:06 - 2014-11-07 13:06 - 01706939 _____ (Thisisu) C:\Users\Dave\Downloads\JRT.exe
2014-11-07 13:05 - 2014-11-07 13:05 - 00001180 _____ () C:\Users\Dave\Desktop\AdwCleaner[R1].txt
2014-11-07 13:00 - 2014-11-07 13:05 - 00000000 ____D () C:\AdwCleaner
2014-11-07 13:00 - 2014-11-07 13:00 - 01998336 _____ () C:\Users\Dave\Downloads\AdwCleaner_4.002.exe
2014-11-07 13:00 - 2014-11-07 13:00 - 00001054 _____ () C:\Users\Dave\Desktop\mbam.txt
2014-11-07 12:48 - 2014-11-07 12:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-07 12:48 - 2014-11-07 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-07 12:48 - 2014-11-07 12:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-07 12:48 - 2014-11-07 12:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-07 12:48 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-07 12:48 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-07 12:48 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-07 12:47 - 2014-11-07 12:47 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-06 11:37 - 2014-11-06 11:37 - 00016517 _____ () C:\ComboFix.txt
2014-11-06 11:21 - 2014-11-06 11:37 - 00000000 ____D () C:\Qoobox
2014-11-06 11:21 - 2014-11-06 11:36 - 00000000 ____D () C:\Windows\erdnt
2014-11-06 11:21 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-06 11:21 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-06 11:21 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-06 11:19 - 2014-11-06 11:19 - 05591672 ____R (Swearware) C:\Users\Dave\Downloads\ComboFix.exe
2014-11-05 17:29 - 2014-11-05 17:29 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Dave\Downloads\tdsskiller.exe
2014-11-05 17:14 - 2014-11-07 12:42 - 00002296 _____ () C:\Windows\setupact.log
2014-11-05 17:14 - 2014-11-05 17:14 - 00471808 _____ () C:\Windows\Minidump\110514-75566-01.dmp
2014-11-05 17:14 - 2014-11-05 17:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-05 17:13 - 2014-11-06 11:30 - 00001648 _____ () C:\Windows\PFRO.log
2014-11-05 17:13 - 2014-11-05 17:13 - 533883891 _____ () C:\Windows\MEMORY.DMP
2014-11-05 16:32 - 2014-11-05 16:32 - 00002540 _____ () C:\Users\Dave\Downloads\gmer.log
2014-11-05 16:14 - 2014-11-05 16:14 - 00042529 _____ () C:\Users\Dave\Desktop\Neues Textdokument.txt
2014-11-05 16:12 - 2014-11-05 16:12 - 00380416 _____ () C:\Users\Dave\Downloads\Gmer-19357.exe
2014-11-05 16:07 - 2014-11-05 16:09 - 00021082 _____ () C:\Users\Dave\Downloads\Addition.txt
2014-11-05 16:05 - 2014-11-07 13:11 - 00013438 _____ () C:\Users\Dave\Downloads\FRST.txt
2014-11-05 16:05 - 2014-11-07 13:11 - 00000000 ____D () C:\FRST
2014-11-05 16:05 - 2014-11-05 16:05 - 02114560 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2014-11-05 16:03 - 2014-11-05 16:04 - 00000470 _____ () C:\Users\Dave\Downloads\defogger_disable.log
2014-11-05 16:03 - 2014-11-05 16:03 - 00050477 _____ () C:\Users\Dave\Downloads\Defogger.exe
2014-11-05 16:03 - 2014-11-05 16:03 - 00000000 _____ () C:\Users\Dave\defogger_reenable
2014-11-05 15:39 - 2014-11-05 15:39 - 00000000 ____D () C:\Program Files\Google
2014-11-05 15:38 - 2014-11-05 15:39 - 00000000 ____D () C:\ProgramData\Google
2014-11-05 15:37 - 2014-11-07 12:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 15:37 - 2014-11-07 12:42 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-05 15:37 - 2014-11-05 15:44 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-05 15:37 - 2014-11-05 15:44 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-05 15:37 - 2014-11-05 15:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-05 15:37 - 2014-11-05 15:37 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google
2014-11-05 15:36 - 2014-11-05 15:36 - 04976456 _____ (Piriform Ltd) C:\Users\Dave\Downloads\ccsetup419.exe
2014-11-05 15:30 - 2014-11-05 15:30 - 00339257 _____ () C:\Users\Dave\Downloads\CleanUp452.exe
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2014-11-05 15:18 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-11-05 15:18 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-11-05 15:18 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-05 15:18 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-05 15:18 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-11-05 15:18 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-11-05 15:18 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-11-05 15:18 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-11-05 15:11 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-05 15:11 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-05 15:11 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-05 15:11 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-05 15:11 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-05 15:11 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-05 15:11 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-05 15:11 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-05 15:11 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-05 15:11 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-05 15:11 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-05 15:11 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-05 15:11 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-05 15:11 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-05 15:11 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-05 15:11 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-05 15:11 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-05 15:11 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-05 15:11 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-05 15:11 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-05 15:11 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-05 15:11 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-05 15:11 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-05 15:11 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-05 15:11 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-05 15:11 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-05 15:11 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-05 15:11 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-05 15:11 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-05 15:11 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-05 15:11 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-05 15:11 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-05 15:11 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-05 15:11 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-05 15:11 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-05 15:11 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-05 15:11 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-05 15:11 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-05 15:11 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-05 15:11 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-05 15:11 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-05 15:11 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-05 15:11 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-05 15:11 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-05 15:11 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-05 15:11 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-05 15:11 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-05 15:11 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-05 15:11 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-05 15:11 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-05 15:11 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-05 15:11 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-05 15:11 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-05 15:11 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-05 15:11 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-05 15:11 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-05 15:07 - 2014-11-05 16:13 - 00008528 _____ () C:\Users\Dave\Downloads\hijackthis.log
2014-11-05 15:06 - 2014-11-05 15:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dave\Downloads\HijackThis.exe
2014-11-05 15:05 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-11-05 15:05 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-11-05 15:05 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-05 15:05 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-11-05 15:05 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-05 15:05 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-11-05 15:05 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-11-05 15:05 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-05 15:05 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-05 15:05 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-05 15:05 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-05 15:05 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-05 15:05 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-05 15:05 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-05 15:05 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-05 15:05 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-11-05 15:05 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-11-05 15:05 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-11-05 15:05 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-11-05 15:05 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-11-05 15:05 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-11-05 15:05 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-11-05 15:05 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-11-05 15:05 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-11-05 15:05 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-11-05 15:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-05 15:04 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-05 15:04 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-05 15:04 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-05 15:04 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-05 15:04 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-11-05 15:04 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-11-05 15:04 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-11-05 15:04 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-11-05 15:04 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-11-05 15:04 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-11-05 15:04 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-05 15:04 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-11-05 15:04 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-05 15:04 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-11-05 15:04 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-05 15:04 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-11-05 15:04 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-05 15:03 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-05 15:03 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-05 15:03 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-05 15:03 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-11-05 15:03 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-11-05 15:03 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-11-05 15:03 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-11-05 15:03 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-11-05 15:03 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-11-05 15:03 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-11-05 15:03 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-11-05 15:03 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-11-05 15:03 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-11-05 15:03 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-11-05 15:03 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-11-05 15:03 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-11-05 15:03 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-11-05 15:03 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-05 15:03 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-05 15:03 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-11-05 15:03 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-11-05 15:03 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-05 14:59 - 2014-11-05 14:59 - 00000000 ____D () C:\Windows\Sun
2014-11-04 13:12 - 2014-11-04 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-03 22:40 - 2014-11-03 22:40 - 13087456 _____ (Microsoft Corporation) C:\Users\Dave\Downloads\Silverlight_x64.exe
2014-10-21 18:09 - 2014-10-21 18:09 - 29791494 _____ () C:\Users\Dave\Downloads\wetransfer-132581.zip
2014-10-19 17:33 - 2014-10-19 17:33 - 00000015 _____ () C:\Users\Dave\Desktop\2014-11-19 1733.txt
2014-10-17 20:54 - 2014-10-17 20:55 - 99011288 _____ () C:\Users\Dave\Downloads\Enisum - Samoht Nara (2014).rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-07 12:46 - 2013-12-23 15:58 - 02031674 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 12:42 - 2013-12-23 16:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-07 12:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 12:41 - 2013-12-23 16:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-07 01:58 - 2013-12-23 17:04 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\vlc
2014-11-06 16:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-06 14:51 - 2013-12-24 15:20 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\TS3Client
2014-11-06 11:37 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-06 11:31 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-05 17:22 - 2009-07-14 05:45 - 00012560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:22 - 2009-07-14 05:45 - 00012560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:16 - 2014-04-26 13:35 - 00000000 ___RD () C:\Users\Dave\Podcasts
2014-11-05 17:14 - 2014-07-30 14:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-05 17:14 - 2009-07-14 05:45 - 00295584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-05 17:01 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-05 17:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-05 16:03 - 2013-12-23 16:03 - 00000000 ____D () C:\Users\Dave
2014-11-05 15:49 - 2009-07-14 18:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2014-11-05 15:49 - 2009-07-14 18:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2014-11-05 15:49 - 2009-07-14 06:13 - 01634396 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-05 15:40 - 2013-12-23 15:54 - 00000000 ____D () C:\Windows\Panther
2014-11-05 15:35 - 2013-12-23 16:44 - 01590298 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-05 15:23 - 2013-12-23 18:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-05 13:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-04 13:12 - 2014-08-07 14:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-04 13:12 - 2013-12-23 16:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-22 22:30 - 2014-04-22 14:09 - 00000000 ___RD () C:\Users\Dave\Dropbox
2014-10-22 14:12 - 2014-04-22 14:08 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-10-22 14:12 - 2014-04-22 14:07 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Dropbox
2014-10-12 21:16 - 2013-12-23 16:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
Some content of TEMP:
====================
C:\Users\Dave\AppData\Local\Temp\avgnt.exe
C:\Users\Dave\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpopbzal.dll
C:\Users\Dave\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-06 12:53
==================== End Of Log ============================
--- --- --- |
|
08.11.2014, 07:38
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7/ Hoher Ping - Sehr langsames Internet AdwCleaner auch Löschen lassen! ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.11.2014, 23:03
| #9 |
| | Windows 7/ Hoher Ping - Sehr langsames InternetCode:
ATTFilter Results of screen317's Security Check version 0.99.89
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version out of Date!
Adobe Flash Player 11.9.900.170 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox (33.0.3)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
ESET ESET Online Scanner OnlineScannerApp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=01779ade39107b458bb400c41afa1ba3
# engine=21005
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-09 04:05:19
# local_time=2014-11-09 05:05:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 8273 28967280 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 27040454 167178968 0 0
# scanned=334543
# found=6
# cleaned=6
# scan_time=7501
sh=28554716F3251CC0FE27E608453E1D4D833FABF1 ft=1 fh=19e7e01ec53b92d2 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Dave\Downloads\cdex_151 - CHIP-Downloader.exe"
sh=EEBBBC576E69364DCED2FB1FC4BA93CD7A6E3C53 ft=1 fh=c95439dbb447e289 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Dave\Downloads\FRAPS - CHIP-Downloader.exe"
sh=E3782D218650BDAB8999EC9242EE17CFC976E519 ft=1 fh=18935622245610b7 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Dave\Downloads\Skype - CHIP-Downloader.exe"
sh=6D65A3F1CFF59E898F7FEB17C0CF169ACF59FE05 ft=1 fh=4be6a617f38121b2 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Dave\Downloads\Virtual CloneDrive - CHIP-Downloader.exe"
sh=BC08C287D6E361C785CD17C317C8B328113C2F2E ft=1 fh=7da2e5f9eaa6cf4e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Dave\Downloads\Zune Software - CHIP-Downloader.exe"
sh=0FC145D539EF7A2D88FA76DE573B25AB9EB2A317 ft=1 fh=0484962387c0b26c vn="Variante von Win32/Packed.VMProtect.AAA Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="I:\Games\Splinter Cell - Conviction\src\system\ubiorbitapi_r2.dll"
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Dave (administrator) on DAVE-PC on 09-11-2014 23:02:04
Running from C:\Users\Dave\Downloads
Loaded Profile: Dave (Available profiles: Dave)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C-MEDIA Electronics INC.) C:\Program Files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.225\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.9\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.117\deploy\LolClient.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Program Files\Cooler Master Storm Sirus\CPL\Storm Sirus.exe [278016 2011-07-15] (C-MEDIA Electronics INC.)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x777D5FD0A55CCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1429369569-4198421278-2418284756-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: YouTube Unblocker - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-07]
FF Extension: Flashblock - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-05-11]
FF Extension: Classic Theme Restorer - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-11]
FF Extension: {790062c4-0ee5-402e-a33f-5b8d2a723123} - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{790062c4-0ee5-402e-a33f-5b8d2a723123}.xpi [2014-07-27]
FF Extension: tab plugin - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{91af9ff8-8f43-4484-8bec-1af2989cb6d9}.xpi [2014-07-31]
FF Extension: Adblock Plus - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\9gyzcj8o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
R3 CMUAC; C:\Windows\System32\DRIVERS\CMUAC.SYS [111104 2011-07-14] (C-Media Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FXDrv32; \??\D:\FXDrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 23:02 - 2014-11-09 23:02 - 00000000 ____D () C:\Users\Dave\Downloads\FRST-OlderVersion
2014-11-09 22:41 - 2014-11-09 22:41 - 00000000 __SHD () C:\Users\Dave\AppData\Local\EmieUserList
2014-11-09 22:41 - 2014-11-09 22:41 - 00000000 __SHD () C:\Users\Dave\AppData\Local\EmieSiteList
2014-11-09 20:10 - 2014-11-09 20:10 - 00854448 _____ () C:\Users\Dave\Downloads\SecurityCheck.exe
2014-11-09 14:54 - 2014-11-09 14:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-09 14:53 - 2014-11-09 14:53 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-09 14:53 - 2014-11-09 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-09 14:52 - 2014-11-09 14:53 - 02347384 _____ (ESET) C:\Users\Dave\Downloads\esetsmartinstaller_deu.exe
2014-11-07 13:12 - 2014-11-07 13:12 - 00043441 _____ () C:\Users\Dave\Desktop\FRST.txt
2014-11-07 13:09 - 2014-11-07 13:09 - 00000826 _____ () C:\Users\Dave\Desktop\JRT.txt
2014-11-07 13:07 - 2014-11-07 13:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-07 13:07 - 2014-11-07 13:07 - 00000000 ____D () C:\Windows\ERUNT
2014-11-07 13:06 - 2014-11-07 13:06 - 01706939 _____ (Thisisu) C:\Users\Dave\Downloads\JRT.exe
2014-11-07 13:05 - 2014-11-07 13:05 - 00001180 _____ () C:\Users\Dave\Desktop\AdwCleaner[R1].txt
2014-11-07 13:00 - 2014-11-07 13:05 - 00000000 ____D () C:\AdwCleaner
2014-11-07 13:00 - 2014-11-07 13:00 - 01998336 _____ () C:\Users\Dave\Downloads\AdwCleaner_4.002.exe
2014-11-07 13:00 - 2014-11-07 13:00 - 00001054 _____ () C:\Users\Dave\Desktop\mbam.txt
2014-11-07 12:48 - 2014-11-07 12:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-07 12:48 - 2014-11-07 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-07 12:48 - 2014-11-07 12:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-07 12:48 - 2014-11-07 12:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-07 12:48 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-07 12:48 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-07 12:48 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-07 12:47 - 2014-11-07 12:47 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-06 11:37 - 2014-11-06 11:37 - 00016517 _____ () C:\ComboFix.txt
2014-11-06 11:21 - 2014-11-06 11:37 - 00000000 ____D () C:\Qoobox
2014-11-06 11:21 - 2014-11-06 11:36 - 00000000 ____D () C:\Windows\erdnt
2014-11-06 11:21 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-06 11:21 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-06 11:21 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-06 11:21 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-06 11:19 - 2014-11-06 11:19 - 05591672 ____R (Swearware) C:\Users\Dave\Downloads\ComboFix.exe
2014-11-05 17:29 - 2014-11-05 17:29 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Dave\Downloads\tdsskiller.exe
2014-11-05 17:14 - 2014-11-09 20:04 - 00003248 _____ () C:\Windows\setupact.log
2014-11-05 17:14 - 2014-11-05 17:14 - 00471808 _____ () C:\Windows\Minidump\110514-75566-01.dmp
2014-11-05 17:14 - 2014-11-05 17:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-05 17:13 - 2014-11-07 19:25 - 00002024 _____ () C:\Windows\PFRO.log
2014-11-05 17:13 - 2014-11-05 17:13 - 533883891 _____ () C:\Windows\MEMORY.DMP
2014-11-05 16:32 - 2014-11-05 16:32 - 00002540 _____ () C:\Users\Dave\Downloads\gmer.log
2014-11-05 16:14 - 2014-11-05 16:14 - 00042529 _____ () C:\Users\Dave\Desktop\Neues Textdokument.txt
2014-11-05 16:12 - 2014-11-05 16:12 - 00380416 _____ () C:\Users\Dave\Downloads\Gmer-19357.exe
2014-11-05 16:07 - 2014-11-05 16:09 - 00021082 _____ () C:\Users\Dave\Downloads\Addition.txt
2014-11-05 16:05 - 2014-11-09 23:02 - 02116096 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2014-11-05 16:05 - 2014-11-09 23:02 - 00012669 _____ () C:\Users\Dave\Downloads\FRST.txt
2014-11-05 16:05 - 2014-11-09 23:02 - 00000000 ____D () C:\FRST
2014-11-05 16:03 - 2014-11-05 16:04 - 00000470 _____ () C:\Users\Dave\Downloads\defogger_disable.log
2014-11-05 16:03 - 2014-11-05 16:03 - 00050477 _____ () C:\Users\Dave\Downloads\Defogger.exe
2014-11-05 16:03 - 2014-11-05 16:03 - 00000000 _____ () C:\Users\Dave\defogger_reenable
2014-11-05 15:39 - 2014-11-05 15:39 - 00000000 ____D () C:\Program Files\Google
2014-11-05 15:37 - 2014-11-09 22:41 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google
2014-11-05 15:37 - 2014-11-09 22:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-05 15:36 - 2014-11-05 15:36 - 04976456 _____ (Piriform Ltd) C:\Users\Dave\Downloads\ccsetup419.exe
2014-11-05 15:30 - 2014-11-05 15:30 - 00339257 _____ () C:\Users\Dave\Downloads\CleanUp452.exe
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2014-11-05 15:18 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-11-05 15:18 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-11-05 15:18 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-05 15:18 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-05 15:18 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-11-05 15:18 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-11-05 15:18 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-11-05 15:18 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-11-05 15:11 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-05 15:11 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-05 15:11 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-05 15:11 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-05 15:11 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-05 15:11 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-05 15:11 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-05 15:11 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-05 15:11 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-05 15:11 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-05 15:11 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-05 15:11 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-05 15:11 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-05 15:11 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-05 15:11 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-05 15:11 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-05 15:11 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-05 15:11 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-05 15:11 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-05 15:11 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-05 15:11 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-05 15:11 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-05 15:11 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-05 15:11 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-05 15:11 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-05 15:11 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-05 15:11 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-05 15:11 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-05 15:11 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-05 15:11 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-05 15:11 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-05 15:11 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-05 15:11 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-05 15:11 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-05 15:11 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-05 15:11 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-05 15:11 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-05 15:11 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-05 15:11 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-05 15:11 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-05 15:11 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-05 15:11 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-05 15:11 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-05 15:11 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-05 15:11 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-05 15:11 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-05 15:11 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-05 15:11 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-05 15:11 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-05 15:11 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-05 15:11 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-05 15:11 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-05 15:11 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-05 15:11 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-05 15:11 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-05 15:11 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-05 15:07 - 2014-11-05 16:13 - 00008528 _____ () C:\Users\Dave\Downloads\hijackthis.log
2014-11-05 15:06 - 2014-11-05 15:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dave\Downloads\HijackThis.exe
2014-11-05 15:05 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-11-05 15:05 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-11-05 15:05 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-05 15:05 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-05 15:05 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-11-05 15:05 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-05 15:05 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-05 15:05 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-11-05 15:05 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-11-05 15:05 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-05 15:05 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-05 15:05 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-05 15:05 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-05 15:05 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-05 15:05 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-05 15:05 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-05 15:05 - 2014-03-25 03:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-05 15:05 - 2014-03-25 03:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-05 15:05 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-05 15:05 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-11-05 15:05 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-11-05 15:05 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-11-05 15:05 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-11-05 15:05 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-11-05 15:05 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-11-05 15:05 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-11-05 15:05 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-11-05 15:05 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-11-05 15:05 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-11-05 15:05 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-11-05 15:05 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-11-05 15:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-11-05 15:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-05 15:04 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-05 15:04 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-05 15:04 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-05 15:04 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-05 15:04 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-05 15:04 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-11-05 15:04 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-11-05 15:04 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-11-05 15:04 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-11-05 15:04 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-11-05 15:04 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-11-05 15:04 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-05 15:04 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-11-05 15:04 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-05 15:04 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-11-05 15:04 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-05 15:04 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-11-05 15:04 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-05 15:03 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-05 15:03 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-05 15:03 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-05 15:03 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-11-05 15:03 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-11-05 15:03 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-11-05 15:03 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-11-05 15:03 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-11-05 15:03 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-11-05 15:03 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-11-05 15:03 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-11-05 15:03 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-11-05 15:03 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-11-05 15:03 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-11-05 15:03 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-11-05 15:03 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-11-05 15:03 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-11-05 15:03 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-05 15:03 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-05 15:03 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-11-05 15:03 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-11-05 15:03 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-05 14:59 - 2014-11-05 14:59 - 00000000 ____D () C:\Windows\Sun
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-03 22:41 - 2014-11-03 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-03 22:40 - 2014-11-03 22:40 - 13087456 _____ (Microsoft Corporation) C:\Users\Dave\Downloads\Silverlight_x64.exe
2014-10-21 18:09 - 2014-10-21 18:09 - 29791494 _____ () C:\Users\Dave\Downloads\wetransfer-132581.zip
2014-10-19 17:33 - 2014-10-19 17:33 - 00000015 _____ () C:\Users\Dave\Desktop\2014-11-19 1733.txt
2014-10-17 20:54 - 2014-10-17 20:55 - 99011288 _____ () C:\Users\Dave\Downloads\Enisum - Samoht Nara (2014).rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 14:54 - 2013-12-23 15:58 - 01058333 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 14:53 - 2014-08-07 14:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 14:53 - 2013-12-23 16:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-09 14:46 - 2013-12-23 16:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-09 14:46 - 2013-12-23 16:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-09 14:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-08 12:15 - 2013-12-23 17:04 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\vlc
2014-11-06 16:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-06 14:51 - 2013-12-24 15:20 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\TS3Client
2014-11-06 11:37 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-06 11:31 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-05 17:22 - 2009-07-14 05:45 - 00012560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:22 - 2009-07-14 05:45 - 00012560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:16 - 2014-04-26 13:35 - 00000000 ___RD () C:\Users\Dave\Podcasts
2014-11-05 17:14 - 2014-07-30 14:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-05 17:14 - 2009-07-14 05:45 - 00295584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-05 17:01 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-05 17:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-05 16:03 - 2013-12-23 16:03 - 00000000 ____D () C:\Users\Dave
2014-11-05 15:49 - 2009-07-14 18:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2014-11-05 15:49 - 2009-07-14 18:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2014-11-05 15:49 - 2009-07-14 06:13 - 01634396 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-05 15:40 - 2013-12-23 15:54 - 00000000 ____D () C:\Windows\Panther
2014-11-05 15:35 - 2013-12-23 16:44 - 01590298 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-05 15:23 - 2013-12-23 18:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-05 13:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-22 22:30 - 2014-04-22 14:09 - 00000000 ___RD () C:\Users\Dave\Dropbox
2014-10-22 14:12 - 2014-04-22 14:08 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-10-22 14:12 - 2014-04-22 14:07 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Dropbox
2014-10-12 21:16 - 2013-12-23 16:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
Some content of TEMP:
====================
C:\Users\Dave\AppData\Local\Temp\avgnt.exe
C:\Users\Dave\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpopbzal.dll
C:\Users\Dave\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-06 12:53
==================== End Of Log ============================
--- --- --- |
|
10.11.2014, 16:48
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7/ Hoher Ping - Sehr langsames Internet Java und Flash updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.11.2014, 17:03
| #11 |
| | Windows 7/ Hoher Ping - Sehr langsames Internet Ja danke Bin sehr zufrieden closed |
|
12.11.2014, 10:45
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7/ Hoher Ping - Sehr langsames Internet Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7/ Hoher Ping - Sehr langsames Internet |
| bluescreen 0x0000009f, bluescreen 0x800700050, ccsetup, computer, fehlercode 0x0, fehlercode 0x80000003, fehlercode 22, fehlercode windows, flash player, html/crypted.gen, memory.dmp, problem, rocketdock - detected unsignedfile.multi.generic, security, starten, svchost.exe, teamspeak, this device is disabled. (code 22), trojaner, trojaner board, win32/downloadsponsor.a, win32/packed.vmprotect.aaa, windows xp |
WARNUNG an die MITLESER: 
Linear-Darstellung
